Posted: 2 Min ReadProduct Insights

Symantec Gov Cloud – Web Protection Reaches FedRAMP® “In Process” Status

Strengthening US Federal Agencies’ cloud-first strategy with cloud-native security

In moving to the cloud US Federal agencies have these questions: 

  • How do I protect users, regardless of where they are located, from the evolving threat landscape and targeted attacks?
  • How does our organization ensure data is secure and in compliance with legal regulations?
  • Can we effectively manage new types of devices and securely support mobile and remote users?
  • How do we migrate our current infrastructure to the cloud without sacrificing security, functionality, or flexibility?

The challenges for the U.S. government, which is now driving a “cloud-first” policy, are different than for commercial enterprises. U.S. federal agencies that adopt cloud solutions are required to use products that have gone through the rigorous evaluation process known as the Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is based on NIST controls and provides that level of confidence in the controls implemented for those agencies to use these cloud solutions.

As government entities pursue a cloud-first strategy, they must deal with additional questions:

  • What controls are needed to satisfy security and privacy requirements to adequately manage mission and business risk, as well as risk to individuals?
  • Have appropriate controls been implemented or is there a plan in place to do so?
  • What is the required level of assurance that the controls are effective when implemented and perform as designed?

Symantec has the answer: Cloud Secure Web Gateway (SWG). Symantec Cloud SWG has gone through the FedRAMP process, undergone rigorous testing that was sponsored by a major US Federal Agency, and is now posted on the FedRAMP marketplace as “In Process” and waiting for full authorized status  for broad U.S. Federal Agency use. This is a major milestone in delivering Symantec Security to agencies that need the highest levels of protection.

Symantec delivers comprehensive security that enterprises and agencies use to enforce consistent web security and compliance policies for all users, regardless of location or device. It is built on Symantec’s industry-leading, advanced proxy architecture that authenticates every user and enables deep inspection/control of all Internet traffic, even encrypted. Symantec Cloud SWG is fed by the Symantec Global Intelligence Network to ensure real-time protection against known and unknown web-borne threats.

Cloud SWG is the core component of Symantec Gov Cloud – Web Protection solution. This product addresses customers’ needs by extending Secure Web Gateway protection for all users, whether they are at an office with trusted on-premises proxy hardware or when they are remote and need the speed and flexibility of a cloud solution. The solution includes Symantec Cloud SWG, Edge SWG (on-premises) for complete web traffic inspection and validation, Intelligence Services for real-time threat data, cloud application visibility and control, Symantec Content Analysis sandboxing for deep file inspection, and SSL/TLS inspection for visibility into all traffic. Whether customers go with a combination of Edge SWG and Cloud SWG or go directly to a Cloud-only deployment, they can be confident they are getting the same level of protection.

Security Architects at Federal agencies can be assured that Symantec answers the questions they need to address. The security team can rely on Symantec knowing that we have implemented the controls necessary to address their unique security and privacy requirements and still meet stringent government regulations and certifications. The continuous monitoring that FedRAMP requires further guarantees that Symantec will continue to meet the security and privacy requirements that our customers need. To learn more contact your Broadcom representative or visit the Symantec Web Protection page and the FedRAMP Marketplace

Symantec Enterprise Blogs
You might also enjoy
4 Min Read

Defending Against Black Basta Ransomware

A comprehensive overview of attack chain disruption with Adaptive Protection

Symantec Enterprise Blogs
You might also enjoy
3 Min Read

Curiosity – Our Path to Risk Insights

An open framework and curious mindset provides great insights

About the Author

Mark Deardurff

Product Manager, Information Security Group

Mark is a product manager in the Symantec Enterprise Division of Broadcom Software, focusing on risk analytics and expanding cloud risk detection and analytics to support Zero Trust security.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.