The Federal Information
Security Management Act (FISMA) requires federal agencies to implement and support standardized IT
Security controls. These controls, defined by the National Institute of Standards and Technology (NIST), allow agencies to safely and confidently outsource critical

applications to FISMA-compliant clouds, managed
Hosting environments and SaaS providers.
Designed to Address Strict FISMA Standards
More than half of all federal cabinet-level agencies — including Veterans Affairs, the Department of Justice, Homeland
Security and the Small Business Administration — rely on Rackspace for
secure Cloud and managed
Hosting services. Rackspace is Oxcyon's strategic partner acting as the physical
Hosting environment for our dedicated and
Cloud hosted clients.
Audit Support
We fully participate in any Federal Government Assessment and Authorization audit.
Security Controls
We implement and deploy the appropriate FISMA, NIST and Federal Information Processing Standard (FIPS) managed
Security controls.
Ongoing Management
We manage your private
Cloud or dedicated
Hosting environment and administer ongoing FISMA compliance monitoring and
Reporting.
Expertise for Your Clouds
Support
We help identify the required NIST
Security controls and help you design, architect and productize your
Security infrastructure.
Cloud Hosting and Managed IT Services to Support the Delivery of secure Government Services
Lacking the specialized expertise required to host and manage critical apps and highly sensitive data for a federal, state or local government agency? With nearly two decades of industry experience and deep expertise, we’re here to help.
Whether you take advantage of our authorized government
Cloud platform, a public
Cloud or a custom hybrid configuration, we’ll deliver an end-to-end solution that provides the peace of mind you need to focus on delivering quality service to the public sector. We understand that there is no “one size fits all” approach to managed services. That’s why we work with you to understand your unique needs and customize a solution to address your requirements. Our government solutions are available to US government entities through a variety of contract vehicles, including:
GSA IT Schedule 70
NASA SEWP V
VA T4NG
Army ACCENT IDIQ
HHS CMS SPARC Small Business IDIQ
Library of Congress BPA for AWS &
Google®
We back all of our solutions with Fanatical Support® — the deep expertise and dedication to service that’s at the core of everything we do.
FedRAMP JAB
AUTHORIZATION
NIST 800-53
Security CONTROLS
NIST 800-171
DFARS READY
FISMA
AUTHORIZATION
secure Sensitive Data
We take
Security seriously. We implement and administer
Security controls based on NIST SP 800-171 (“DFARS”), NIST 800-53, FISMA and FedRAMPguidelines, and specialize in deploying high-
Security and high-
performance solutions.We’ll help ensure that your
Certifications are never out of date, eliminating the need for a third-party assessor.
Access Support 24x7x365
Our certified support engineers will support your government solution 24x7x365. They’ll use monitoring tools — customized for your hardware and operating system — to continuously verify the availability of your critical resources, processes and essential services.We continually develop enhancements that allow us to offer advanced monitoring services across all platforms.Rackspace offers the option of U.S.-based support, provided only by U.S. citizens working in the continental U.S.
Improve Scalability
Combine our authorized platforms and interoperable tool sets to scale your government services. To help reduce your time to market, we can also provide the following:
A System Escalation & Action Plan (SEAP)
A
FedRAMP path to ATO for system integrators and ISVs
A way to layer agency controls on top of compliance standards
Rackers Working at Desks
Increase Efficiency
With so many options and countless requirements, you need to ensure that your infrastructure is not only compliant, but also competitive. Our consumption-based pricing model means you can put resources previously allocated to achieving
Certifications to better use.Benefit from our pre-built SSP and standardized programmatic toolset, which we can customize to meet compliance standards specific to your organization.
FedRAMP Private Cloud Services for the Highest Levels of performance and Security
Run your mission-critical applications in an environment configured for optimal
performance and the highest level of
Security and compliance — in our data center or yours.Designed specifically for government entities and the providers who support them, our
FedRAMP private
Cloud and managed services environment is a proprietary offering that meets controls for the most stringent government standards, including FISMA,
FedRAMP, CJIS,
HIPAA, PCI, and ITAR.Our capability to provide
FedRAMP private
Cloud is a managed Platform-as-a-Service (PaaS) offering that blends the cost benefits and scalability of the public
Cloud with the
Security and customization of a private
Cloud.
