From Patch Urgency to Quantum Readiness

Posted on by Peter Bentley

How Carahsoft and Patero Help Federal Agencies Reduce Attack Surface and Perform Inventory Cryptography, Future-Proofing Mission Systems

The Cybersecurity and Infrastructure Security Agency’s (CISA) Binding Operational Directive (BOD) 26-04 reinforces a decisive shift in Federal cybersecurity: agencies can no longer treat remediation as a slow, periodic, compliance-driven activity. Security updates must be prioritized by real risk, informed by exposure, asset criticality, exploitability and mission impact. This is the right direction — but it also exposes a deeper challenge. Agencies cannot prioritize what they cannot see, cannot protect what they cannot govern and cannot future-proof systems if they do not understand the cryptography already embedded across their networks, applications, cloud environments, identity systems, endpoints and operational technology (OT).

The Federal attack surface is no longer defined only by vulnerable software. It is defined by exposed systems, aging infrastructure, unmanaged devices, unsupported edge technologies, vulnerable encryption, unknown dependencies and sensitive data that adversaries are already collecting today for future decryption. CISA’s continuing emphasis on risk-based updates, edge-device lifecycle management, asset discovery and vulnerability prioritization should be read as part of a larger mandate: Federal agencies must move from reactive patching to continuous visibility, measurable risk reduction and resilient modernization.

That is where Patero in partnership with Carahsoft provides immediate and strategic value.

Patero helps agencies address three urgent requirements at once: reduce exposed attack surfaces, discover and govern cryptographic risk and accelerate readiness for post-quantum cryptography. Patero’s CryptoQoR protects sensitive data-in-motion by cloaking vulnerable network elements and securing communications with crypto-agile, quantum-resistant encryption. Patero’s PanoQoR enables automated cryptographic discovery and inventory, giving agencies visibility into where cryptography is used, which algorithms are vulnerable, which systems are most exposed and where remediation should begin.

Carahsoft makes the ordering process easy and with your contract vehicle of choice.

This matters because risk-based patching and post-quantum readiness are now converging. The same discipline agencies need to prioritize urgent security updates, asset visibility, exposure mapping, business impact analysis, remediation sequencing and continuous governance, is also the foundation required for Post-Quantum Cryptography (PQC) migration. Quantum readiness is not a separate future project. It is the next stage of Federal cyber resilience. Speed to action will help reduce panic and exposure.

Why Attack Surface Reduction Must Come First

Every exposed system is a potential doorway. Every unsupported device, unpatched service, misconfigured access point and cryptographically weak connection increases the probability of compromise. Federal IT leaders are being asked to protect highly distributed environments that include cloud workloads, remote access paths, edge devices, legacy applications, OT systems, mission enclaves, third-party connections and hybrid networks.

Traditional perimeter security is not enough.

Agencies need to reduce what adversaries can see, reach, exploit and persist on. CryptoQoR supports this goal by helping conceal critical network elements from would-be attackers and establishing secure, quantum-resistant communication paths between approved endpoints. Rather than forcing agencies into disruptive rip-and-replace programs, Patero enables a practical modernization layer that can protect existing infrastructure while agencies plan longer-term remediation.

This is critical for Federal environments where operational continuity matters. Agencies cannot simply take mission systems offline, replace every legacy asset or pause operations while modernization occurs. Patero gives administrators a pragmatic path: reduce exposure now, protect sensitive communications now and create a bridge toward future cryptographic standards.

Why Cryptographic Inventory Is the New Mission Requirement

The most important question in Federal cybersecurity is rapidly becoming: “Where are we using cryptography, and is it still safe?”

Most agencies cannot fully answer that question.

Patero, From Patch Urgency to Quantum Readiness Blog, Embedded Image, 2026

Cryptography is buried across Transport Layer Security (TLS) connections, Virtual Private Networks (VPNs), Application Programming Interfaces (APIs), identity systems, databases, certificates, code-signing workflows, firmware, applications, cloud services, embedded systems and third-party platforms. Some of it is modern. Some of it is obsolete. Some of it is undocumented. Some of it protects data that must remain confidential for decades.

Without automated cryptographic discovery and inventory, PQC migration becomes guesswork.

PanoQoR gives agencies the ability to identify cryptographic assets, classify risk, map dependencies and prioritize remediation based on exposure, data sensitivity, mission importance and migration complexity. This transforms PQC planning from abstract policy compliance into an actionable operational roadmap.

Inventory is step one because it creates the evidence base for every decision that follows. It tells agencies what they have, where it lives, what it protects, what is vulnerable and what must be modernized first.

The Quantum Threat Is Already Operational

The post-quantum threat is often misunderstood as something that begins only when a cryptographically relevant quantum computer arrives. That is not correct. The risk is already active through “harvest now, decrypt later” attacks, where adversaries collect encrypted data today and store it for future decryption.

For Federal agencies, the most exposed data includes defense communications, intelligence records, law enforcement files, diplomatic information, citizen identity data, health records, tax records, personnel files, critical infrastructure plans and long-lived mission data. If the information must remain confidential for years or decades, it is already at risk.

The National Institute of Standards and Technology (NIST) has finalized the first major post-quantum cryptography standards. Federal law and Office of Management and Budget (OMB) guidance already require agencies to inventory vulnerable cryptographic systems and plan migration. CISA, National Security agency (NSA) and NIST have urged organizations to build quantum-readiness roadmaps, engage vendors, conduct cryptographic inventories and prioritize sensitive and critical systems. The policy direction is clear: post-quantum readiness is no longer theoretical. It is becoming a Federal operating requirement.

How Patero Helps Agencies Take Action

Carahsoft and Patero gives Federal administrators a practical, phased path forward.

First, agencies can use PanoQoR to establish automated cryptographic discovery and inventory across high-value systems, internet-facing services, mission networks, cloud environments and critical applications. This creates the visibility required to determine which systems are most exposed, which encryption is vulnerable and which remediation actions should be prioritized.

Second, agencies can use the inventory to build a risk-ranked PQC roadmap. Not every system can be modernized at once. The right approach is to prioritize systems based on data shelf life, exposure, mission criticality, exploitability and operational dependency.

Third, agencies can use CryptoQoR to protect high-risk communications with quantum-resistant encryption and network cloaking. This helps reduce attack surface, secure sensitive data-in-motion and create immediate protection for priority use cases while broader migration efforts proceed.

Fourth, agencies should demand crypto-agility from vendors. Every new procurement, modernization program, remote access platform, cloud architecture and network refresh should include requirements for cryptographic visibility, algorithm agility, PQC roadmap alignment and evidence of future standards support.

Finally, agencies should stop treating PQC as a future compliance task. The right operating model is continuous cryptographic governance: discover, assess, prioritize, remediate, validate and monitor.

Carahsoft is the easy button to get started.

Call to Action

CISA’s latest directive is another clear signal that the Federal Government is moving toward risk-based, intelligence-driven, continuously governed cybersecurity. The agencies that act now will reduce exposure, lower remediation cost, improve compliance posture and protect mission data before adversaries can exploit today’s blind spots or tomorrow’s quantum breakthroughs.

The path forward is straightforward:

Discover the cryptography.
Reduce the exposed attack surface.
Prioritize risk-based remediation.
Protect high-value communications.
Build crypto-agility into every modernization program.
Move now — before quantum risk becomes a mission crisis.

