VMware Codifies a FedRAMP Program with InfusionPoints’ Guidance
VMware, a global leader in cloud infrastructure & digital workspace technology
VMware Cloud (VMC) on AWS is an on-demand service that enables a customer to run workloads across vSphere-based cloud environments with access to a broad range of AWS services. Powered by VMware Cloud Foundation, this service integrates vSphere, vSAN, and NSX along with VMware vCenter management, and is optimized to run on dedicated, elastic, bare-metal AWS infrastructure. With VMware Hybrid Cloud Extension, customers can easily and rapidly perform large-scale bi-directional migrations between existing on-premise data centers and VMware Cloud through the AWS environment, easing the path to migrating to the cloud.
With the same architecture and operational experience on-premises and in the cloud, IT teams can now quickly derive instant business value from use of the AWS and VMware hybrid cloud experience on AWS GovCloud (US).
“InfusionPoints is a key advisor for VMware’s FedRAMP Cloud initiatives. They have broad expertise and real-world experience with federal markets, federal compliance, security, and cloud computing.”~ Director of Product Management, VMware
VMware wanted to expand their cloud to the federal market using AWS GovCloud
VMware wanted to accelerate their plan to obtain a FedRAMP High accreditation for VMware Cloud on AWS GovCloud. In addition to wanting to platform VMware Cloud on AWS GovCloud and obtain a FedRAMP High accreditation, VMware needed a long-term strategy to onboard other VMware cloud services into AWS GovCloud, consistently and without duplicating efforts across the organization.
InfusionPoints applied our proven track record and strong expertise with FedRAMP requirements and AWS infrastructure capabilities to develop a solid plan of action for obtaining a FedRAMP High-impact Infrastructure as a Service ATO and helped develop a common service layer for FedRAMP including people, process, and technology so that service owners would only need to focus on their individual services instead of trying to satisfy all areas of FedRAMP independently.
InfusionPoints leveraged our FedRAMP expertise to rapidly develop a strategy
InfusionPoints applied our proven FedRAMP Build, Manage, and Defend methodology and leveraged in-depth technical analytical skills, AWS expertise as an AWS Advanced Tier Partner and Public Sector Partner, and a thorough understanding of strict FedRAMP security control implementations unique to AWS GovCloud environments, to prepare VMware to provide FedRAMP high impact and DoD Cloud Computing SRG cloud services to Government agencies.
Through a collaborative approach, InfusionPoints conducted a series of workshops with VMware, that included stakeholders, product owners, cloud and security engineers, and cloud operations to assess VMC against the FedRAMP High Impact requirements.
InfusionPoints reviewed documentation and previous assessments to develop the strategy to support the FedRAMP readiness assessment report (RAR). The strategy identified controls that would be inherited from AWS GovCloud and prioritized security controls for development or enhancement. The team established a prioritized strategy for rollout of the VMware Cloud on AWS GovCloud, leading to the announcement of general availability at the AWS Public Sector Summit.
“InfusionPoints’ efforts have helped to provide the confidence and momentum to the program, resulting in the announcement of general availability of VMC on AWS GovCloud (US) at the AWS Public Sector Summit held in Washington DC in June of 2018.”~ Jason Shropshire – SVP & CTO, InfusionPoints
VMware will continue to partner with InfusionPoints on FedRAMP projects
Through a team with a high degree of FedRAMP and AWS knowledge, InfusionPoints helped VMware align their VMC offering with FedRAMP's requirements and provided:
- Rapid gap analysis and prioritization
- Strategic FedRAMP roadmap for VMware Cloud on AWS GovCloud
- Federal market enablement plan for existing and future cloud solutions
Through partnering with InfusionPoints, VMware will be able to meet the stringent cyber security requirements of FedRAMP and achieve a FedRAMP P-ATO. More importantly, VMware has a go-forward strategy for bringing their cloud services to the Federal market.