Concerned about recent PAN-OS and other firewall/VPN CVEs? Take advantage of Zscaler’s special offer today
Read more

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Subscribe
Products & Solutions

Zscaler Digital Experience Achieves FedRAMP High Authorization

image
Optimize Digital Experiences

Contents

  1. Article
  2. More blogs

We’re living in the most flexible era of work in the modern era. People now expect to have the ability to get work down from their device of choice from any location. When people change their working environment they may see differences in user experience, leading to the inevitable help desk ticket “The network is slow”.  When people complain about their experience being slow, it is a relative term. Going 70 MPH on an interstate highway  may be slow to a NASCAR driver. Going 30 MPH on a VESPA may be fast to someone that walks to work everyday. 

When a user says “slow”, what they’re really saying is there is a difference, something is happening differently to them than they’re used to experiencing. That's why these issues are often the longest lived and the hardest tickets to troubleshoot. We're trying to comprehend and assess the delta in performance when we don't have good visibility on the norm.

Zscaler Digital Experience, or ZDX, was created to solve this very challenge - to keep users productive by rapidly detecting and resolving app, network and device issues. We are pleased to announce that ZDX is now authorized at FedRAMP High and Moderate baselines.

 

A long-standing commitment to FedRAMP

Zscaler has long been a proponent of FedRAMP, as we firmly believe in the model that a Cloud Service Provider goes through the authorization process once and then the security package can be reused by any federal agency.  

Zscaler’s first FedRAMP authorization was in 2018 when Zscaler Internet Access (ZIA) Government (Secure Web Gateway – vTIC)™ became one of the first multi-tenant Cloud Security Platforms known in the government that meets the Cybersecurity and Infrastructure Security Agency (CISA) TIC 3.0 guidelines. It has been the market leader as agencies work to meet IT modernization goals of achieving efficiencies of shared services, mobile workforce enablement, improved FITARA scores, and more.

Over the years, we continue to invest in our steadfast commitment to the U.S. Federal Government’s mission, culminating in Zscaler’s entire Zero Trust Exchange platform FedRAMP achieving authorization at both moderate and high levels at the end of 2022. This includes ZIA, ZPA (Zscaler Private Access) a cloud-delivered zero trust service that uses a distributed architecture to provide fast and secure access to private applications running on-premise or in the public cloud, and most recently ZDX. 

Government continues to make great progress with digital transformation at the same time that new vulnerabilities and threats arise. The attack surface has expanded and become more complex, making it harder to protect. Zscaler is leading the effort to implement Zero Trust solutions with the first and only Zero Trust Architecture and SASE platform to be offered end to end at both FedRAMP moderate and high baselines in order to meet the data security needs of the customer. 

 

The important of digital experience

Federal employees at all levels are operating in a hybrid or work from home environment. According to the Pew Research Center, about a third of all workers are working entirely from home and another 40% are in hybrid arrangements. The traditional networking tools that IT professionals have used to see network conditions only really give you visibility when you're connected to a government network. Tools that only investigate on-prem network conditions  are losing value as we're seeing a transition to adopting more of zero trust technologies. Agencies are using modern technology to reduce their risk and reduce lateral network. Some of these Federal Government networks have been architected to be equivalent to a shared office location with no government applications or data in the users’ network, turning these offices into essentially a Starbucks.

So how do we understand what is happening to the user experience? Zscaler’s approach is to have a client on the end point where the user is, to have telemetry in the cloud where the user is connecting through, and to have telemetry on the SaaS side. With this, we can understand the condition of those SaaS the users are getting access to or the private applications, and we can put that together and create a user experience profile over a period of time.

ZDX provides a number of benefits with this approach including:

  • Visibility across devices, networks, and apps - even those not in your control
  • Detecting issues before users complain, and quickly pinpointing root causes
  • Simplifying your monitoring stack with a single end-to-end view

 

Image

 

Let’s go back to our Federal employee who is raising a ticket for “slow” experience. ZDX provides, in a FedRAMP high authorized environment, the ability to clearly and simply visualize complex data points that create a “user experience.” Over a period of time, we can see what a good or normal user experience is - the baseline of that user. Now when a user raises a performance issue, we can look for the deltas. We can actually light up a simple dashboard to see green, yellow or red - to show visually that something different is happening from the baseline user experience.

The ability to quickly assess a variation from baseline user experience is a significant benefit for any agency or organization. It allows you to get to the root problems faster without hoping that you catch whatever was happening to the user in a troubleshooting session. Pro-actively troubleshooting at a FedRAMP high level, where loss of confidentiality, integrity, or availability of data could be catastrophic is a critical outcome for agencies with FedRAMP High requirements. 

 

Locating users

Another area where ZDX provides value in FedRAMP high environments is knowing where users are located. For example, when people come into the network to access government resources that are outside the United States. There are many use cases  for OCONUS access for government users - people travel for personal and work purposes, and the US government stations employees in almost every country in the world. 

Some agencies, however, don't have that same geography coverage. The ZDX dashboard can light up immediately if we are seeing access from questionable areas, or at least put additional scrutiny on them. With ZDX agencies can see individual  user interaction over time, user interaction from location, proactive monitoring and alerts. We can see how consistently users are logging in over a period of time, regardless of where they are working from. There needs to be authentication for people to log on and do their work, and ZDX allows people to demonstrate the great work they are doing from any device or location.

 

A customer’s perspective

At the 2023 Zscaler Public Sector Summit, Jack McCarthy, Government Chief Information Officer, shared his personal experience with ZDX:

I was working from home and having an issue. Being my own home support IT guy, I said “I know what to do.” I called my Internet provider and asked them to upgrade my network to the new gigabyte speed. Still not working. So then it has to be my internal network. I went out and bought the latest and greatest mesh network and installed it in my house. Still not working.

Our Director of Technical Services & Infrastructure installed ZDX and what we found was six hops into my Internet provider, there was an IP address dropping 90% of my packets. So nothing I was doing was wrong.

We were able to tell the Internet provider, “This is the problem. It’s this IP address.” They went and found it, either replaced it or rebooted it, and everything was back up and running. Using ZDX was such a great tool because we were able to see exactly where the problems arise. 

Here is an example of ZDX identifying home performance issues that are caused by a local ISP:

 

Image

 

ZDX is designed to ensure a seamless user experience and get users back to work faster. By exposing root causes with AI-powered analysis, support teams are able to quickly isolate root causes in devices, Wi-Fi, security services, networks, or apps. Federal agencies can proactively detect issues, monitor security data and improve the user experience of our government employees at the FedRAMP high level.

Visit our Zscaler US Government Solutions page for more information.

 

form submtited
Thank you for reading

Was this post useful?

vote yes
Yes, very!
vote no
Not really

Explore more Zscaler blogs

Achieve Business and Operational Goals By Understanding the Economics of Monitoring Silos
Achieve Business and Operational Goals By Understanding the Economics of Monitoring Silos
Read post
Unleashing the Power of Zscaler Cloud Operations for Unprecedented Cloud Resilience
Unleashing the Power of Zscaler Cloud Operations for Unprecedented Cloud Resilience
Read post
ZDX & Data Privacy – A Summary of ZDX in the Context of Workers Council Concerns
ZDX & Data Privacy – A Summary of ZDX in the Context of Workers Council Concerns
Read post
Reduce Mean Time To Resolution With Zscaler’s Digital Experience Monitoring
Reduce Mean Time To Resolution With Zscaler’s Digital Experience Monitoring and Avanade
Read post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.