Patero helps agencies turn Federal cyber urgency into measurable action. It gives administrators the visibility to know where risk exists, the tools to protect critical communications and the roadmap to move confidently toward a quantum-safe future.

Learn how Patero’s comprehensive post-quantum cryptography solutions protect Government agencies from evolving cyber threats without sacrificing performance, resiliency or speed.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Patero, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

From AI Tools to AI Outcome: Why Orchestration is the Next Frontier

Posted on by Chris Dilley and Jonathan Alboum

As artificial intelligence (AI) tools proliferate across Federal, State and Local Government (SLG) environments, agencies are faced with the challenge of shifting from acquiring to coordinating AI. Without orchestration, AI does not scale. It creates new silos, risks and inconsistencies across the enterprise. Agencies that lead in the AI era will be those that deploy AI safely, consistently and with human oversight built into every step.

The Orchestration Problem

Many Federal and SLG agencies are adopting AI through fragmented, mission-by-mission purchases, acquiring it independently without a coordinated strategy. The result is sprawl that undermines the efficiency AI is meant to deliver, a pattern already seen with data centers, cloud and mobile devices.

That sprawl creates disconnected AI tools that introduce governance gaps, inconsistent service delivery and accountability challenges for oversight bodies and the public. When processes and AI solutions operate in isolation, agencies at every level lose the compounding value of connected intelligence and coordinated action. The solution is a unified platform that functions as an AI control tower, connecting technologies, data sources and workflows to drive coordinated outcomes instead of isolated outputs.

ServiceNow’s AI control tower capability is built on the National Institute of Standards and Technology (NIST) AI Risk Management Framework (RMF), providing all Government agencies a familiar governance architecture. NIST is a user of the platform to manage their AI investments, giving agencies a real-world reference point. For agencies navigating the NIST AI RMF’s four core functions — govern, map, measure and manage — embedding those capabilities into the operational platform reduces complexity and accelerates compliance alignment.

Defining What AI Can and Cannot Own

A core AI deployment decision is determining where automation is appropriate and where human judgment must remain. A task is a strong automation candidate when it can be completed with at least 90% accuracy consistently, escalated to a human 100% of the time when needed and executed in full compliance with applicable Federal and State regulations.

Federal and SLG agencies can evaluate AI task ownership using a four-dimension risk framework:

Reversibility: Routing a case or drafting a response carries lower stakes than permanently altering a record. Can the action be undone?
Consequence of error: If the AI gets it wrong, what is the impact on the citizen, agency or mission?
Data sensitivity and regulatory exposure: Does the task involve regulated, protected information or other governed categories?
Confidence threshold: How much trust has the agency built in the model’s outputs, and when does that confidence justify expanded autonomy?

These dimensions are particularly relevant for SLG agencies administering federally funded programs, where errors can carry both operational and compliance consequences. The framework helps Federal and SLG agencies calibrate autonomy based on actual risk rather than surface-level task complexity freeing staff to focus on the human interactions that matter most.

Human Oversight as Architecture, Not Afterthought

Every autonomous AI action must be auditable, explainable and logged. Agencies at any level can apply a tiered oversight model to achieve this:

Low-consequence, highly reversible tasks may proceed autonomously.
Moderate-risk actions may trigger supervisor notifications before proceeding.
Higher-stakes decisions, including those affecting citizen benefits or legal records, require human review and approval before execution.
AI informs the human, but the human leads.

Federal and SLG agencies should treat AI as staff, not the boss. AI agents operate within defined decision boundaries that must be explicit, documented and supported by change management so employees understand how their roles are evolving. Those boundaries also produce an audit trail that can satisfy an inspector general, State oversight committee or Federal program auditor seeking to understand how an outcome was reached.

Compliance as an Accelerator

For agencies at every level, security and compliance authorization is often the threshold question before AI capabilities can be considered. Both ServiceNow and MoveWorks, the conversational AI layer integrated into the platform as EmployeeWorks, hold FedRAMP authorization at the High and Moderate impact levels. For Federal agencies, this directly satisfies procurement and security review requirements, while signaling to SLGs the underlying infrastructure has been independently validated against rigorous standards.

FedRAMP authorization removes a major friction point between AI pilot and operational deployment, particularly in GovCloud and National Security Cloud (NSC) environments. With the security framework validated, resource-strained IT teams, like those typically found in SLG agencies, can focus on the factors that determine whether an AI deployment delivers value. Together, FedRAMP-authorized infrastructure and NIST AI RMF-aligned governance tooling give agencies at all levels a compliance foundation for current requirements and the evolving AI regulatory landscape.

Accelerating Time to Value

ServiceNow, AI Tools to AI Outcomes Blog-Embedded Image - 2026

Effective AI orchestration also changes how employees experience technology at every level of Government. Too many systems for the same task create confusion, inconsistency and low adoption. Whether it is a Federal environment with tens of thousands of employees or a State department with a few hundred, navigating disconnected systems consumes time that should be spent serving constituents.

EmployeeWorks provides a unified interface where employees can initiate and complete workflows, including updating records, submitting requests or resolving IT issues without navigating between systems. By making the AI front door accessible through daily tools, Federal and SLG agencies reduce adoption barriers and accelerate time to value. Repeated across thousands of interactions at every level of Government, that difference compounds into productivity gains, consistent service and institutional trust.

Moving from pilot to scaled deployment requires three prerequisites:

Data readiness: AI performs best when data is clean, current and accessible. Configuration management databases, employee records and knowledge repositories must be reliable before autonomous workflows can be trusted.

Governance: Agencies need a formal structure that brings together IT, operations and mission stakeholders around risk tolerance, compliance standards and shared accountability. This alignment determines whether AI changes how work gets done or adds another layer to existing processes.

Discipline: Agencies should avoid selecting first use cases that are ambitious and difficult to execute. Early wins demonstrate value quickly and create the organizational and budgetary foundation for broader expansion.

The Autonomous Fast Start Program

ServiceNow offers an Autonomous Fast Start program that accelerates the path from planning to production. The program connects ServiceNow engineers with Federal and SLG teams to identify the highest-impact, data-ready use cases, establish governance frameworks and build and deploy functional workflows. The hands-on engineering model also supports knowledge transfer, building internal capability beyond the initial engagement.

The Fast Start program addresses common early-stage blockers: data readiness gaps, governance ambiguity and the risk of choosing the wrong use case. For State agencies in particular, where dedicated AI program offices may not yet exist, having experienced engineers working as partners accelerates delivery and builds the confidence needed to sustain longer-term AI programs.

What Agencies Need to Plan For

AI budget planning includes complexities that should be addressed early. Federal and SLG agencies can be surprised by usage-based costs that were not anticipated during procurement. Research and detailed vendor conversations before deployment are essential to building a realistic budget model.

Equally important, agencies should not evaluate AI costs in isolation, it often results in an incomplete picture. For State agencies, where staffing costs are a primary expense and caseloads continue to grow, automating high-volume transactional tasks enable staff to serve more constituents at a higher level of quality. The question is not only what the AI tool costs, but what percentage of operational costs it reduces by freeing staff from repetitive work.

