Azure Government expands compliance coverage with 142 services now FedRAMP High
Azure Gov Team
Microsoft now has 142 services covered by the Federal Risk and Authorization Management Program (FedRAMP) High Provisional Authorization to Operate (P-ATO) for Azure Government. We continue to maintain FedRAMP High P-ATOs issued by FedRAMP Joint Authorization Board (JAB) for both Azure and Azure Government while bringing you more services at FedRAMP High than any other cloud provider.
Azure Government provides the highest level of security, protection, and compliance services, delivering on our ongoing investments in commercial parity and our commitment to providing the most secure and compliant cloud across a broad range of mission-critical capabilities.
The Azure Government FedRAMP package contains IaaS, PaaS, and SaaS offerings, covering the full scope of cloud deployment models. You can find a full list of Azure Government services with FedRAMP High coverage in the Azure Government audit scope documentation.
Learn more about some of the latest Azure Government services now in scope for FedRAMP High:
- Azure Active Directory Domain Services – provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP), and Kerberos/NTLM authentication. You use these domain services without the need to deploy, manage, and patch domain controllers (DCs) in the cloud.
- Azure Data Share –share data safely, in any format and any size, from multiple sources with other organizations.
- Azure Data Box – send terabytes of data into and out of Azure in a quick, inexpensive, and reliable way. Secure data transfer is accelerated by shipping you a proprietary Data Box storage device. Each storage device has a maximum usable storage capacity of 80 TB.
- Azure NetApp Files – create and manage NetApp accounts, capacity pools, and volumes, configure export policy, mount a volume for a virtual machine, and manage snapshots.
- Networking services most recently authorized at FedRAMP High for Azure Government:
- Azure Bastion – a fully managed PaaS service that provides secure and seamless RDP and SSH access to your virtual machines directly through the Azure Portal.
- Azure Private Link – enables you to access Azure PaaS Services (for example, Azure Storage and SQL Database) and Azure hosted customer-owned/partner services over a private endpoint in your virtual network.
- Azure Public IP – allows Internet resources to communicate inbound to Azure resources. Public IP addresses enable Azure resources to communicate to Internet and public-facing Azure services.
- Azure Virtual WAN – a networking service that brings many networking, security, and routing functionalities together to provide a single operational interface.
- Azure DDoS Protection – protects your applications from Distributed Denial of Service (DDoS) attacks
- Content Delivery Network – delivers high-bandwidth content rapidly to users by caching their content at strategically placed physical nodes across the world. Accelerates dynamic content, which cannot be cached, by leveraging various network optimizations using CDN Points of Presence (POPs).
- Azure SignalR Service – an Azure-managed service that helps developers easily build web applications with real-time features.
- Azure Stack Edge – run workloads and get quick actionable insights at the edge where data is created using this purpose-built hardware-as-a-service.
- Azure Stack Hub (Stack Bridge) – broadens Azure to enable you to run apps in an on-premises environment and deliver Azure services in your datacenter.
- Azure Cognitive Services: Infuse apps, websites, and bots with intelligent algorithms to see, hear, speak, understand, and interpret your user needs through natural methods of communication. Here are the latest Cognitive Services authorized for FedRAMP High in Azure Government:
- Custom Vision – an image recognition service that lets you build, deploy, and improve your own image identifiers.
- Form Recognizer – identify and extract key-value pairs and table data from documents.
- Personalizer – helps your applications choose the best content to show your users, learning from their real-time behavior.
- QnA Maker – allows you to create a natural conversational layer over your data. Commonly used to build conversational client applications, which include social media applications, chat bots, and speech-enabled desktop applications.
- Azure Databricks – a unified analytics platform consisting of SQL Analytics for data analysts and Workspace for data engineers, data scientists, and machine learning engineers.
- GitHub AE – use Azure AD to manage user access, provision user accounts, and enable single sign-on with GitHub AE. Requires an existing GitHub AE subscription.
- Export to Data Lake – a pipeline to continuously export data from Microsoft Dataverse to Azure Data Lake Storage Gen2. The Export to Data Lake service is designed for enterprise big data analytics by delivering scalable high availability with disaster recovery capabilities.
Azure Government provides the most trusted cloud for mission-critical government workloads. This environment includes a unique cloud instance, exclusively for government customers and their solution providers, and hardened US datacenters operated by extensively screened personnel. To learn more about Azure Government, read our blog. To get started with Azure Government, request your free trial today.