Why Use Our FedRAMP Private Cloud Solution?
Faster
Migration
Migrate applications in weeks, rather than months. Our
FedRAMP private
Cloud solution integrates industry-leading virtualization, networking, compute, storage, security, and management technologies — and is pre-configured, reducing the time required for you to receive your authority to operate.Our private
Cloud’s modular design makes
Security the top priority, while providing the cost-savings, flexibility and customization that government agencies, software providers, and systems integrators need to meet their own unique
performance and
Security requirements.
FedRAMP Private Cloud
Fully Managed Security
The fully managed private
Cloud transcends traditional Infrastructure-as-a-Service (IaaS) with its comprehensive compute and virtualization functions,
Architecture and device support. We have the capability to manage and
secure the
FedRAMP private
Cloud all the way through the virtual operating system, delivering a hardened operating system along with network components built to DISA
Security Technical Implementation Guide (STIG) standards. Because of the management all physical, network, and host
Security requirements and controls, your organization can more readily meet
FedRAMP, FISMA and agency-specific
Security requirements. Plus, gain some peace of mind knowing that your infrastructure is backed with 24x7x365 monitoring and support. We can even create a physical “air-gapped” solution to separate your infrastructure from other entities within our
FedRAMP enclave. This option includes dedicated hardware and cage space, along with our full suite of managed
Security tools for monitoring.
Increased Efficiency
Our unique offering leverages standardized processes and best-of-breed tools to generate alerts and reports, to help you meet requirements and gain operational efficiencies. Because our private
Cloud is
FedRAMP JAB authorized — and includes NIST 800-53 controls up through the FISMA high level it can accelerate the audit review process and help you move towards Authorization to Operate (ATO) certification more quickly. Combine this with our consumption-based pricing model, and you can put resources previously allocated to achieving
Certifications to better use.
Flexibility to Scale
Our
FedRAMP private
Cloud utilizes VMware® ESXi virtualization technology to run virtual machines (VMs) on dedicated physical servers. This increases the flexibility to manage large and small environments. We can also connect your government private
Cloud to other clouds to create a true hybrid
Cloud environment, and provide
secure SaaS enablement for public sector software providers.
FedRAMP Authorized Platform and Services
The Federal Risk and Authorization Management Program (
FedRAMP) provides a standardized approach to facilitate and
secure Cloud solutions for federal agencies. All executive federal agencies and many others in the public sector are required to use
FedRAMP for
Security validation. The
FedRAMP Joint Authorization Board (DoD, DHS, GSA) certified the Rackspace
FedRAMP Cloud after a thorough review by the
FedRAMP Program Management Office and an accredited third-party advisor (3PAO).
Managing Government Workloads Since 2003
The Rackspace
FedRAMP Cloud, combined with our proven Federal Information
Security Management Act (FISMA) compliant solutions, provide government agencies, software vendors and systems integrators with the highest levels of
Security and
performance.
Hybrid Connectivity
Our hybrid
Cloud solution leverages the Federal Community
Cloud Platform (FCCP) for highly sensitive information, with the ability to link with public clouds.
Flexibility and Security
Get scalable
Cloud modules with dedicated hardware, firewalls, virtualization and
Security management software.
Rackspace Managed Security
SaaS Management
Manage your solution through the virtual operating system, for
secure Software-as-a-Service (SaaS) enablement.
Turn-Key Government Public Cloud Solutions
Simplicity without compromise. Rackspace provides seamless, integrated and
secure operations for your entire
Cloud portfolio, across AWS, Azure and
Google Cloud Platform, all accessible through a single pane of glass and a single invoice. We are a web-scale Managed Service Provider (MSP), delivering 24x7x365 hybrid-
Cloud management, operational support and
Security services as a packaged, on-demand, audited and pay-as-you-go service. You get the same commercial services that power the Fortune 100, in a compliance-ready state, with the additional
Security controls and governance that make your mission unique.