Orchestrating AI for Mission Success

The transition from a collection of AI tools to a coordinated AI enterprise is neither automatic nor inevitable. It requires deliberate architecture, rigorous governance and a clear understanding of where human judgement must remain.

Federal and SLG agencies that build on compliance-validated infrastructure, align technology and operations teams around shared accountability and choose first use cases with discipline will be positioned to improve efficiency and transform how constituents experience Government services at all levels.

Watch ServiceNow’s full webinar, Orchestrate AI for Greatest Impact, to learn more about how agencies are building the governance frameworks, workforce strategies and unified platforms needed to deploy AI at scale — safely, accountably and with measurable mission results.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including ServiceNow, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Better Together: How Nutanix and Omnissa Are Building the Modern Government Workspace

Posted on by Maryam Alexandrian-Adams, Skip Gumble and Evan Slack

Public Sector IT leaders navigate rapid change including geopolitical shifts, evolving cyber threats, vendor consolidation and pressure to do more with constrained budgets. For agencies modernizing end-user computing (EUC) and digital workspace environments, progress increasingly depends on integrated infrastructure, flexible architecture and trusted partnerships. Nutanix and Omnissa, distributed by Carahsoft, The Trusted It Solutions Provider™, deliver a combined platform that reduces complexity, accelerates deployment and keeps agency employees productive and secure.

A Partnership Built for the Public Sector

Carahsoft is the bridge between technology innovators and Government agencies, providing procurement vehicles, technical resources and partner support that simplify adoption. That relationship extends to Nutanix and Omnissa, with Carahsoft serving as a distribution partner that helps Federal, State, Local and Education agencies access both platforms through streamlined procurement. The partnership spans years of General Services Administration (GSA) Schedule contracting support, proof-of-concept assistance and technical resources that help agencies evaluate, deploy and scale their environments with confidence.

Nutanix brings a unified, software-defined infrastructure platform that combines compute, storage and virtualization into one hyper-converged stack. Rather than managing firmware updates across siloed server, storage and networking components, agencies can use Nutanix Prism Central and its Lifecycle Manager (LCM) to manage lifecycles holistically, reducing administrative overhead and compatibility risks. Nutanix’s cloud platform, NC2, also enables consistent operations across on-premises environments, AWS, Azure and Google Clouds without requiring agencies to re-architect their applications.

Omnissa is fully focused on the modern digital workspace. Through Workspace ONE, Omnissa unifies management of virtual desktops (VDI), mobile devices and Software-as-a-Service (SaaS) applications while providing enterprise-grade security, conditional access and unified endpoint management (UEM). Omnissa also uses AI to proactively monitor and improve the digital employee experience, identifying performance issues before they affect end users.

A Stronger Solution Together

The integration between Nutanix and Omnissa Horizon on AHV, Nutanix’s native hypervisor, reached general availability at the end of December 2025 and has seen significant market response. Its beta program was the largest and most successful in Horizon’s history, and within weeks of general availability, the combined solution had already scaled to over 70,000 users. That momentum reflects real demand from agencies seeking a high-performance, fully supported alternative that avoids the constraints of legacy vendor agreements.

The technical case for combining the platforms centers on optimization. Running Horizon on Nutanix’s hyper-converged infrastructure positions compute and storage in the same stack, delivering measurably stronger VDI performance than traditional three-tier architectures. The operational experience combines Nutanix’s infrastructure management through Prism with Horizon’s app delivery and provisioning capabilities, including App Volumes, giving IT teams a more unified view across their virtual desktop environment. The outcome is faster deployment, lower total cost of ownership and reduced complexity.

Nutanix and Omnissa Better Together Blog, embedded image, 2026

Rethinking How Apps Are Delivered

One meaningful Omnissa capability is its apps-on-demand delivery model through App Volumes. Many agencies still use persistent desktop environments, pre-loading large application libraries onto each VDI instance whether or not they are needed. For engineering teams managing hundreds of applications, this creates unnecessary bloat, complicates patching and introduces avoidable performance overhead.

Omnissa shifts that model by delivering applications on demand, so they are available when needed without the administrative burden of persistent installation. This speeds patching, reduces the management footprint and gives IT teams tighter control over the application environment.

Addressing the Evolving Demands of Government IT

The Nutanix and Omnissa partnership is designed to grow with agency requirements. Hybrid deployments spanning on-premises data centers and cloud environments are now the norm, and both platforms support that reality. Nutanix Cloud Cluster (NC2) enables Nutanix workloads to run natively on AWS and Azure while maintaining consistent management while Omnissa Horizon extends seamlessly across those environments so agencies can place workloads based on performance, compliance and cost requirements.

Licensing flexibility reinforces that adaptability. Nutanix offers End-User Computing (EUC) licensing on a per-user basis so agencies can license per user or by core count. For organizations with power users who need high-performance environments, this model delivers direct cost savings, a meaningful consideration for Public Sector agencies that must justify every technology investment.

Security is embedded, not added on. Nutanix incorporates Nutanix Flow Network Security micro-segmentation and Zero Trust networking capabilities at the infrastructure layer while Omnissa brings conditional access policies, endpoint compliance enforcement and AI-driven threat monitoring at the workspace layer. Together, they create a layered security posture that supports the rigorous Government compliance demands.

Simplifying the Path to Modernization

For agencies running VMware or Citrix environments and navigating the complexity of transition costs, structured migration support removes a common barrier to change. Nutanix and Omnissa both offer migration tools, validated reference designs, pre-sales architects and post-sales services teams designed to move agencies from existing platforms to the integrated stack. Environment sizing tools help partners and agencies right-size deployments before committing resources, reducing the risk of over- or under-provisioning.

Preparing for an AI-Driven Future

Looking ahead, both organizations are investing in AI integration as a core platform capability, an approach particularly relevant for Public Sector agencies working to adopt AI responsibly. Nutanix supports AI and containerized workloads on the same infrastructure used for VDI, using Nutanix GPT-in-a-Box and reducing the need for separate AI infrastructure. Running AI workloads in a virtualized environment has also shown total cost of ownership (TCO) advantages over bare-metal deployments.

Omnissa is building AI into autonomous digital workspace management, enabling more self-healing, self-optimizing environments that detect and resolve performance issues before they impact productivity. For agencies exploring AI use cases, VDI environments offer a controlled deployment path that routes sensitive data within agency boundaries rather than public cloud AI services.

For Public Sector agencies evaluating their next phase of IT modernization, the combination of Nutanix’s infrastructure simplicity, Omnissa’s workspace management depth and Carahsoft’s procurement and support ecosystem represents a practical, proven path forward.

To learn more about the Nutanix and Omnissa integrated solution, including the general availability of Omnissa Horizon 8 support for Nutanix AHV, visit the Omnissa blog.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Nutanix and Omnissa, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Making Existing Government Intelligence Systems Agentic Without Losing Control

Posted on by Timo Klein

How an Agentic Intelligence Fabric connects the tools agencies already use.

Government and enterprise intelligence teams do not usually suffer from having too few tools.

They suffer from having too many tools that do not work together.

An analyst may work across OSINT platforms, risk intelligence feeds, investigative databases, geospatial tools, link analysis software, internal knowledge bases, case management systems, spreadsheets, ticketing workflows, chat channels and reporting templates.

Each system may be valuable. Each may be approved, procured, trained and trusted for a specific part of the mission.

