cloud (Singkham/

Alternative to TIC-based VPN gets FedRAMP approval

The Zscaler Private Access-Government platform is now authorized for use under the Federal Risk and Authorization Management Program. The software-as-a-service solution was approved on Aug. 10 under an authority to operate with the Federal Communications Commission.

ZPA is a zero-trust remote-access platform that connects users to applications through signaling technology, creating direct encrypted connections and eliminating the need for a virtual private network, which isn’t necessarily secure.

ZPA-Government allows agencies to create a trust-to-trust connection, meeting the federal government’s encryption guidelines and allowing traffic to bypass the trusted internet connecton requirement.  

The platform ensures that only authorized users and devices have access to specific internal applications. It uses lightweight, infrastructure-agnostic software to connect both users and applications to the Zscaler Security Cloud, where brokered connections are stitched together, the company's website explained.

"With ZPA-Government we’re able to connect trusted users to trusted internal applications over a zero-trust platform," said Byron Caswell, senior advisor for the FCC’s Information Technology organization. The platform eliminates issues associated with traditional TIC-based "VPN solutions that require significant maintenance and excessive backhauling,” he said.

“We [connect you directly to] the application since we know that it is a secure user and application,” said Stephen Kovac, vice president of global government and compliance at Zscaler. “We … can control exactly where the user goes” using the solution's policy-based access control.

The SaaS solution also provides full visibility into an agency’s internal application environment, helping IT managers understand user activity and define access policy for internal applications.

Editor's note: This article and headline were changed Aug. 20 to clarify how the solution works and that the service is an alternative to TIC-based VPNs, not a complete TIC replacement.

About the Author

Sara Friedman is a reporter/producer for GCN, covering cloud, cybersecurity and a wide range of other public-sector IT topics.

Before joining GCN, Friedman was a reporter for Gambling Compliance, where she covered state issues related to casinos, lotteries and fantasy sports. She has also written for Communications Daily and Washington Internet Daily on state telecom and cloud computing. Friedman is a graduate of Ithaca College, where she studied journalism, politics and international communications.

Friedman can be contacted at [email protected] or follow her on Twitter @SaraEFriedman.

Click here for previous articles by Friedman.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.