Why Use Our Government Public Cloud Solution?
Expertise
In 2017, Gartner positioned us as a Leader in the Magic Quadrant for Public
Cloud MSPs based on our ability to successfully deliver high-quality managed services that help our customers maximize the capabilities of the
Cloud.
Microsoft
We were the first managed service provider to directly manage Microsoft®Azure® workloads, and we became an Azure Premier Partner in 2014.
AWS
We were the first partner to be accepted into the AWS Managed Service Provider Program, have earned AWS Public Sector Partner status and are one of four organizations to manage an AWS Center of Excellence.
Google Cloud Platform
We were the first premier managed services partner for the
Google Cloud Platform (GCP) and were the first to provide Customer Reliability Engineering (CRE) support outside of
Google’s walls.
Recognized as a leader in Public Cloud Infrastructure Managed Service Providers, Worldwide
We’re a leader in the Gartner Magic Quadrant for Public
Cloud Infrastructure Managed Service Providers, Worldwide 2018
As a leader in Managed Services for public
Cloud infrastructure, here at Rackspace we deliver unbiased guidance on best-fit
Cloud solutions to organizations around the globe. We go beyond simple
Migration assistance and infrastructure management with multi-
Cloud managed services, professional services and managed application services to enable true digital
Transformation.
Managed Services
Layer our suite of managed services on top of your government
Cloud or a public
Cloud solution such as Azure or AWS to help provide reliable uptime and
performance for your government services.
Our standard and optional management services are backed by a team of certified professionals with two decades of successful federal experience, and include the following:
System design and implementation
Network and hardware configuration
performance monitoring and optimization
Operating system maintenance and support
Resource provisioning and load balancing
Data backup, replication and recovery
Customizable
Security and compliance assistance
Compliant Solutions
To help you meet
FedRAMP, FISMA and organization-specific
Security requirements, we provide end-to-end management and
Security from the network component layer — built to DISA
Security Technical Implementation Guide (STIG) standards — through to the operating system. And with Rackspace managing at least 80% of the controls within your environment, you are better positioned to receive a federal authorization to operate (ATO). Our government public
Cloud offering supports agency-specific
Security and FISMA/
FedRAMP Moderate/High, CJIS,
HIPAA, NIST SP 800-53, NIST SP 800-171 (“DFARS”) requirements.
Managed PaaS
In support of the
FedRAMP / FISMA System
Security Plan, we provide the following:
Documentation and Audit Support
Host-Based IDS
Log Consolidation and Analysis
Session Recording
STIG and CIS Hardening (Firewalls / Switches / Servers)
OS Licensing
Antivirus
Real-Time
performance Monitoring
OS Patching
Multi-Factor
Authentication
Vulnerability Scanning and Remediation
OS Administration
File Integrity Monitoring
Managed Backups
Managed IaaS
Infrastructure Monitoring
Managed Connectivity
Network Intrusion Detection
Network and Infrastructure Patching
IaaS
Hypervisor
Compute and Storage
Hardware Provisioning Administration
Network
Facility
Public
Cloud Image
Managed Security Services for Government Clouds
With nearly 20 years of experience helping federal agencies, a team of certified professionals specializes in designing high-
Security solutions to help address your compliance requirements for mission-critical government projects. Leverage our expertise and experience so you can focus on providing quality service to the public sector.To support the delivery of
secure government services, Rackspace
Security Services for government clouds can be combined with our
FedRAMP authorized
Cloud, our government public
Cloud offering or a custom configuration.We back all of our managed services with Fanatical Support® — the deep expertise and dedication to 24x7x365 service that’s at the core of everything we do. All members of the Rackspace
Security Services for Government Clouds team are U.S. citizens based in continental U.S. locations.