But the work between them is often manual.

Analysts copy data from one tool into another. They reconcile entity names by hand. They compare screenshots, exports, notes, alerts, maps and source references across disconnected environments. They merge findings into a case narrative after the fact. They preserve evidence in one place, make judgments in another and produce reports in a third.

This is where intelligence work slows down.

It is also where risk enters.

The next step for Government AI is not to replace trusted platforms with a standalone AI application.

The next step is to connect existing systems into governed agentic workflows that can retrieve context, compare signals, merge findings, preserve evidence and support human judgment without losing auditability or control.

That is the role of an Agentic Intelligence Fabric.

The Real Problem Is Tool Fragmentation

OSINT is essential to modern intelligence and risk work. Publicly available information, media, infrastructure data, corporate records, social platforms, geospatial signals, breach data and live event streams can all help analysts understand what is changing in the world.

But most organizations do not consume OSINT through one clean workflow.

They consume it through many tools.

One tool may surface an entity. Another may provide enrichment. Another may hold geospatial context. Another may contain internal history. Another may hold the case file. Another may be used for reporting. Another may be where the final decision is documented.

The problem is not that these tools are useless. The problem is that they rarely share operational context.

They do not automatically know that two slightly different names refer to the same organization. They do not preserve the analyst’s reasoning across systems. They do not carry uncertainty from discovery into reporting. They do not maintain one accountable path from source to case to decision.

When tools are disconnected, analysts become the integration layer.

That is expensive, slow and fragile.

It creates practical questions that matter under pressure:

Where did this claim come from?
What evidence supports it?
What weakens it?
Which tool produced this signal?
Which system has the most recent context?
Which duplicate entity should be merged?
What assumptions are being made?
What was copied manually?
Who accepted those assumptions?
What decision is this work meant to support?

These are not cosmetic workflow issues. They are intelligence quality issues.

Merging data is not clerical work when the decision depends on whether the merge is correct.

If the wrong records are joined, a weak correlation can become an assessment. If source context is lost, a claim can become harder to challenge. If evidence is copied without provenance, the output may look clean while becoming less defensible.

The real problem is not OSINT alone.

The real problem is disconnected intelligence operations.

Agentic AI Changes the Workflow

AI agents create a practical way to address this problem.

Instead of using AI only to summarize a document or answer a question, agentic systems can perform sequences of work across approved tools: retrieving context, calling APIs, comparing entities, checking case history, preserving source references, preparing analyst-ready outputs, flagging uncertainty and routing tasks to the right human decision point.

That matters because the analyst’s real burden is often not one difficult query.

It is the repeated movement across systems.

An agent can help search an approved OSINT platform, compare the finding with internal case context, check whether an entity already exists in another system, retrieve relevant prior reporting, preserve source references, identify contradictions and prepare a structured draft for analyst review.

The agent is not replacing the underlying tools.

It is operating across them.

But agentic AI also introduces a control problem.

The more an agent can do, the more important it becomes to define what it is allowed to do, when, why and under whose authority.

An agent with broad tool access and weak governance is not operational maturity. It is risk. It can use the wrong tool, trust the wrong source, merge the wrong entities, lose the evidence chain, summarize uncertainty away or create outputs that are difficult to defend after the fact.

In serious environments, agentic AI needs more than model capability.

It needs a fabric that connects tools while enforcing boundaries.

The Missing Layer Between Tools and Decisions

Most organizations do not have a single intelligence system. They have a landscape of systems.

Some are specialized OSINT platforms. Some are investigative tools. Some are internal data repositories. Some are knowledge bases, ticketing systems, reporting workflows, watch floors or classified and controlled environments. Many are already embedded in procurement, security, training and operational practice.

Replacing all of that is rarely realistic and often undesirable.

The more practical path is to add an operating layer that can connect existing platforms, tools, data sources, agents, evidence, cases and human approvals into one governed workflow.

That is what an Agentic Intelligence Fabric is designed to do.

An AIF is not just another AI application sitting beside existing systems. It is the connective layer that lets approved agents work across existing systems without surrendering control.

At minimum, the layer must do three things. It must connect approved external and internal systems so that governed agents can work across them—preserving case context, source references and entity resolution across tool boundaries. It must govern access through role-based controls, audit trails for both agent and human actions and intervention points tied to real operational risk. And it must deploy in the environments where the mission actually runs—cloud, sovereign cloud, on-premises, air-gapped or edge—without forcing the buyer to compromise on security posture or sovereignty.

The point is not to automate intelligence away from analysts.

The point is to let analysts operate faster while keeping judgment, accountability and mission authority where they belong.

Where the Work Runs Matters as Much as What Runs

Federal missions do not run in one environment.

The same workflow may need to operate in cloud today, in a sovereign or Government cloud tomorrow, in an on-premises environment for sensitive cases and air-gapped or at the edge for classified or forward-deployed work.

A fabric layer earns its name only if the operating model—cases, evidence, controls, agents—is preserved across all of them. Anything less forces the agency to maintain different intelligence operations in different boundaries, with different audit posture and different governance gaps.

Deployment is not an afterthought to the workflow. It is part of the workflow.

A Practical Example

Consider an analyst preparing a targeting assessment ahead of an inbound shipment. The case begins with one question: does this consignment, this consignor or this route warrant a closer look?

Answering that question pulls the analyst across five systems—an OSINT platform for entity discovery, an internal targeting database, a sanctions screening tool, a trade-data source and a case management application. The work gets done. But the evidence trail lives across five exports, the entity matches are made by hand and the assumptions behind each step are remembered, not recorded.

The goal should not be to replace any of those systems with a separate AI interface.

The better model is to let governed agents work across them.

A governed agent can retrieve the entity context, surface candidate matches across systems, preserve source references, highlight the sanctions hits that need escalation, identify contradictions and prepare a structured draft for the analyst’s review.

The analyst remains responsible for the assessment.

The system preserves what the agent did, which tool it used, which records it merged, what it ignored, what assumptions it made and where the human accepted, changed or rejected the output.

In this model, agentic AI does not become an uncontrolled layer of automation. It becomes a governed extension of the operational workflow.

That is the difference between using AI as a sidecar and operating AI as the connective tissue between intelligence tools.

Why This Matters for Government Adoption

Government AI adoption will not be decided only by model quality.

It will be decided by whether AI can work inside real operational constraints: existing systems, procurement realities, security controls, audit requirements, human review, deployment restrictions and the need to defend decisions under scrutiny.

Standalone AI tools can demonstrate impressive capability in isolation. But Government work rarely happens in isolation.

The work happens across systems, authorities, policies, teams and environments. The AI architecture has to respect that reality.

This is why the next generation of intelligence systems needs to unify four layers:

OSINT as a source layer.
Agentic AI as the workflow capability that can operate across tools.
Intelligence as the governed production of judgment, evidence and action.
Agentic Intelligence Fabric as the operating layer that connects existing systems, data, agents, cases and decisions.

When those layers are separated, organizations get more tools, more interfaces and more risk. When they are connected properly, AI can help existing investments become more useful without weakening control.

From AI Tools to Agentic Operations

The Government and enterprise market does not need AI for its own sake.

It needs AI that can operate responsibly inside mission workflows.

