Today, we are proud to share that the Department of Defense (DoD) Defense Innovation Unit (DIU) announced that Zscaler successfully completed a Secure Cloud Management (SCM) prototype. The project launched in May 2020, and the evaluation confirms Zscaler can deliver fast, secure, and controlled access to SaaS cloud services directly over the Internet, simplifying DIU’s ability to engage with non-traditional technology vendors.
A third party assessed the prototype using Defense Information Systems Agency (DISA)-developed criteria. DIU then issued a success memo to Zscaler, enabling Department of Defense (DoD) organizations to contract with vendors without needing to re-compete.
“These solutions simplify engagement with non-traditional technology vendors by allowing DIU users to collaborate in real time. The solutions provide equivalent security and control to the DoD’s Cloud Access Point (CAP) while delivering real-time performance, which is critical for such things as videoconferencing and file sharing,” said John Chen, interim CIO for DIU.
Zscaler is focused on giving customers access to modern, mission-critical applications, including those that require the most stringent security and work in some of the world’s most remote and challenging environments.
“The DoD is working to strengthen cyber defenses on many fronts. DIU is exploring and testing new innovative approaches in security architecture. CMMC is in its final stages to improve security consistency to all contractors working with the federal government," said Patrick Perry, Director of Emerging Technology, Zscaler. "But, we have to approach things differently than in the past. Government as a whole can transform security by taking a user-centric approach, where the first priority is to protect the data, then provide secure access once contextual validation occurs, and finally applying appropriate security based on risk scoring – whether accessing the internet or applications that reside in an on-prem data center or using a cloud service."
The Zscaler Zero Trust Exchange is consistent with the May 2021 Executive Order on Improving the Nation’s Cybersecurity, and with DISA’s recently published Zero Trust Reference Architecture. The DIU anticipates the project’s results will help inform DoD entities as they formulate their own zero trust plans.
The Zero Trust Exchange platform includes Zscaler Private Access (ZPA), a FedRAMP-High JAB authorized network access service that connects trusted users directly to trusted cloud applications; and Zscaler Internet Access (ZIA), the first secure internet gateway solution to earn FedRAMP certification. ZIA is currently prioritized for FedRAMP-High JAB authorization.
- Zero attack surface – apps are never exposed to the internet; you can’t attack what you can’t see
- Direct connections to an app, not a network – segment of one, no exposure of any additional resources or data, no ability to move laterally or connect to C&C servers
- Proxy architecture, not passthrough – full content inspection including SSL; holds and inspects unknown files before reaching the endpoint
- Multitenant architecture – cloud-native, multi-tenant design; continuous security updates
- Secure Access Service Edge (SASE) – policy enforced at the edge in 150 DCs (SASE), peering in internet exchanges, hundreds of apps
This project underscores the Pentagon’s continued modernization commitment. Maximum telework accelerated change and today, workforce expectations and needs continue to evolve. Cyber-adversaries continue to seek new ways to take advantage of vulnerabilities. Zero trust-based secure cloud access is core to the foundation for mission success.
For more information, see the DIU’s press release here.