ZIA and ZDX Achieve DoW Impact Level 5 Provisional Authorization

Today’s warfighter operations demand speed, resilience, and trusted connectivity across users, devices, and mission partners anywhere, across coalition networks, and in expeditionary environments while the threat landscape continues to evolve. Adversaries are increasingly targeting defense supply chains, logistics systems, and operational data as the “network” has expanded far beyond any traditional perimeter and can no longer be secured with legacy, perimeter-based defenses. This operational reality is exactly why the Department of War (DoW) mandated targeted Zero Trust adoption by FY2027. However, meeting that mandate requires platforms capable of handling highly sensitive data without degrading mission speed.

That is why I am proud to share a major milestone: the Department of War (DoW) has granted Zscaler Internet Access (ZIA) and Zscaler Digital Experience (ZDX) Impact Level 5 (IL5) Provisional Authorization (PA), the DoW’s highest level unclassified cloud authorization. This authorization extends Zscaler’s cloud native Zero Trust platform into DoW environments handling Controlled Unclassified Information (CUI) and National Security Systems (NSS) information, helping defense organizations modernize mission networks without compromising security or compliance.

The perimeter is gone - mission execution can’t wait

DoW agencies operate in a world where users are distributed, mobile, and often deployed in various austere environments, while mission data and applications span hybrid on‑prem and multi‑cloud environments across multiple networks. By leveraging a full proxy architecture, agencies can securely connect users directly to applications without ever bridging the underlying networks, fundamentally cutting off lateral movement. Mission execution also requires collaboration with partners who may not share a common identity infrastructure, while security teams must enforce consistent policy without adding complexity or tool sprawl.

Perimeter-based security can’t keep up. When protection is tied to a fixed network boundary, organizations end up with a patchwork of appliances and point products that are hard to operate, slow to change, and fragile under real operational conditions.

The Department has mandated Zero Trust as its strategic answer. It assumes the environment is contested, continuously verifies users, devices, and access requests, and enforces policy on every transaction, reducing risk by eliminating implicit trust and limiting the blast radius so a single foothold can’t become lateral movement across the mission.

What ZIA brings to the DoW

ZIA is built to secure and control internet and cloud application usage using Zero Trust principles, functioning as a cloud-based Internet Access Point. Rather than relying on legacy on-premise architectures anchored to a perimeter, ZIA enforces security policies at every transaction. This extends protection to remote users, mobile devices, and forward deployed operations without requiring reliance on perimeter appliances.

DOW organizations can use ZIA to apply strong security controls and threat prevention capabilities that align to the operational demands of modern warfare, including:

• Inline TLS/SSL decryption and inspection: Expose and stop threats hidden in encrypted traffic.
• AI-driven threat prevention: Detect and block emerging and unknown attacks
• Command-and-control (C2) detection and disruption: Break adversary communications early
• Cloud-native DLP across web, email, and endpoints: Reduce data leakage and mission-impacting exposure.
• Behavioral analytics at scale: Use massive daily telemetry to identify suspicious activity and stop attacks that evade signature-based defenses.
• Secure coalition collaboration without network exposure: Identity-aware, deny-by-default access with cloud-native enforcement and IdP federation enables rapid cross-organization trust decisions, even without shared identity infrastructure.
• Detect and contain threats at mission tempo: Real-time inspection and continuous policy enforcement with automated isolation/quarantine stops adversaries from turning a foothold into lateral movement across operations.

ZIA provides a globally proven SaaS platform that secures internet and cloud access while enabling distributed operations with consistent, location-agnostic policy enforcement. It eliminates legacy perimeter dependencies, reduces operational overhead, and empowers the DOW to accelerate divestment from hardware in favor of a modern, scalable, Zero Trust–aligned architecture.

What ZDX brings to the DoW

Zscaler Digital Experience (ZDX) delivers end-to-end visibility and rapid troubleshooting for mission users across internet, cloud, and private apps. In IL5 environments where users are dispersed and networks are constrained, ZDX pinpoints whether issues are on the device, local network, path/tunnel, Zscaler service, or the application, cutting time to resolution and preserving operational tempo without heavy packet-capture tooling.

DoW organizations can use ZDX to strengthen mission effectiveness in IL5-aligned operations by enabling:

• End-to-end path visibility: Pinpoint whether degradation is on the endpoint, local/Wi‑Fi/LAN, last mile, Zscaler service edge, or the application/SaaS itself
• Proactive performance monitoring: Use real user metrics and synthetic tests to identify issues before they impact missions and shift changes from reactive to planned
• Faster incident triage and reduced MTTR: Guided workflows that quickly narrow root cause and reduce time spent “war-rooming” across teams and partners
• Application experience scoring and baselining: Quantify mission impact, track trends over time, and validate whether changes actually improved performance
• Operational insights for distributed and forward users: Compare experience by location, network type, device, or user group—supporting prioritization for constrained expeditionary environments
• Actionable evidence for partner/vendor escalation: Clear telemetry that speeds up resolution when the issue resides outside the enterprise boundary

In practical terms, ZDX keeps IL5 missions moving by turning performance and reachability problems into clear, measurable, rapidly diagnosable outcomes cutting time to resolution, improving service reliability, and sustaining consistent operations for dispersed users across constrained networks.

A unified Zero Trust platform for unclassified mission requirements

IL5 is built for unclassified environments where the sensitivity of the data and the operational impact of unauthorized disclosure demands heightened safeguards. Because it must meet DoW-specific security requirements, IL5 is among the most rigorous commercial cloud authorizations for unclassified defense workloads, enabling DoW components, military services, defense agencies, and mission partners to accelerate cloud adoption and operational agility without compromising mission security.

With the IL5 PA, ZIA and ZDX now join Zscaler Private Access (ZPA) to deliver the DoW a single, unified Zero Trust platform for unclassified environments, securing internet/SaaS and private application access with consistent policy enforcement across users, devices, and locations. This reduces dependence on legacy perimeter tools and VPN backhaul, while ZDX provides end-to-end experience visibility to isolate issues quickly and protect mission tempo resulting in stronger data protection, least-privilege access, and measurable operational assurance without sacrificing user productivity.

DoW Zero Trust by FY2027 - Move Forward with Confidence

The FY2027 Zero Trust deadline is rapidly approaching, and agencies can no longer afford to choose between rigorous compliance and operational speed. Modern operations demand secure, reliable connectivity wherever the mission goes. The ZIA and ZDX DoW IL5 PA is a meaningful step for organizations handling CUI and NSS information, enabling cloud-native, resilient security built for distributed operations while meeting rigorous compliance requirements. This milestone also reinforces Zscaler’s broader federal commitment backed by DoW IL2, FedRAMP Moderate and High authorizations, CMMC Level 2, DoW IL5, and active path to DoW IL6 so agencies and mission partners can modernize with confidence, reduce legacy complexity, and deploy Zero Trust protections aligned to today’s operational realities.