That means agents must be able to use approved tools, but not exceed their authority. They must accelerate analysis, but not hide uncertainty. They must produce outputs, but keep those outputs attached to evidence. They must work across platforms, but leave a trail that can be audited, challenged and reviewed.

This is the category WhoMeta is building toward with Arqent: an Agentic Intelligence Fabric for evidence-native, human-governed, sovereign intelligence operations.

The future of intelligence will not be defined by the organization that collects the most data or deploys the most AI features.

It will be defined by the organization that can connect its existing systems into accountable agentic workflows and still prove what it knows.

Ready to connect your intelligence systems without losing control? Explore how WhoMeta’s Agentic Intelligence Fabric brings your existing tools into one governed, auditable workflow.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including WhoMeta, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Student Safety and Success: Secure Communications In Education

Posted on by Daniel Calantoni

Teachers, administrators and other staff in education have many regulations to be aware of when communicating with and about students and parents. From the Health Insurance Portability and Accountability Act (HIPAA) and the Family Educational Rights and Privacy Act (FERPA) to a variety of regulations individual to each state, educators have both a legal and moral obligation to keep their communications transparent, auditable and policy compliant. MultiLine by Movius is a secure, cloud-based, cost-effective solution that provides a unique phone number for professional communications utilizing an educator’s personal device, all while establishing clear and strong boundaries between the two forms of communication.

Communication Channels: Not Just Between Teacher and Student

Communication is a vital part of an educator’s job. Being available for a student and for their parents or guardians to answer questions or address concerns strengthens that relationship and promotes a student’s growth and success. However, there are significant challenges that K-12 organizations face when utilizing unmonitored and unrecorded forms of communication. Without a way to monitor correspondence, organizations open themselves to liability risks with legal and compliance blind spots, especially with sensitive information.

In one case, a staff member inadvertently shared student updates with a non-custodial parent. When the issue came to light, it led to a FERPA review. Because the communication took place on a personal device, there was no accessible audit trail, making it difficult to fully document what occurred and increasing compliance risk for the district.

In another example, district leadership discussed an active investigation via personal text messages. When those messages were later requested, some were unavailable or incomplete, creating challenges with documentation and chain of custody. This situation introduced potential legal exposure, along with additional costs tied to e-discovery and review.

These incidents outline only a few ways K-12 institutions risk compliance violations when communication channels between education staff, students, parents and guardians go unmonitored.

The MultiLine Solution

Regarding mobile communications, there are two main modes that education staff utilize: personal devices or a district-issued devices. Each come with their own drawbacks. Personal devices are convenient and cost-effective, but lack the ability to log, audit and monitor correspondence. On the other hand, district-issued devices have some stricter monitoring capabilities; however, they are expensive to maintain and carrying two mobile devices is inconvenient to staff. An ideal solution to the communication challenges facing K-12 organizations balances the convenience of a personal device and the security of a district-issued device.

MultiLine by Movius is an artificial intelligence (AI)-powered mobile-first experience for voice, Short Message Service (SMS), social messaging and Microsoft Teams. Education staff can download the Movius application on any smartphone, tablet or desktop computer, including any device privately owned by the staff member. Through the application, the user is assigned a secure, district-owned number to the device. This number does not operate under the personal phone’s carrier and does not touch any personal emails, text messages or searches, creating clear separation of personal and professional lines.

MultiLine logs and audits all texts and calls for transparency and accountability, ensuring FERPA, HIPAA and district policy compliance. Every message and call is automatically logged, encrypted with AES-256 and stored in a secure cloud archive, which is accessible by district administrators for monitoring, auditing and parental review. Additionally, MultiLine preserves institutional knowledge through the application, even through staff turnover. As one staff member leaves, their MultiLine phone number can be reassigned to the incoming staff member through the Movius administrative portal. Overall, MultiLine reduces legal exposure and supports risk mitigation.

School districts face budget shortfalls and increasing pressure to stretch every dollar while providing the greatest educational experience possible for their communities. In addition to being secure and transparent, administrations need cost-effective communication solutions. Switching to MultiLine from cellular stipends cuts communication costs by over 50%, while adding policy protection, logging and auditability capabilities.

On June 27, 2025, Kentucky enacted Senate Bill 181 (SB 181), requiring public schools to use traceable, archivable and parent-accessible platforms for all electronic communications between staff and volunteers and students. While it is legally codified in Kentucky, there are several advantages to having strict delineations between personal and professional communication methods in education. Having thorough security, logging and monitoring of staff, parent and student digital correspondence not only minimizes noncompliance risk, but ensures that students are getting the most out of their education.

Watch Movius’ webinar “Improving K-12 Student Attendance and Engagement in 2026 with MultiLine” to further explore the advantages of fully monitored and logged communication channels for education professionals.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Movius, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Modernizing Higher Ed IT: Equinix for Research Universities

Posted on by Verbina Dhamejani

Leading research universities constantly push the boundaries of human knowledge. Your faculty and students rely on advanced technologies to make breakthrough discoveries, analyze massive datasets and collaborate with experts around the globe. But as these academic ambitions grow, the physical technology supporting them often struggles to keep up.

Legacy on-campus data centers often lack the capacity to handle the intense power and connectivity demands of modern computing. This infrastructure gap creates a severe bottleneck, slowing down critical research and complicating the pursuit of Federal funding.

Carahsoft and Equinix have partnered to help universities overcome these hurdles. By shifting from aging campus facilities to a colocation data center full of modern digital infrastructure, you can accelerate discovery, streamline hybrid cloud strategies and enhance your competitive edge for Federal grants.

Here is how you can design the digital foundation your university needs to thrive.

Powering the Next Generation of AI and HPC

The most complex research projects, particularly those involving artificial intelligence (AI) and High-Performance Computing (HPC), require unprecedented processing power. Legacy campus data centers were not built to support the dense, power-hungry servers necessary for these workloads. As a result, many universities face significant power and cooling limitations for modern GPU-based computing.

AI-ready data centers are built to handle these precise demands. Instead of sinking millions into renovating aging campus facilities, universities can leverage colocation services that provide the specialized cooling and energy density required to run high-performance supercomputers and deep learning models efficiently.

By offloading the physical infrastructure burden, your IT team can stop worrying about power outages or cooling failures and start focusing on what truly matters: empowering researchers to process massive datasets and reach conclusions faster.

Securing Grants with Strict Compliance

Federal grants are the lifeblood of university research programs and data sovereignty and privacy regulations increasingly shape how and where educational institutions can process AI data.

For IT and security leaders (CISOs), navigating frameworks like CMMC, FISMA High, HECVAT or HIPAA is a top priority.

Academic research often involves working with sensitive or Controlled Unclassified Information (CUI). Storing this data in vulnerable environments puts your institution at risk.

Utilizing colocation facilities can simplify the path to compliance by offering private, direct connectivity that bypasses the public internet. This ensures that sensitive research data remains protected both in transit and at rest. When your university can confidently demonstrate robust security controls and data sovereignty to Federal agencies, you gain a significant advantage in grant competitiveness.

Seamless Collaboration and Hybrid Cloud

Academic research is rarely an isolated effort. True innovation happens when universities collaborate with national labs, Federal agencies, private industry and peer institutions worldwide. This requires secure, high-speed data sharing across vast geographic distances.

