* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [Government](https://www.paloaltonetworks.com/blog/category/government/)
* Securing US Federal Agenc...

# Securing US Federal Agency Remote Workers and Branch Offices

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2020%2F04%2Fnetwork-federal-agency-remote-workers%2F)  
[](https://twitter.com/share?text=Securing+US+Federal+Agency+Remote+Workers+and+Branch+Offices&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2020%2F04%2Fnetwork-federal-agency-remote-workers%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2020%2F04%2Fnetwork-federal-agency-remote-workers%2F&title=Securing+US+Federal+Agency+Remote+Workers+and+Branch+Offices&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2020/04/network-federal-agency-remote-workers/&ts=markdown)  
\[\](mailto:?subject=Securing US Federal Agency Remote Workers and Branch Offices)  
Link copied  
By [Francisco Castillo](https://www.paloaltonetworks.com/blog/author/francisco-castillo/?ts=markdown "Posts by Francisco Castillo") and [Jason Georgi](https://www.paloaltonetworks.com/blog/author/jason-georgi/?ts=markdown "Posts by Jason Georgi")  
Apr 13, 2020  
5 minutes  
[Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown)  
[Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)  
[Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)  
[Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)  
[Branch Security](https://www.paloaltonetworks.com/blog/tag/branch-security/?ts=markdown)  
[FedRAMP](https://www.paloaltonetworks.com/blog/tag/fedramp/?ts=markdown)  
[Government](https://www.paloaltonetworks.com/blog/tag/government2/?ts=markdown)  
[Prisma Access](https://www.paloaltonetworks.com/blog/tag/prisma-access/?ts=markdown)  
[remote access](https://www.paloaltonetworks.com/blog/tag/remote-access/?ts=markdown)

During the COVID-19 pandemic, governments everywhere are focusing on delivering essential citizen services and maintaining critical infrastructure while keeping their workers safe. While Palo Alto Networks has announced [programs to help rapidly scale secure telework options](https://www.paloaltonetworks.com/blog/2020/03/cloud-securing-remote-workforces/?ts=markdown) during this pandemic, we're also working on longer-term plans to address the changing world of work. Here in the U.S., this crisis has demonstrated the continuing need to ensure confidentiality, integrity and availability of services to federal agency personnel, regardless of location.

Recently, the Office of Management and Budget (OMB) released a [memorandum](https://www.whitehouse.gov/wp-content/uploads/2019/09/M-19-26.pdf) outlining updates to the [Trusted Internet Connections (TIC) initiative.](https://www.cisa.gov/trusted-internet-connections) TIC 3.0 aims to help agencies adopt modern security capabilities while connecting to the internet and other services outside their traditional perimeter.

Older TIC guidance has hindered agency adoption of cloud and mobile services, which are key aims of the [Cloud Smart](https://cloud.cio.gov/strategy/) strategy. Traditionally, federal agencies had few options to secure their branch offices and remote users connecting to the internet for cloud and Software-as-a-Service (SaaS) access. They could build and manage their own TICs or acquire TICs from managed services providers. They backhauled their branch office traffic over private links to their data centers and then to the TICs.

Mobile workers are key to achieving many agency missions, but similarly, securing them has been challenging. Agencies typically use different security products to connect remote users to their office or data center. This introduces another security stack to manage, and application performance for remote users falls the farther they get from their connection point. For both remote users and branch offices, this architecture created a less-than-ideal user experience for everyday applications such as Office 365.

A [secure access service edge](https://www.paloaltonetworks.com/cyberpedia/what-is-sase?ts=markdown) (SASE) helps federal agencies embrace cloud and mobility by providing networking and network security services from a cloud-based, unified platform. [Prisma Access](https://www.paloaltonetworks.com/blog/2019/11/cloud-next-generation-network-security?ts=markdown) by Palo Alto Networks is a comprehensive SASE solution that delivers networking and security ideal for agency branch offices and remote users, two TIC use cases. Palo Alto Networks just announced that [Prisma Access has achieved the designation of "In Process"](https://www.paloaltonetworks.com/company/press/2020/palo-alto-networks-secures-fedramp--in-process--milestone-for-prisma-access?ts=markdown) for the Federal Risk and Authorization Management Program (FedRAMP). Prisma Access is working toward a FedRAMP Moderate authorization, which will enable agencies to meet TIC policy for branch and remote user use cases, and provide a unified policy framework across users.