Security Controls
We take
Security as seriously as you do. We implement and administer
Security controls that meet or exceed industry standards, including:
Vulnerability scanning
Continuous monitoring
Network intrusion detection
File integrity monitoring
Event log collection
Privileged user session recording
To meet FIPS 140-2 encryption standards, we provide FIPS 140-2 compliant hard disk encryption technology for data in transit and at rest.
Rackspace Managed Security
Monitoring &
Reporting
Gain the visibility you need to verify that tools and procedures identified in audit processes are being followed with centralized monitoring and
Reporting, including:
Software patching sign-offs
Log reviews and summary reports
Encrypted system and network logs
IT incident and risk management reports can also be customized for different stakeholders to help address your
Security and compliance needs.
Security Racker
Operational Support
Our
Security experts can manage your environment to help maintain its overall
Security posture by:
Applying patches to address the latest
Security threats
Running regular benchmark and vulnerability scans
Establishing action plans to remediate any new findings
We’ll also evaluate the
Security impacts of any changes and whether they need to be explicitly reviewed as part of the change control process.
Security & Data at Rackspace
Gain Peace of Mind with Our Governance, Risk and Compliance Assistance
Keeping your data and systems
secure is a big enough challenge. But demonstrating to auditors that you comply with industry requirements can bring you to the breaking point. And the cost of non-compliance can ruin your business.
The compliance validation phase of an audit involves collecting information about your business activities. This provides assurances that your implemented controls are designed and operating effectively, and aligned with the policies set by the
Security organization.
That’s why we offer comprehensive
Security and compliance services. Our
Security experts use leading technologies and best practices to support your efforts to comply with regulatory mandates — often at a lower TCO than internally-developed solutions.
Rackspace Compliance
Certifications and
Security Standards
Compliance
Certifications
ISO/ IEC 27001
ISO 14001
ISO 18001
ISO 9001
SOC 1 (SSAE 18)
SOC 2
SOC 3
PCI DSS Level 1
FedRAMP JAB P-ATO
NIST 800-53
FISMA
NIST 800-171 (“DFARS”)
CJIS
ITAR
FIPS 140-2
HITRUST
Global Regulations and Privacy
HIPAA
HITECH
Privacy Act
Swiss-US
Safe Harbor
Content Delivery &
Security Association (CDSA)
Tech UK Member
Rackspace Government Public Cloud Features
FedRAMP & FISMA Compliant
Our government
Cloud platform meets or exceeds federal requirements, and the operating system running on top of our infrastructure inherits this compliance.
Monitoring & Reporting
We use both automated and standardized processes to provide monitoring, artifact creation and archiving. We also provide monthly reports.
Guaranteed Availability
We offer industry-leading guarantees related to network uptime, service availability and response times per mission-owner-negotiated SLAs.
Audit-Ready
We leverage AWS and Azure controls to provide annual audit support and audit-ready authorization at the operating system level of your virtual machines.
24x7x365 Support
We’ll maintain and support your virtual machines, plus provide advanced monitoring, managed
Security and governance for your government
Cloud solution.
Hybrid Cloud Connectivity
We can connect your government
Cloud to other clouds and create a true hybrid
Cloud environment using Amazon Direct Connect™ or Azure ExpressRoute®.
Managed IT Services to Support the Delivery of secure Government Services
To get the most value out of your IT investment, you need to continually optimize it. Yet most IT teams spend the bulk of their time managing vendors and daily operations. We’re here to bridge that gap. With nearly two decades of experience helping federal agencies, our team of certified professionals will perform all the essential tasks that your team can’t. They’ll focus on providing reliable uptime, so you can focus on delivering quality service to the public sector. Layer our managed services on top of our authorized private
Cloud platform, a public
Cloud solution such as AWS or Microsoft® Azure®, or a custom hybrid configuration. We back all of our managed services with Fanatical Support® — the deep expertise and dedication to service that’s at the core of everything we do, available 24x7x365.
