Appendix D: Securing FedRAMP Organizations
This topic describes how to onboard Email Security for Federal Risk and Authorization Management Program (FedRAMP) customers.
Accessing the Check Point Portal for the FedRAMP Region
To access the Check Point Portal, FedRAMP customers must use https://portal.checkpoint-gov.com/.
Onboarding for Email Security FedRAMP Customers
To onboard Email Security for the FedRAMP region, you must select the appropriate license type. It allows Check Point to determine where to add the Enterprise application:
-
GCC High / DoD - For Azure Government
-
Office 365 / GCC (Excluding GCC High) - For Azure Commercial
For the complete procedure to onboard Office 365 Mail, see Activating Office 365 Mail.
|
|
Note - Manual onboarding is not supported for GCC High and DoD licenses in Azure Government. |
Supported Features in the FedRAMP Region
Due to FedRAMP regulatory requirements, some features require certification before release. As a result, not all features supported in the commercial (non-FedRAMP) regions are supported in the FedRAMP region.
|
Capability |
|---|
|
Email Threat Prevention (Phishing, Malware, Spam, Graymail and others) |
| Archiving |
| Automated handling of phishing reports |
| Automated handling of restore requests |
|
Compromised accounts (Anomalies) |
|
DLP – Microsoft Encryption |
|
Email Click-Time Protection |
|
Email DLP workflows |
|
End User Portal |
|
End User Daily Quarantine Report (Digest) |
|
SIEM forwarding |
|
Unified Quarantine |
Unsupported Features in the FedRAMP Region
|
Capability |
|---|
|
Collaboration Applications |
|
DMARC |
|
DLP – Check Point encryption |
|
Incident Response as a Service (IRaaS) |
|
Leaked Credentials |
|
Outlook Add-in |
|
Security Awareness Training (SAT) |
|
SMTP Relay |