* [Blog](https://www.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/) * [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/) * New FedRAMP Authorization... # New FedRAMP Authorization Secures IoT Devices for Federal Agencies [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2022%2F04%2Fnew-fedramp-authorization-secures-iot-devices%2F) [](https://twitter.com/share?text=New+FedRAMP+Authorization+Secures+IoT+Devices+for+Federal+Agencies&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2022%2F04%2Fnew-fedramp-authorization-secures-iot-devices%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2022%2F04%2Fnew-fedramp-authorization-secures-iot-devices%2F&title=New+FedRAMP+Authorization+Secures+IoT+Devices+for+Federal+Agencies&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2022/04/new-fedramp-authorization-secures-iot-devices/&ts=markdown) \[\](mailto:?subject=New FedRAMP Authorization Secures IoT Devices for Federal Agencies) Link copied By [Minakshi Sehgal](https://www.paloaltonetworks.com/blog/author/minakshi-sehgal/?ts=markdown "Posts by Minakshi Sehgal") Apr 21, 2022 5 minutes [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown) [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown) [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) [Cloud-Delivered Security Subscriptions](https://www.paloaltonetworks.com/blog/tag/cloud-delivered-security-subscriptions/?ts=markdown) [FedRAMP](https://www.paloaltonetworks.com/blog/tag/fedramp/?ts=markdown) [IoT devices](https://www.paloaltonetworks.com/blog/tag/iot-devices/?ts=markdown) [SLED](https://www.paloaltonetworks.com/blog/tag/sled/?ts=markdown) The growth of globally-interconnected systems and the increase in cyberthreats are causing security challenges for federal agencies. With the added responsibility of maintaining national security and adhering to mandates, federal agencies are experiencing increased pressure to accelerate the adoption of a Zero Trust architecture. To support the federal government's Zero Trust cybersecurity initiative, Palo Alto Networks announced today that its [IoT Security solution](https://www.paloaltonetworks.com/network-security/iot-security?ts=markdown) has achieved Federal Risk and Authorization Management Program (FedRAMP) Moderate Authorization. With this milestone, Palo Alto Networks IoT Security offering is helping agencies protect their unmanaged IoT devices with machine learning (ML)-powered visibility, threat prevention and Zero Trust policy creation with enforcement in a single platform. This adds to Palo Alto Networks [existing product](https://www.paloaltonetworks.com/security-for/government/fedramp?ts=markdown) offerings that support the U.S. government's cybersecurity mission. Earlier this year, the[U.S. Department of Veterans Affairs (VA) selected Palo Alto Networks](https://www.paloaltonetworks.com/company/press/2022/department-of-veterans-affairs-selects-palo-alto-networks-to-modernize-security?ts=markdown) to modernize their cybersecurity. Among other initiatives, the VA is expanding its use of next-generation security technology to gain automated visibility and security for all the Internet of Medical Things devices on its network. ## Cybersecurity Solutions to Support Federal Mandates Recent guidelines, such as the President's [Executive Order on Improving the Nation's Cybersecurity](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/), issued in May 2021, and the more recent [federal Zero Trust strategy](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf) from the U.S. Office of Management and Budget (OMB), spotlight the need to protect managed devices and unmanaged Internet of Things (IoT) devices, owned or controlled by federal agencies. While these advisories are intended to further the security of IoT devices used by federal agencies, a focus on device-level security alone is not enough. Manufacturing supply chains are complex and not transparent, meaning at-risk technology may be embedded in devices that do not obviously contain vulnerable or banned components. In addition, the service life of many devices, such as [medical infusion pumps](https://unit42.paloaltonetworks.com/infusion-pump-vulnerabilities/), can be far longer than the viability of the technology they contain. These guidelines are in addition to the following mandates to protect IoT devices: * [The Secure Networks Act](https://www.fcc.gov/document/implementing-secure-networks-act-0) (July 2020) -- The Public Safety and Homeland Security Bureau published a[list of communications IoT equipment](https://www.fcc.gov/supplychain/coveredlist) deemed an unacceptable risk to national security. * [Internet of Things Cybersecurity Improvement Act](https://www.congress.gov/bill/116th-congress/house-bill/1668?q=%7B%22search%22%3A%5B%22Internet+of+Things+Cybersecurity+Improvement+Act%22%5D%7D&s=2&r=3) (Dec 2020) -- Requires the National Institute of Standards and Technology (NIST) and the OMB to take specified steps ([SP 