Flexible Choices
We understand that there is no “one size fits all” approach to the
Cloud. We’ll work with you to understand your unique needs and customize a solution to meet your requirements for delivering quality service to government agencies.
secure Solutions
We take
Security seriously. We implement and administer
Security controls based on NIST SP 800-53, NIST 800-171 (“DFARS”), FISMA and
FedRAMP guidelines, and specialize in deploying high-
Security and high-
performance solutions.
24x7x365 Support
Receive expert guidance at every stage, with the option of receiving U.S.-based support, from U.S. citizens performing work in the continental U.S. We have the experts on hand to help you be successful.
Augment Your Plan with Rackspace® Resiliency Solutions
Disaster recovery (DR) is a holistic strategy including people, processes, policies, and technologies. It focuses on restoring the IT systems critical to supporting business functions. If you don’t have a DR strategy yet, we can help you create your own plan for the systems you host on Rackspace infrastructure. Our disaster recovery specialists can review your environment and propose a mix of resiliency tools that can help you achieve your recovery targets—all within your budget.
Add Automation to Your Disaster Recovery & High Availability Plan(s)
Simplify and automate parts of your DR plan. The Rackspace Replication Manager service uses VMware® Site Recovery Manager™ (SRM) and works in concert with Rackspace Array-based Replication to deliver fast, reliable recovery of the apps your business relies on for its operations. Resiliency solutions often require you to manually recover your data, making for an unreliable, time-consuming, and complex recovery process. Replication Manager helps ensure fast, reliable recovery thanks to automated processes. It automates the failover of your Rackspace-hosted VMs to your secondary site and also enables non-disruptive failover testing.
Low Tolerance
Quick Recovery
Rackspace Replication Manager
DNS Failover (Neustar®)
Array-based Replication
Database Replication (transactional)
Database Replication (mirroring)
Medium Tolerance
DNS Failover (Neustar®)
Database Replication (log shipping)
VM Replication
Long Recovery
Managed Backup
Rackspace Makes it Easy to Migrate to New or Multi-Cloud Environments
When you’re considering a move to the
Cloud, let our specialists help you build your strategy, assess your application portfolio, review your cost structure and identify the best-fit platform for your needs. Whether you’re migrating to AWS®, Microsoft™,
Google™, VMware® and OpenStack® , we have the certified specialists who can help make it a success.
Expertise
We have the expertise to support your
Migration, across all leading public and private clouds.
Trust
We serve customers in over 150 countries from startups to more than half of the FORTUNE 100.
Service
Our experts will guide you through every stage of your
Migration, from planning to optimization.
Choice
We’ll help you to select the best-fit
Cloud platform and then help you successfully migrate.
Multi-Cloud Adoption Accelerator:
Streamline Your Move to the
Cloud
Cloud Readiness Assessment that evaluates your applications, infrastructure and data readiness for the
Cloud.
Application and Infrastructure Portfolio Analysis that leverages
Documentation of your existing applications and infrastructure.
Platform Capabilities Mapping and ROI Analysis that determines which
Cloud platform(s) and services from the Rackspace comprehensive
Cloud portfolio fit your overall
Cloud adoption strategy.
Solution and Deployment Strategy that will include a comprehensive IaaS solution based on the recommended
Cloud platforms and all applications.
Migration Services:
Expert Guidance for Planning and Managing Your Server and Data Migrations
Our
Cloud Engineers Assess and Evaluate your current workloads, physical and virtual server configurations, network topology,
Security and compliance requirements to help you mitigate the risk that comes with any
Migration effort and limit your impact to product.
We Design an appropriate
Migration Strategy based on your applications, databases, storage, physical and virtual servers.
Next, a comprehensive project and
Migration Plan is set, based on your
Migration strategy and destination environment.
Finally, we execute and Migrate against the plan.
Load Testing:
We Can Help You Benchmark Your
performance Parameters
Detect the exact moment when a site will have latency issues or break by pushing the limits of site
performance with simultaneous users
Identify how much load a server can take without changing response time
Expose application bottlenecks and pinpoint problem areas
Optimize
Cloud and hybrid-
Cloud deployments by selectively scaling component services
Test complex user scenario sequences, including pages, dynamic content, transactions, logins and more