* [Blog](https://www.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/) * [CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/) * VM-Series for AWS GovClou... # VM-Series for AWS GovCloud: Securely Enabling "Cloud First" for Government Agencies [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F05%2Fvm-series-for-aws-govcloud-securely-enabling-cloud-first-for-government-agencies%2F) [](https://twitter.com/share?text=VM-Series+for+AWS+GovCloud%3A+Securely+Enabling+%E2%80%9CCloud+First%E2%80%9D+for+Government+Agencies&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F05%2Fvm-series-for-aws-govcloud-securely-enabling-cloud-first-for-government-agencies%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F05%2Fvm-series-for-aws-govcloud-securely-enabling-cloud-first-for-government-agencies%2F&title=VM-Series+for+AWS+GovCloud%3A+Securely+Enabling+%E2%80%9CCloud+First%E2%80%9D+for+Government+Agencies&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2016/05/vm-series-for-aws-govcloud-securely-enabling-cloud-first-for-government-agencies/&ts=markdown) \[\](mailto:?subject=VM-Series for AWS GovCloud: Securely Enabling “Cloud First” for Government Agencies) Link copied By [Matt Keil](https://www.paloaltonetworks.com/blog/author/matt/?ts=markdown "Posts by Matt Keil") May 18, 2016 3 minutes [CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown) [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown) [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown) [AWS](https://www.paloaltonetworks.com/blog/tag/aws/?ts=markdown) [Cloud First](https://www.paloaltonetworks.com/blog/tag/cloud-first/?ts=markdown) [GovCloud](https://www.paloaltonetworks.com/blog/tag/govcloud/?ts=markdown) [VM-Series](https://www.paloaltonetworks.com/blog/tag/vm-series/?ts=markdown) [VPN](https://www.paloaltonetworks.com/blog/tag/vpn/?ts=markdown) "Cloud first" is rapidly becoming a key initiative for organizations and agencies in both the public and private sector. As far back as 2010, cloud first was included as part of a comprehensive effort to increase the operational efficiency of federal technology assets, as outlined in the U.S. Chief Information Officer's ["25-Point Implementation Plan to Reform Federal IT Management."](https://www.fas.org/sgp/crs/misc/R42887.pdf) Since the release of that 2010 initiative, numerous other federal governments have followed suit, adopting a 'cloud first' approach, including [the U.K](https://www.gov.uk/government/news/government-adopts-cloud-first-policy-for-public-sector-it). and [Australia](http://www.finance.gov.au/sites/default/files/australian-government-cloud-computing-policy-3.pdf). In this case, the U.S. CIO's Cloud First policy means that federal agencies must (1) implement cloud-based solutions whenever a secure, reliable and cost-effective cloud option exists; and (2) begin reevaluating and modifying their individual IT budget strategies to include cloud computing. However, there are a range of challenges facing agencies as they make this shift. For example, some agency CIOs have stated that, in spite of the stated security advantages of cloud computing, they are, in fact, concerned about moving their data from their data centers -- which they manage and control -- to outsourced cloud services. Additional questions around where the data actually resides in the cloud -- is it in the U.S. or elsewhere? -- are sometimes difficult to answer. These, [and other concerns](https://www.paloaltonetworks.com/resources/whitepapers/heart-of-network-meritalk), must be addressed in order to build an agency culture that trusts the cloud. The combination of the [VM-Series virtualized next-generation firewall](https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series-for-aws) deployed in AWS GovCloud (US) can help address some of the concerns around the security and location of data for the U.S. federal market. AWS GovCloud (US) is an isolated AWS region designed to allow U.S. government agencies and customers to move sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements. AWS GovCloud (US) differs from standard AWS regions in many ways, [which Amazon has highlighted](http://docs.aws.amazon.com/govcloud-us/latest/UserGuide/govcloud-differences.html). With the availability of our VM-Series next-generation firewall for AWS GovCloud (US), agencies can now apply to their AWS deployments the same threat prevention and application policy controls used in the physical data centers. ### Taking the Hybrid Approach With full support for standards-based IPsec VPN connectivity, our VM-Series enables you to quickly create a hybrid architecture that extends your existing data center into AWS via an encrypted tunnel. This enables you to get started with small projects to learn and then expand. More complex projects can be protected using segmentation principles and whitelisting[to maintain compliance and prevent cyberattacks from moving laterally from VPC-to-VPC and subnet-to-subnet.](https://www.paloaltonetworks.com/resources/whitepapers/heart-of-network-meritalk) A full suite of native management features automates the firewall deployment and policy updates, while Panorama (purchased separately) allows the VM-Series to be managed centrally alongside our firewall appliances to maintain security policy consistency. [The VM-Series for AWS GovCloud (US)](https://console.amazonaws-us-gov.com/ec2/home?region=us-gov-west-1)(*Login Required*) is available as a Bring Your Own License (BYOL), which allows you to choose the VM-Series next-generation firewall license, the related Subscriptions (Threat Prevention (includes IPS, AV, malware prevention), WildFire, URL Filtering (PAN-DB), GlobalProtect -- and annual support programs that are appropriate for your needs. Learn more about the VM-Series for AWS [here.](https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series-for-aws) *** ** * ** *** ## Related Blogs ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown) [#### AWS Auto Scaling Integration- Another Problem Solved Through Innovation](https://www.paloaltonetworks.com/blog/2016/09/aws-auto-scaling-integration-another-problem-solved-through-innovation/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown) [#### Automating Visibility and Protection for Cloud VMs](https://www.paloaltonetworks.com/blog/cloud-security/automating-visibility-protection-cloud-vms/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown) [#### Prisma Cloud Secures Containerized Apps on AWS-Optimized Bottlerocket](https://www.paloaltonetworks.com/blog/cloud-security/secure-containerized-app-aws-bottlerocket/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Securing Large Scale AWS Deployments with a Transit VPC](https://www.paloaltonetworks.com/blog/2018/04/securing-large-scale-aws-deployments-transit-vpc/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### How Palo Alto Networks Scales Next-Gen Security on AWS](https://www.paloaltonetworks.com/blog/2018/02/palo-alto-networks-scales-next-gen-security-aws/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Firewall](https://www.paloaltonetworks.com/blog/category/firewall/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown) [#### VM-Series Support for Azure Government](https://www.paloaltonetworks.com/blog/2017/05/advanced-threat-prevention-now-available-microsoft-azure-government-cloud/) ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language