Interconnected infrastructure offered by colocation providers allow universities to create secure physical and virtual links into a global ecosystem of research partners. This provides you with the ability to quickly transfer massive datasets to collaborating institutions without the frustrating latency or security risks associated with standard internet connections.

Many IT leaders are adopting hybrid cloud strategies to gain more efficient, cost-effective access to computing resources. To make that strategy work, it is essential to choose a colocation provider with a strong ecosystem that aligns with your specific requirements. That includes the right mix of cloud providers, networks, neoclouds and research partners to support your workloads, performance goals and growth plans. A well-connected provider does more than house infrastructure; it gives you the flexibility, reach and partner access needed to build a hybrid cloud environment that is resilient, scalable and fit for purpose.

Securing Your Digital Future with Equinix

The demands on university data centers will only increase as AI adoption grows and Federal grant requirements become more stringent. A strong digital foundation built on high-performance data centers like Equinix helps universities scale AI infrastructure globally with greater speed and efficiency. This enables institutions to run high-performance computing workloads, securely share sensitive data and connect more easily with the global research community.

Through software-defined, secure interconnection with Equinix Fabric, universities can connect directly to leading cloud and SaaS providers, including AWS, Microsoft Azure, Google Cloud, Salesforce and Workday. This gives research teams fast, reliable access to critical digital resources while reducing complexity and improving control. It also allows institutions to scale workloads to the public cloud during periods of peak demand and scale back when needed to improve performance and manage costs.

Optimize your Cloud Access Strategy

A strategic Carahsoft technology partner, Equinix is is committed to helping universities design future-ready IT infrastructure. Whether your top priority is optimizing your cloud access strategy, supporting your AI infrastructure goals or securing data for your next major research grant, Equinix provides the tools you need to succeed.

If you are exploring ways to modernize your digital infrastructure or want to learn how your peers are navigating these exact challenges, Carahsoft and Equinix are here to help. Reach out to the digital infrastructure specialists at Carahsoft to schedule a brief discussion or an executive briefing to dive deeper into your university’s specific goals.

Let us help you accelerate discovery and power the next generation of academic innovation.

Come meet Equinix at EDUCAUSE 2026 at Booth #210!

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Equinix, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Better Together: How Nutanix and AccuKnox Are Securing the Tactical Edge, and Beyond

Posted on by Bill Kalogeros and Phillip Porras

Modern defense operations demand more than connectivity; they demand resilience. As mission environments grow increasingly contested and disconnected, the ability to process intelligence, deploy applications and enforce security at the edge has become a strategic imperative. Nutanix and AccuKnox have built a compelling answer: a tightly integrated platform that pairs the Nutanix Kubernetes Platform (NKP) with AccuKnox’s Zero Trust security layer to deliver a complete, hardened stack, from the software factory to forward-deployed vessels to orbiting satellites. This hardened stack is also hardware agnostic and can be deployed on bare metal tactical servers, and up to IL6+ Govcloud instances. For the Department of War (DoW) architects, system integrators and space operations professionals, the critical question is no longer whether to modernize, but how to do it in environments where reach back is unreliable, swap space is constrained and the cost of failure is operational.

Kubernetes as the Foundation for Tactical Edge Operations

Delivering enterprise-grade infrastructure to physically remote, resource-constrained environments requires more than Kubernetes alone. Kubernetes represents roughly 30% of the solution; the remainder is a curated ecosystem of microservices, service mesh, observability tools and storage integrations that together form a complete operational platform. Without that full stack, organizations risk spending months assembling disparate open source components, only to find that their workloads are still unable to reach production. The NKP addresses this by delivering a pre-integrated, hardware-agnostic solution deployable on bare metal, in the cloud or fully air-gapped at the tactical edge. Whether the use case is a carrier strike group operating disconnected at sea, a forward-deployed Army unit running legacy virtual machines (VMs) alongside containers, or an Unmanned Aerial Vehicle (UAV) requiring a minimal footprint, NKP provides a single platform capable of self-healing, automated scaling and continuous operation, regardless of connectivity status.

AI Delivery and Agentic Capabilities in Disconnected Environments

In contested environments, artificial intelligence (AI) cannot depend on cloud inference. It must run locally, reliably and securely. Nutanix Enterprise AI layers on top of NKP to provide a managed platform for running Large Language Models (LLMs), Retrieval-Augmented Generation (RAG) systems and agentic AI applications with full GPU support, all within disconnected environments. At a recent TechNet San Diego demonstration, RAG AI was used to surface answers from complex naval system maintenance manuals in seconds, a direct application for shipboard readiness operations. Agentic platforms are now deployed with Army units and fielding requests from naval activities, running fully on NKP hardware aboard vessels and mobile command centers without internet dependency. AI models trained at core installations are pushed to forward-deployed assets, where they run locally and queue updates for synchronization upon reconnection, preserving operational continuity without compromising security or model integrity.

Zero Trust Security Woven Into Every Layer

Security at the tactical edge requires continuous policy enforcement at every layer of the software stack, from code commit to container runtime in the field. AccuKnox integrates below the application layer to enforce least-permissive security policies at the kernel level using eBPF-based telemetry. Its Discovery Engine analyzes applications both statically and dynamically, automatically generating security manifests that accompany each application throughout its full deployment lifecycle. These policies define exactly where an application can communicate, what data it can access and how it may interact with adjacent system components—creating enforcement that is architectural rather than reactive. For acquisition officials and Authorizing Officials (AOs) managing distributed mission systems, the platform also automates the generation of compliance evidence covering Security Technical Implementation Guides (STIGs), Common Vulnerabilities and Exposures (CVEs) and relevant security frameworks, compressing what has historically been a months-long manual process into continuous, audit-ready assurance.

Extending the Stack to Orbit: DevSpaceOps

The Nutanix and AccuKnox partnership extends beyond the terrestrial edge to software-defined satellites and orbital platforms. Modern satellite platforms support containerized payloads, multi-tenancy and high-tempo software updates, and they carry significant security exposure. A representative sample of open source software deployed across current satellite initiatives contains more than 60 million lines of code and upwards of 20,000 CVEs. Unlike ground-based nodes, satellites cannot rely on real-time downlink for security decisions; they require local policy enforcement, runtime monitoring and eventually consistent posture reporting to the ground. The concept of DevSpaceOps, modeled on DevSecOps but adapted to the constraints of orbit, addresses how development teams can certify, deploy and manage satellite software with verifiable confidence, leveraging lightweight versions of KubeArmor, automated SPARTA TTP mapping and orbital security dashboards that give Space Operations Center (SOC) teams constellation-wide visibility into STIG compliance, CVE exposure and runtime violations.

One Stack, Every Domain

NKP delivers the hardware-agnostic, cloud-native platform that enables continuous operations across disconnected, multi-domain environments, from carrier strike groups to Army forward units to orbital constellations. AccuKnox ensures that everything running on that platform is secured, monitored and compliant at every layer of the stack. For defense organizations looking to reduce decision latency, accelerate the Authorization to Operate (ATO) lifecycle and ensure security travels with every workload, this joint solution offers a proven, fielded path forward.

