cloud (Singkham/

Alternative to TIC-based VPN gets FedRAMP approval

The Zscaler Private Access-Government platform is now authorized for use under the Federal Risk and Authorization Management Program. The software-as-a-service solution was approved on Aug. 10 under an authority to operate with the Federal Communications Commission.

ZPA is a zero-trust remote-access platform that connects users to applications through signaling technology, creating direct encrypted connections and eliminating the need for a virtual private network, which isn’t necessarily secure.

ZPA-Government allows agencies to create a trust-to-trust connection, meeting the federal government’s encryption guidelines and allowing traffic to bypass the trusted internet connecton requirement.  

The platform ensures that only authorized users and devices have access to specific internal applications. It uses lightweight, infrastructure-agnostic software to connect both users and applications to the Zscaler Security Cloud, where brokered connections are stitched together, the company's website explained.

"With ZPA-Government we’re able to connect trusted users to trusted internal applications over a zero-trust platform," said Byron Caswell, senior advisor for the FCC’s Information Technology organization. The platform eliminates issues associated with traditional TIC-based "VPN solutions that require significant maintenance and excessive backhauling,” he said.

“We [connect you directly to] the application since we know that it is a secure user and application,” said Stephen Kovac, vice president of global government and compliance at Zscaler. “We … can control exactly where the user goes” using the solution's policy-based access control.

The SaaS solution also provides full visibility into an agency’s internal application environment, helping IT managers understand user activity and define access policy for internal applications.

Editor's note: This article and headline were changed Aug. 20 to clarify how the solution works and that the service is an alternative to TIC-based VPNs, not a complete TIC replacement.

About the Author

Sara Friedman is a reporter/producer for GCN, covering cloud, cybersecurity and a wide range of other public-sector IT topics.

Before joining GCN, Friedman was a reporter for Gambling Compliance, where she covered state issues related to casinos, lotteries and fantasy sports. She has also written for Communications Daily and Washington Internet Daily on state telecom and cloud computing. Friedman is a graduate of Ithaca College, where she studied journalism, politics and international communications.

Friedman can be contacted at [email protected] or follow her on Twitter @SaraEFriedman.

Click here for previous articles by Friedman.


  • Pierce County

    CARES dashboard ensures county spending delivers results

    The CARES Act Funding Outcomes Dashboard helps Pierce County, Wash., monitor funding and key performance indicators for public health emergency response, economic stabilization and recovery, community response and resilience, and essential government services.

  • smart city challenge

    AI-based traffic management improves mobility, saves fuel, cuts pollution

    Researchers are developing a dynamic feedback traffic signal control system that reduces corridor-level fuel consumption by 20% while maintaining a safe and efficient transportation environment.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.