800-213](https://csrc.nist.gov/publications/detail/sp/800-213/final)) to increase cybersecurity for IoT devices. * [Health Information Technology for Economic and Clinical Health Act](https://www.congress.gov/bill/116th-congress/house-bill/7898) (January 2021) -- Incentivizes healthcare providers to follow federal recommendations and best cybersecurity practices to secure patient information. * ## Zero Trust Security for IoT Devices The IoT Security solution helps U.S. agencies leverage their current Palo Alto Networks Next-Generation Firewalls (NGFWs) to help automate Zero Trust security for IoT devices as follows: 1. **Automated Device Discovery, Classification and Assessment --** The agentless IoT security solution uses ML and deep-packet inspection in combination with crowdsourced telemetry to discover and classify every connected IoT device in the network, including unmanaged devices. IoT Security then detects and assesses risk by analyzing crowdsourced device data, ML-powered behavior anomaly assessment, proprietary Unit 42 threat research, common vulnerabilities and exposures, as well as third-party vulnerability management information. 2. **ML-Based Profiling and Behavior Baselining** -- The solution automatically ascertains the device's identity and verifies "normal behaviors." Once normal behaviors are determined, the solution kicks in anomaly detection to uncover and prioritize any potential deviation from the baseline. 3. \*\*Prescriptive Least-Access Policy --\*\*Least access as a policy is a key tenet of Zero Trust. IoT Security automatically provides risk-reducing Zero Trust least-privileged access policies by comparing metadata across millions of IoT devices with those found in your network. For each IoT device and category of devices, it provides recommendations to restrict or allow trusted behaviors and help implement Zero Trust strategies without painstaking manual processes. 4. \*\*One-Click Enforcement --\*\*IoT Security enforces the recommended Zero Trust security policies natively with one click via our NGFWs. Our patented Palo Alto Networks Device-ID™ policy-construct tracks all IoT devices across the network and applies policy regardless of changes to the device's IP address or location. 5. **Continuous Monitoring --** Continuous monitoring is the final and crucial step in closing the Zero Trust security loop for IoT devices. Continuous monitoring ensures that if and when a connected device is found to be compromised, its access to the resources and the network is blocked immediately. Continuous monitoring also helps to refine policies over time. ![Table showing automated Zero Trust Security with industry-first least access policy automation.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/04/word-image-14.png) ## Network-Level IoT Security for Federal Agencies Given the dynamic nature of IoT and the environment in which devices are deployed, it is critical to go beyond embedded device security and have the capability to dynamically secure the data center, healthcare and critical infrastructure network extending from headquarters to branch offices, to work-from-home settings, in real-time. Networks can and should be a priority detection and enforcement point for IoT device security. Technologies exist today, grounded in ML, to help federal agencies realize this goal. Learn more about the importance of putting IoT security at the forefront of your agency's Zero Trust strategy by reading our white paper: [The Right Approach to Zero Trust for IoT Devices.](https://www.paloaltonetworks.com/resources/whitepapers/right-approach-zero-trust-iot?ts=markdown) *** ** * ** *** ## Related Blogs ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) [#### 2026 Public Sector Cyber Outlook: Identity, AI and the Fight for Trust](https://www.paloaltonetworks.com/blog/2026/01/public-sector-cyber-outlook/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) [#### Tipping the Scales for DoD Cybersecurity with Prisma Access IL5](https://www.paloaltonetworks.com/blog/2024/05/dod-cybersecurity-with-prisma-access-il5-2/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) [#### Providing Optimal Cloud Security Outcomes Through StateRAMP](https://www.paloaltonetworks.com/blog/2024/03/cloud-security-outcomes-through-stateramp/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) [#### Network Segmentation for the NHS](https://www.paloaltonetworks.com/blog/2023/06/network-segmentation-for-the-nhs/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Education](https://www.paloaltonetworks.com/blog/category/education/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) [#### CISA K-12 Report Blog](https://www.paloaltonetworks.com/blog/2023/02/cisa-k-12-report-blog/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) [#### Palo Alto Networks Conformance to the NCSC Cloud Security Principles](https://www.paloaltonetworks.com/blog/2023/01/conformance-to-the-ncsc-cloud-security-principles/) ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language