To explore these capabilities in greater depth, including live demonstrations of sensor-to-shooter workflows, orbital security posture management and agentic AI in disconnected environments, watch the full webinar presented by Nutanix and Carahsoft.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Nutanix, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

From Visibility to Zero Trust: Enabling Federal Agency Cybersecurity at Scale

Posted on by Ben Brooks and Sean Gerrity

As Federal agencies accelerate their Zero Trust journeys in response to executive mandates and evolving compliance requirements, cybersecurity leaders face a fundamental challenge: they cannot protect what they cannot see. Zero Trust depends on complete, reliable visibility across modern cloud environments and legacy Operational Technology (OT) systems. Without that packet-level visibility, Zero Trust cannot be effectively enforced.

Closing the Network Visibility Gap

Most agencies rely on Switched Port Analyzer (SPAN) ports to correspond network traffic to security tools, but this approach can leave security sensors with incomplete data, especially in legacy OT environments. Garland Technology’s network Traffic Access Points (TAPs) address this directly. Passive hardware TAPs sit in line between network devices, duplicating traffic for monitoring tools. TAPs carry no Media Access Control (MAC) or Internet Protocol (IP) address, making them invisible to adversaries and work across virtually any vendor ecosystem without creating new visibility constraints.

For environments that need strict one-way data flow, hardware data diodes add another layer of protection. They enforce unidirectional traffic at the circuit level, replacing or working alongside existing SPAN or mirror ports without requiring a full infrastructure overhaul. With National Cross Domain Strategy & Management Office (NCD SMO) certification in its final stages, hardware-based data diodes offer Federal agencies a compliance-ready path to enforce one-way traffic.

Distributing Visibility Intelligently with Packet Brokers

Complete network visibility across a Federal environment involves more than a single TAP or sensor. Traffic moves across multiple links, environments and speeds, and it must be routed to the right monitoring and security tools. Network packet brokers from Garland Technology help agencies receive data from multiple sources and distribute them.

Packet brokers make large-scale visibility manageable through capabilities including:

Aggregating traffic from multiple feeds
Filtering relevant data streams
Load balancing across tool sets
Deduplicating redundant packets
Slicing and timestamping packets for precision analysis
Tunneling traffic across segmented environments

These features reduce overload and improve monitoring performance. In practice, packet brokers can feed targeted traffic simultaneously into Security Information and Event Management (SIEM) platforms, intrusion detection systems, network performance monitors and other sensors.

In OT environments structured around the Purdue model, packet brokers typically sit at the operations systems level, aggregating traffic from TAPs and SPAN ports at lower network layers and routing it upward, through data diodes where required, into the tool sets where security teams can act.

Converging IT and OT for Zero Trust Compliance

Zero Trust is accelerating IT and OT convergence. The National Institute of Standards and Technology (NIST) Zero Trust Architecture (ZTA) framework, along with agency-specific guidance, demands continuous verification of users, devices and applications across the entire network. This is especially challenging because many OT devices in Government networks are decades old and cannot support software updates or inline security tooling without disrupting critical operations.

A practical approach is to leave those systems in place while using network TAPs to pull traffic from legacy OT devices without interrupting operations. That allows security platforms to analyze activity, apply threat intelligence and enforce policy at the network level without touching the devices themselves.

This visibility also enables virtual patching. When a firewall platform can identify an OT device’s version and known vulnerabilities, it can block traffic patterns associated with known threats at the network level without interrupting critical operations. Security teams can also tailor the virtual patching profile to the devices in their environment, resulting in a consolidated, visual asset inventory that maps how OT devices are organized across the network.

A Unified Security Fabric for Continuous Assessment

Zero Trust depends on multiple capabilities working together, including identity, access permissions, segmentation, policy enforcement and continuous assessment. At Federal scale, those functions are most effective when they are integrated rather than spread across disconnected tools. That is where Fortinet Federal brings its security fabric alongside Garland Technology’s visibility infrastructure.

A unified next-generation firewall platform, Fortinet Federal’s FortiGate platform combines routing, Software-Defined Wide Area Network (SD-WAN), segmentation and threat detection into a single operating system, FortiOS, reducing blind spots. FortiGate also extends visibility across switches and wireless access points, enabling security teams to enforce policy more consistently across users, devices and applications.

This consolidated visibility supports Zero Trust Network Access (ZTNA) by applying consistent policy and authentication standards across remote and on-premises users. Threat intelligence further strengthens this model by continuously updating and distributing protections across the environment. FortiGuard Labs sustains this visibility and enforcement through a global threat intelligence network that continuously feeds into Network Operations Center (NOC), Security Operations Center (SOC), Security Orchestration, Automation and Response (SOAR) and SIEM platforms, enabling teams to investigate threats and respond in a coordinated manner.

A Trusted, Compliant and Isolated Security Supply Chain

For Federal agencies, Zero Trust readiness also depends on the integrity of the security supply chain. Security tools must come from vendors with the structure, compliance posture and operational safeguards required for Federal deployment.

Fortinet Federal delivers industry-leading cybersecurity and secure networking capabilities to the U.S. Government through a dedicated, independently operated and federally aligned organization. Its purpose is to serve as a trusted mission partner—providing validated, secure supply chain assurance as well as high-performance and cost-efficient technology.

On the visibility side, Garland Technology’s American-manufactured hardware purpose-built for network TAPs, packet brokers, inline bypass and data diodes helps agencies scale to full-time continuous monitoring architectures without requiring major platform changes or vendor transitions.

Building Toward a More Secure Future

The path to Zero Trust in Federal environments requires the right partners working together. Garland Technology provides purpose-built visibility infrastructure that reliably delivers packet data across IT and OT environments without disrupting legacy systems or creating new points of failure. Fortinet Federal’s federally vetted, supply-chain-isolated security platform turns that visibility into enforceable policy through threat intelligence, network segmentation, ZTNA and continuous assessment. Together, Garland Technology and Fortinet Federal give agencies the integrated foundation needed to implement Zero Trust at scale, protect critical infrastructure and stay ahead of evolving threats.

To learn more about achieving packet visibility and Zero Trust at scale, watch Fortinet Federal and Garland Technology’s webinar, “From Visibility to Zero Trust: Enabling Federal Agency Cybersecurity at Scale.”

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Fortinet and Garland Technology, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

VMware Private AI: Secure, Scalable AI Adoption for Healthcare

Posted on by Chris Catano

Demand for artificial intelligence (AI) is nearly universal with approximately 98% of healthcare executives reporting a desire to implement or expand AI capabilities, yet most remain stalled at the starting line. The barrier is not a lack of ambition, but rather the complexity of execution. Fragmented platforms, unclear procurement pathways and the difficulty of integrating AI with sensitive patient data have made deployment feel out of reach for many care teams. Broadcom’s VMware Private AI, now natively embedded within VMware Cloud Foundation (VCF) 9, is designed to change that equation.

From Add-On to Foundation: The VCF 9 Integration

The most significant architectural shift in Broadcom’s AI strategy over the past year is the evolution of VMware Private AI from a standalone service into a core component of the platform. With VCF 9, organizations that already hold VCF licensing have immediate access to Private AI capabilities without separate procurement or added complexity.

This shift is especially meaningful for healthcare IT leaders tasked with balancing innovation and compliance in highly regulated environments. By embedding AI capabilities directly into the foundational infrastructure layer, VMware Private AI eliminates the “moving parts” that have historically made AI deployments costly and unpredictable. Healthcare organizations can now activate and govern AI workloads within an environment they already operate and trust.

