We are excited to announce our public sector suite of services, Cloudflare for Government, has achieved FedRAMP Moderate Authorization. The Federal Risk and Authorization Management Program (“FedRAMP”) is a US-government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP Moderate Authorization demonstrates Cloudflare’s continued commitment to customer trust, and Cloudflare for Government’s ability to secure and protect US public sector organizations.
Key differentiators
We believe public sector customers deserve the same experience as any other customer — so rather than building a separate platform, we leveraged our existing platform for Cloudflare for Government. Cloudflare’s platform protects and accelerates any Internet application without adding hardware, installing software, or changing a line of code. It’s also one of the largest and fastest global networks on the planet.
One of the things that distinguishes Cloudflare for Government from other FedRAMP cloud providers is the number of data centers we have in scope, with each able to run our full stack of FedRAMP Authorized services locally, with a single control plane on our private backbone. Networking and security services can only improve the user experience if they are run as close to the user as possible, even if the user doesn’t live on an east or west coast hub. While other cloud service providers may only have a handful of data centers within their FedRAMP environment, Cloudflare for Government includes over 30 of our US-based data centers. This provides Cloudflare for Government customers with the same speed, availability, and security that non-highly regulated customers have come to expect from us.
Cloudflare for Government services
Cloudflare for Government is a suite of services for U.S. government and public sector agencies, delivered from our global, highly resilient cloud network with built-in security and performance.
Application services
Web Application Firewall with API protection provides an intelligent, integrated and scalable solution to protect your critical web applications. Rate Limiting protects against denial of service attacks, brute force login attempts, and other abusive behavior that targets the application layer. Load Balancing improves application performance and availability by steering traffic from unhealthy origin servers and dynamically distributing it to the most available and responsive server pools.
Bot Management manages good and bad bots in real-time, helps prevent credential stuffing, content scraping, content spam, inventory hoarding, credit card stuffing, and application DDoS. CDN provides ultra-fast static and dynamic content delivery over our global network; it offers users the ability to exercise precise control over how content is cached, helps reduce bandwidth costs and take advantage of built-in unmetered DDoS protections. Enterprise grade DNS offers the fastest response time, unparalleled redundancy, and advanced security with built-in DDoS mitigation and DNSSEC.
Zero trust
Zero Trust Network Access creates secure boundaries for applications by allowing access to resources after verifying identity, context, and policy adherence for each specific request. Remote Browser Isolation provides a fast and reliable solution for remote browsing by running all browser code in the cloud. Secure Web Gateway protects users and data by inspecting user traffic, filtering and blocking malicious content, and identifying compromised devices.
Network services
Cloudflare for Government can replace your legacy WAN architecture with Cloudflare’s WAN-as-a-Service which provides expansive connectivity, cloud-based security, performance and control. L3/4 DDoS can protect your websites, applications, and network — Cloudflare blocks an average of 87 billion threats per day! Network Interconnect enables you to directly connect your on-premise networks and cloud hosted environments to Cloudflare for Government.
Developer platform
Workers provides a serverless execution environment that allows you to create entirely new applications or augment existing ones without configuring or maintaining infrastructure. Workers KV is a global, low-latency, key-value data store. It supports exceptionally high read volumes with low-latency, making it possible to build highly dynamic APIs and websites which respond as quickly as a cached static file would. Durable Objects provides low-latency coordination and consistent storage for the Workers platform through two features: global uniqueness and a transactional storage API.
What’s next for Cloudflare for Government
Our achievement of FedRAMP Moderate for our Cloudflare for Government suite of products is the first step in our journey to help secure government entities. As you may have read earlier this week, our focus hasn’t been only with the US public sector. Our Zero Trust products are being leveraged to protect critical infrastructure in Japan, Australia, Germany, Portugal, and the UK. We’re also securing organizations qualified under Project Galileo and Athenian with our Cloudflare One Zero Trust suite at no cost. We will expand the Cloudflare for Government suite to allow governments all over the world to have the opportunity to use our services to protect their assets and users.
We aim to help agencies build stronger cybersecurity, without compromising the customer experience of the government services that all US citizens rely on. We invite all our Cloudflare for Government public and private partners to learn more about our capabilities and work with us to develop solutions to the rapidly evolving security demands required in complex environments. Please reach out to us at [email protected] with any questions.
For more information on Cloudflare’s FedRAMP status, please visit the FedRAMP Marketplace.