Transform Security

Protect federal data, digital assets, and citizen PII with end-to-end cybersecurity solutions that streamline compliance, enforce identity-based access management, and extend security from the data center to the endpoint device. Support two-factor authentication—including CAC and PIV cards, derived credentials, certificate-based login, biometrics, and third-party authentication services—across web, cloud, and native apps. Align security controls and policies to individual apps.

Secure Application Infrastructure Solution Overview

Solution Benefits

Transform security architecture

Build robust data center micro-segmentation that lets IT easily create and manage workload-specific security controls that guard against threats and outsmart traditional perimeter defenses

Meet security-hardening guidelines

Reduce ever-increasing, dynamic threats while meeting the stringent requirements of government IT

Streamline Governance

Fortify from the inside, creating a resilient infrastructure that ensures your agency is ready, responsive, and efficient


VMware Workspace ONE

Enable advanced access management, threat protection, and continuous diagnostic monitoring across endpoints

VMware Horizon

Standardize virtual desktop and application management across identity sources

VMware AirWatch UEM

Manage and secure any endpoint—including desktops—from a single platform

VMware NSX

Create and embed networks in the hypervisor layer to increase network and application security


Partner with a leader in federal digital transformation, with a portfolio of digital solutions that meet federal compliance and standards. VMware solutions support U.S. government authentication and security requirements, including CAC and PIV card access, Common Criteria, FedRAMP ATO, FIPS 140-2 compliant 256-bit SSL encryption, CJIS, and multiple DISA STIGs.


Common Criteria

VMware Common Criteria Evaluation and Validation

VMware AirWatch Mobile Device Management Common Criteria Evaluation and Validation

FedRAMP Authorization

VMware AirWatch FedRAMP Authorization


Criminal Justice Information Systems (CJIS)

Security Policy version 5.5 Product Applicability Guide 

Federal Information Processing Standards 

VMware FIPS-140 Validated Cryptographic Modules

VMware AirWatch Booz Allen Hamilton FIPS Attestation Letter


NIST SP 800-157 (Derived Credentials): AirWatch provides direct integration with various Certificate Authority (CA) vendors to generate and/or deliver a Derived Credential securely down to the mobile device and/or mobile application. In addition, AirWatch integrates with commercially off the shelf (COTS) Derived Credentials solutions, such as Entrust Identity Guard, Intercede MyID and XTec AuthentX. AirWatch also integrates with the DoD Purebred Derived Credentials solution.


NIST SP 800-163 (App Vetting): 800-163 defines the processes ensuring that mobile applications used in public sector are free from design vulnerabilities and that vulnerabilities cannot be inserted into the application throughout the application’s lifecycle. AirWatch can revoke access to applications that no longer meet the agency’s security requirements once deployed. Through the VMware Mobile Security Alliance (MSA), multiple AirWatch partners provide real-time application vetting and reputation scoring analysis, helping agencies comply with NIST SP 800-163