Five Components Built for Production-Ready AI

VMware Private AI is organized around five functional pillars, each designed to address a specific stage of the AI lifecycle, from model governance to real-world deployment:

Model Store: A secure repository where models are curated, tested and governed before entering production, ensuring only validated and policy-compliant models used in clinical or administrative environments.
Service Infrastructure: Templatized deep learning virtual machines (VMs) that can be provisioned on demand, accelerating deployment timelines while maintaining standardization and security controls.
Model Runtime: The generative AI (GenAI) execution layer handles active model inference, forming the operational core of the Private AI environment.
Model Insights and Action: Tools that support model interaction, response logic and fine-tuning, enabling teams to continuously refine AI performance using real operational data.
Vector Databases with Retrieval Augmented Generation (RAG): Instead of retraining base models with proprietary data, RAG enables AI systems to retrieve and reference internal knowledge in real time, delivering accurate, contextually relevant outputs without exposing sensitive data externally.

Keeping Healthcare Data Where It Belongs

Data sovereignty remains a non-negotiable priority in healthcare. Patient records, clinical notes and operational data are governed by strict regulatory requirements, and any AI solution that routes this information through public cloud services or third-party providers introduces significant compliance risk.

VMware Private AI addresses this directly through its RAG-based architecture. By connecting AI models to internal data sources—including SharePoint repositories, local file systems and internal databases—and processing information within the organization’s own infrastructure, the solution ensures that sensitive data never leaves the controlled environment. Documents are segmented into discrete chunks that the model can reference contextually, producing outputs grounded in the organization’s actual knowledge base rather than generic training data.

Additionally, new observability tools provide administrators with real-time visibility into model health, capacity utilization and Application Programming Interface (API) access patterns, supporting both operational continuity and security monitoring.

Healthcare Use Cases: From Clinic to Back Office

VMware Private AI supports a broad range of healthcare applications across four primary domains:

Clinical Decision Support: AI-assisted tools that help clinicians navigate complex case data supports precision medicine and population health initiatives.
Administrative Automation: Automated documentation, clinical annotation and digital chat assistance for care teams reduces clerical burden, staff burnout and documentation backlogs.
Patient Engagement: AI-powered digital assistants that guide patients through post-discharge treatment plans improve adherence and reduce readmission risk.
Operational Efficiency: Predictive maintenance for medical equipment and AI-driven resource allocation optimizes capacity management for healthcare systems.

The broader vision is a shift toward ambient intelligence, AI that monitors, learns and assists in real time without requiring manual prompting, freeing care teams to focus on patients and less on administrative systems.

A Practical Framework for Getting Started

Not all AI use cases offer the same balance of value and implementation complexity. Broadcom recommends a prioritization framework that evaluates each potential application against two key dimensions:

The value delivered to patients or the organization
The complexity required for deployment

By starting with high-value, low-complexity use cases, such as administrative automation or patient communication, organizations can build momentum, demonstrate Return on Investment (ROI) and develop internal expertise before advancing to more complex clinical applications.

This phased approach reflects a broader evolution in healthcare AI. It is no longer confined to research environments; it is now an operational capability. Organizations that approach AI with deliberate governance, clear prioritization and secure foundational infrastructure will be best positioned to realize its full potential.

Explore how VMware’s Private AI capabilities can support your organization’s clinical and operational goals.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including VMware, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

The Importance of Creativity in Government and How Creative Software Improves Digital Workflows

Posted on by Gary Reburn

In today’s rapidly changing world, Government agencies are under immense pressure to deliver efficient, transparent and citizen-focused services. They often work with limited budgets and follow strict rules. Although creativity is commonly associated with the Private Sector, it has become increasingly important in the Government space. Creative thinking allows employees to develop better solutions for complex challenges, such as emergency response and policy implementation. Adobe’s creative software plays a valuable role in this shift by helping agencies improve their digital workflows, reduce delays and operate more effectively while meeting high standards for security and compliance.

The Value of Creativity in the Public Sector

Creativity in the Public Sector goes beyond new ideas. It helps agencies address important issues like public health, infrastructure improvements and fair access to services. By encouraging fresh thinking, Government teams can create clearer communications for citizens, present complex data in simple ways and design programs that truly meet community needs. When creativity is supported, agencies tend to achieve better results, build stronger public trust and adapt more easily to change. Without creative approaches, traditional processes can limit progress and make it harder to serve the public effectively.

Enhancing Digital Workflows with Creative Software

One area where creativity makes a real difference is in digital workflows. Many Government operations still depend on manual, paper-based steps that take considerable time and effort. Creative software tools help transform these into faster, more collaborative digital processes. Applications for graphic design, video production, document creation and data visualization enable teams to produce professional materials more efficiently. This includes public awareness campaigns, reports and e-learning training resources. Improved system integration also makes it easier for departments to share information and collaborate effectively.

Bottlenecks remain a common challenge in Government. Excessive paperwork, lengthy approval processes and outdated systems often cause delays, increase costs and reduce productivity. Creative software and automation offer a practical way to address these issues. By simplifying routine tasks, agencies can save significant time and resources. Features such as electronic signatures, document templates and real-time collaboration help speed up processes that could take up to twice as long using traditional methods.

Real-World Success Stories

Several Government agencies have seen clear benefits from creative software. Adobe Creative and Adobe Document Cloud, featuring Adobe Acrobat and Adobe Acrobat Sign, further helps by automating document-related tasks. The City of Denver used Adobe Creative Cloud to strengthen its online services and public outreach campaigns (City of Denver Case Study, n.d.). The Federal Aviation Administration (FAA) integrated these tools to modernize its grants management process. This change reduced paperwork and allowed funding for major infrastructure projects to proceed at a faster pace (FAA Case Study, n.d.). The United States Marine Corps achieved a 38 percent reduction in Adobe eLearning production costs by updating its training workflows with Adobe solutions (USMC Case Study, n.d.). The U.S. Census Bureau also realized substantial savings—between $1.4 billion and $1.9 billion—by digitizing forms and outreach efforts (US Census Bureau Case Study, n.d.). Importantly, Adobe’s tools are designed to meet strict Federal security, accessibility and compliance requirements.

A Step Toward More Effective Government

By embracing creativity through secure and accessible creative software tools, Government agencies can reduce operational bottlenecks and deliver better service to the public, supporting greater efficiency, innovation and accountability.

Check out our on-demand webinar series for more information about how Adobe solutions empower teams to streamline workflows, harness AI-driven tools and elevate creative output.

Sources

“City and County of Denver Case Study.” https://business.adobe.com/customer-success-stories/city-county-denver-case-study.html

“Automating digital documents to improve government efficiency and effectiveness.” May 1, 2024. https://blog.adobe.com/en/publish/2024/05/01/automating-digital-documents-improve-government-efficiency-effectiveness

“USMC Extends Elite Training to the Digital Classroom.” https://business.adobe.com/customer-success-stories/usmc-case-study.html

Adobe Customer Success Story – “U.S. Census Bureau.” The savings range reflects estimates from Government Accountability Office (GAO) reporting on the 2020 Census digital innovations. https://business.adobe.com/customer-success-stories/us-census-bureau-case-study.html

Adobe Customer User Cases. Government Solutions: Efficient, Impactful, Modernized

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Adobe, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.