Rather than creating single-purpose technology overlays that are normally associated with point products, [Prisma Access](https://www.paloaltonetworks.com/prisma/access?ts=markdown) uses a cloud-based infrastructure to deliver security and networking services, which include:

**Networking**

* **SD-WAN** that supports Palo Alto Networks Next-Generation Firewalls and integrates with third-party SD-WAN appliances.
* **VPN** options for connecting users and networks, including IPsec, SSL/IPsec, and clientless VPN.
* **Quality of service (QoS)** that prioritizes bandwidth for critical applications.

**Security**

* **Firewall as a service (FWaaS)** for branch offices and remote locations.
* **Zero Trust network access (ZTNA)** for application access control and threat prevention.
* **DNS security** featuring advanced analytics and machine learning to protect against threats in DNS traffic.
* **Threat prevention** that blocks exploits, malware, and command-and-control (C2) traffic using threat intelligence.
* **Cloud secure web gateway (SWG)** that blocks malicious sites using static analysis and machine learning.
* **Data loss prevention (DLP)** that categorizes sensitive data and applies policies to control access.
* **Cloud access security broker (CASB)** that provides governance and data classification to stop threats with in-line and API-based security.

All users, regardless of where they are located, connect to cloud-delivered Prisma Access to safely use cloud and data center applications. For agency branch offices, Prisma Access offers not only security but [SD-WAN hub as-a-service](https://www.paloaltonetworks.com/blog/2019/11/cloud-sase-secure-sd-wan/?ts=markdown), providing high-performance, low-latency interconnect between branch offices and cloud workloads. Combining [security and end-to-end SD-WAN](https://www.paloaltonetworks.com/cyberpedia/sd-wan-and-sase?ts=markdown) provides excellent user to application experience. By consuming Prisma Access SD-WAN hub as-a-service, agencies eliminate the complexity of building their own SD-WAN hub and interconnect fabric.

[Palo Alto Networks SD-WAN](https://www.paloaltonetworks.com/network-security/sd-wan?ts=markdown) delivers an optimal user experience for cloud applications without compromising security. All users, whether at headquarters, branch offices or remote, can connect to Prisma Access to easily access SaaS, public cloud and data center applications, delivering security and optimized end-to-end performance. Additionally, with our recently announced [SLAs for SaaS](https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/datasheets/support/prisma-access-service-sla.pdf?ts=markdown) delivered by the Prisma fabric, agencies can be confident in their cloud experience, with guaranteed access to a growing list of SaaS providers, such as Microsoft Office 365, Box.com, Salesforce.com and more.

Agencies no longer have to deploy and manage a separate security stack for teleworkers or other remote workers. With Prisma Access, they can extend consistent security and performance to branch offices and workers, no matter where they are. And in the event of natural disasters, public health emergencies or unexpected infrastructure damage, Prisma Access can help agencies quickly and efficiently develop secure communications. As a cloud-delivered service, Prisma Access scales automatically to meet demand, requires no infrastructure deployment, and operationalizes quickly with zero-touch provisioning.

SASE is the next wave of evolution for both security and connectivity, and Prisma Access is bringing new SASE innovations to federal agencies. For more information on how Palo Alto Networks can help agencies address TIC 3.0 requirements, please read our [tech brief](https://www.paloaltonetworks.com/resources/techbriefs/tic-3-0?ts=markdown).

*** ** * ** ***

## Related Blogs

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### Working from Home During COVID-19: Secure Access for Remote Workers](https://www.paloaltonetworks.com/blog/2020/04/network-secure-access/)

### [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Helping Companies Meet US Government Guidance on Securing Remote Workforces](https://www.paloaltonetworks.com/blog/2020/04/cloud-vpn-security/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Securely Connect and Scale Remote Workforces](https://www.paloaltonetworks.com/blog/2020/03/cloud-securing-remote-workforces/)

### [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### New FedRAMP Authorization Secures Remote Access for Federal Agencies](https://www.paloaltonetworks.com/blog/sase/2021-fedramp-secure-remote-access/)

### [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Palo Alto Networks Extends ISO 27001 Certifications](https://www.paloaltonetworks.com/blog/2020/09/policy-iso-27001-certifications/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Power the New Normal with Prisma Access: Delivering Next-Gen Cybersecurity](https://www.paloaltonetworks.com/blog/2020/05/network-remote-work/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language