IoT Security and FedRAMP
IoT Security is authorized for FedRAMP Moderate.
Where Can I Use This? | What Do I Need? |
The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government program that
promotes the use of secure cloud services by the federal government. Cloud computing
systems categorized at the Moderate security impact level in accordance with the FIPS
Publication 199 security categorization are authorized to store and process government
data. The Palo Alto Networks IoT Security cloud is FedRAMP Moderate authorized.
The IoT Security FedRAMP Moderate solution is intended for use by U.S. government agencies
requiring a standardized approach to the security assessment, authorization, and
continuous monitoring of cloud products and services. It is also intended for use by
commercial entities that do business with the U.S. government. The IoT Security
FedRAMP Moderate solution operates as a separate and distinct entity.
The IoT Security commercial solution and the IoT Security FedRAMP Moderate solution
have the following differences:
IoT Security supports Security policy rule recommendations and Device-ID based automated Zero Trust enforcement for
Prisma Access and for next-generation firewalls in
FIPS mode.
Configure PAN-OS Edge Services to retrieve Device-ID verdicts and
IoT Security Policy Recommendations
using the CLI.
fw> configure
fw# set deviceconfig setting iot edge address \
iot.services-edge.pubsec-cloud.paloaltonetworks.com
fw# commit
fw# quit
fw> debug software restart process icd
For more information about Palo Alto Networks IoT Security FedRAMP authorization, visit these websites: