Updated on 11/15/2022
Since this blog was published in September 2021, VMware SD-WAN™ on AWS GovCloud achieved Federal Risk and Authorization Management Program (FedRAMP) High Authorization through the Joint Authorization Board (JAB). Now government entities have 5 reasons to evolve to market-leading, widely recognized VMware SD-WAN.
- Find VMware SD-WAN in the FedRAMP Marketplace under VMware Government Services (VGS)
- Read our blog post about VMware SD-WAN FedRAMP certification
Customer enterprises are on a journey to transform their network and security.
As federal agency CISOs roadmap their network transformation, many are looking to transition from traditional router-based managed WANs to software-defined WANs, such as VMware SD-WAN.
And as they plan out their security transformation, many are shifting from a purely on-premise environment to a hybrid on-premise cloud infrastructure, which delivers a scalable solution that’s similar to on-premise.
CISOs are moving away from legacy infrastructure because the antiquated technology raises significant questions for them:
- How can our network be more agile?
- How can we simplify operations?
- How can we increase security?
- How can our users securely connect to the cloud?
Unfortunately, these goals cannot be achieved with the enterprise’s existing infrastructure.
As federal agencies digitally transform, they must reconsider their existing legacy infrastructure, which has served them well, but is also very expensive to operate and manage.
In response, some vendors may offer an on-premise solution that doesn’t scale or isn’t necessarily designed for the cloud.
But what if CISOs require flexibility to either deploy an on-premise solution or fully transition to the cloud?
Delivering industry-leading agility, simplicity, visibility and security, SD-WAN fills that gap, offering a unique hybrid model that can be deployed on-premises, fully in the cloud, or hybrid, where the VMware SASE Orchestrator resides in the cloud and the VMware SD-WAN Gateway lives on-premises.
And by incorporating SD-WAN into their infrastructure, federal agencies are effectively setting the table for VMware SASE, a larger solution that incorporates cutting-edge cloud security services.
Why are federal agencies transitioning to VMware SD-WAN?
1. Agility. Traditionally, networks are deployed location by location. This manual, tedious, and complex task creates a long lead time for rolling out an entire network.
What if there was a better way? By leveraging VMware SD-WAN, federal IT teams significantly speed up their network rollout — deploying it in just a day — and soon, mere hours.
VMware SD-WAN delivers agility through rapid remote branch onboarding with zero-touch deployment that heavily leverages automation and Smart Default preconfigured settings. This enables a user with no technical background to simply plug in a device, flip a switch and get connected.
What does this agility mean for government agencies? They can control their costs — part of which includes flying engineers around the world to roll out new infrastructure — avoid training many employees, reduce IT team workloads, and simplify how new remote sites and users are added.
2. Simplicity. Rolling out network configuration and security policies across the network shouldn’t be viewed as rocket science. However, many federal agencies suffer through this. What if there was a simpler alternative?
Enter VMware SD-WAN. The solution empowers IT teams to easily scale network configuration and security policies that are tied to applications. As a result, applications support the enterprise in the way that IT prescribes, versus the opposite, where the enterprise must adapt to the apps. This enables IT to quickly establish the apps, create their profiles, and apply unique policies.
For example, a company’s distributed workforce likely relies on collaboration tools like Zoom. With VMware SD-WAN, IT can set a policy that highlights Zoom as a higher priority app over other apps. And, after IT creates a policy once, they can duplicate it countless times across the entire enterprise, saving tremendous time and effort.
3. Visibility. Today, many federal agencies lack a centralized orchestration automation engine that empowers them to visualize their entire network and its performance.
To solve this challenge, VMware SD-WAN incorporates VMware Edge Network Intelligence™ — an artificial intelligence for IT operations (AIOps) solution — which harnesses artificial intelligence, machine learning, big data, and other leading-edge analytics solutions to automate and enhance IT operations, find anomalies, perform automatic security incident remediation, and much more, taking IT efficiency to the next level.
Combining this with VMware vRealize Network Insight empowers IT teams with holistic views of end-to-end application traffic — extending from the branch to the data center and into the cloud.
4. Security. As cybersecurity threats continue to multiply, federal agency IT teams must reliably secure large volumes of digital data, operations, and assets.
From identity management and multi-tenanted environments to encryption and public key infrastructure, VMware SD-WAN’s highly reliable security-related features meet the tough industry requirements of federal government agencies, as evidenced by the solution’s Federal Information Processing Standard (FIPS) Publication 140-2 certification.
Why is this so important? It ensures that VMware SD-WAN uses cryptographic modules including authentication, digital signatures, key management, and hardware and software encryption to meet rigorous government requirements.
But being FIPS 140-2 certified doesn’t just make VMware SD-WAN available to federal governments — financial sector customers and Fortune 100 companies can benefit from the solution as well. So, across industries, whether IT teams want to deploy hardware for on-premise or software in the cloud, VMware SD-WAN has them covered.
What’s next for VMware SD-WAN?
FIPS 140-2 kicks off the first series of certifications for VMware SD-WAN. Up next: FedRAMP High authorization, which will soon certify VMware-hosted cloud services’ higher security and that VMware SD-WAN can protect federal agencies’ highly sensitive, unclassified information within a cloud compute environment.
How can VMware SD-WAN accomplish that? It’s hardening its overall solution and adding innovative capabilities which allows the solution to deploy in a secure manner typically required by high security agencies, where their orchestrator sits securely behind multiple layers of firewall devices and allows the solution to securely operate.
Beyond that, it’s satisfying FedRAMP requirements for continuous monitoring, access control, auditing, security assessment and authorization, contingency planning, secure SDLC and incident response.
And FedRAMP isn’t just applicable to the federal government. It also extends to state, local, and tribal agencies along with any companies working with the federal government, as well as the critical infrastructure sectors.
Federal agencies are turning to VMware SD-WAN due to its agility and simplicity, which helps IT teams rapidly roll out the solution — in hours rather than days — and better manage their network across distributed workforces, delivering enhanced performance and security without compromise. The solution also provides great visibility into possible network and application issues — thus reducing time to resolution. Lastly, VMware SD-WAN enables teams to confidently safeguard critical data, operations, and assets against internal and external threats.
And by incorporating SD-WAN into their infrastructure, IT teams are effectively setting the table for a larger SASE solution, which will incorporate cutting-edge cloud security services, significantly improving their overall network security.
Learn more
- Read about VMware SASE for federal government on our web page
- Download the solution overview Modernize Public Sector Networks with Trusted SD-WAN