ORock builds a government-grade container service with Red Hat

Cloud service provider ORock Technologies (ORock) needed a technology partner to help it build a secure enterprise open source cloud solution for government and highly regulated industries. Red Hat worked with ORock to build a cloud environment on Red Hat OpenStack Platform, a container service on Red Hat OpenShift Container Platform, and to gain Federal Risk and Authorization Management Program (FedRAMP) accreditation. Thanks to its partnership with Red Hat, ORock holds a unique position in the FedRAMP marketplace, from which it is well positioned to grow.

image container


  • Drove growth by providing technology and resources critical to FedRAMP accreditation 
  • Increased exposure by raising market awareness, building credibility
  • Enabled the CI/CD pipeline customers are looking for

ORock Technologies

Founded in 2014, ORock Technologies provides IT infrastructure and cloud solutions for secure data operations in government and highly regulated industries. With its headquarters in Virginia, the early-stage company manages its own open source cloud environment, ORockCloud. Its 45 staff members primarily help U.S. government customers to continuously satisfy their stringent security and compliance requirements as they move to the cloud. “Our Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) capabilities allow organizations to capitalize on the flexibility and scalability of cloud computing while maximizing data security, performance, predictability, and control,” said Gregg Hrncir, Chief Executive Officer at ORock.

From day one, ORock has sought to meet the specific demands of customers with multicloud needs who want to ensure high levels of security and adopt open source. “We believe the open source movement is going to shape what enterprises do,” said Matthew Plummer, Chief Cloud Architect at ORock. “Open source doesn’t lock customers into a specific environment or proprietary set of tools.”

A FedRAMP-accredited cloud

ORock spent its first year building a cloud environment based on proprietary software. “Working with the hyperscale cloud providers led to vendor lock-in,” said Hrncir. After discussions and exploring what the cloud provider industry leaders were doing, ORock turned to Red Hat. The young company joined the Red Hat Certified Cloud and Service Provider (CCSP) Program, hired Red Hat certified engineers, and embraced Red Hat technologies. 

Red Hat has worked hand in hand with ORock for more than three years, offering the company invaluable resources and support. “We could not have built our open source cloud environment and container services without Red Hat,” said Hrncir. “Red Hat expertise has been critical.”

Red Hat also invested significant resources in helping ORock gain FedRAMP accreditation. FedRAMP is a U.S. government-wide program providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. ORock achieved FedRAMP Moderate accreditation in partnership with Red Hat in June 2018 and appears in the FedRAMP marketplace, authorizing government agencies to use its offerings. It has recently taken its FedRAMP accreditation and is now approved at FedRAMP High Ready.

Being a Red Hat CCSP program member ensures ORock is always ready and able to use Red Hat innovations, and can provide assurance to its end customers that its infrastructures and offerings are certified and fully supported by Red Hat. As Red Hat releases product updates, it provides training on them for its partners. “The Red Hat training was critical to us successfully building our offerings,” said Plummer. “The training we received as Red Hat released updates was a very valuable resource.”

Building an open source cloud solution

ORock and Red Hat worked in partnership to build ORockCloud on Red Hat products: a foundation based on Red Hat Enterprise Linux and infrastructure based on Red Hat OpenStack Platform. “ORockCloud is trusted by the open source community because it’s built on a stable kernel from Red Hat,” said Plummer, “that kernel being Red Hat Enterprise Linux.” Together ORock and Red Hat took ORockCloud through the FedRAMP accreditation process. ORock became the first and only cloud service provider in the FedRAMP marketplace with a moderate authorization based on a solution built with Red Hat OpenStack Platform. 

ORock later adopted other products in Red Hat Cloud Suite, including Red Hat OpenShift Container Platform, Red Hat Virtualization, Red Hat Ceph StorageRed Hat Ansible Automation Platform,  and Red Hat Satellite. It built a Secure Containers as a Service offering based on OpenShift containers running in the FedRAMP Moderate ORockCloud. “We recently became the only cloud service provider to offer a fully managed, FedRAMP-authorized container service based on OpenShift,” said Plummer, “and the only cloud provider to offer FedRAMP-authorized Ceph storage.”

A secure technology from a trusted partner

Growing with Red Hat

ORock’s business has matured over the course of its almost four-year partnership with Red Hat; it won its first contract in 2018. Hrncir describes how ORock would not have landed its first customer without the FedRAMP accreditation achieved with Red Hat, “The FedRAMP accreditation we gained with Red Hat is a critical differentiator. It demonstrates our viability and the market value our solutions bring.”

The Red Hat OpenShift Container Platform has also been critical to the cloud service provider’s success. It is the basis of ORock’s unique Secure Containers as a Service offering, a solution satisfying a specific niche: customers looking for a FedRAMP-certified managed container platform. “OpenShift not only provides reliability and continuous innovation,” said Plummer, “but enhanced security, including SELinux-powered container isolation and FIPS (Federal Information Processing Standard) validated encryption, which is a key FedRAMP requirement.” 

Building market awareness and credibility 

As a small company, ORock’s marketing budget is limited. Its partnership with Red Hat has helped raise market awareness and generate demand around its cloud environment and managed secure container service, particularly within the government space. “Red Hat has promoted ORock in the Red Hat partner community and to its field sales teams,” said Hrncir, “so people know who we are and what we do.” Red Hat also increased exposure for ORock by promoting its Container as a Service offering on social media and in the press during its launch.

The partnership is also helping ORock meet potential partners who are ready, willing, and able to collaborate to take new offerings to market. “Having the Red Hat team working with us to identify channel partners who are a good fit for us has been really valuable,” said Hrncir. ORock’s go-to-market strategy now embraces Red Hat channel partners and distributors. ORock with its partners has run successful workshops demonstrating the Red Hat OpenShift Container Platform hosted in ORockCloud, increasing brand awareness. 

As well as helping ORock gain exposure, Red Hat is also helping ORock build credibility. The Red Hat sales team highlighted the depth and importance of the partnership at a recent IT Sales Summit. “The recognition and validation that comes from Red Hat and having the Red Hat CCSP logo on our materials are really important for a small company competing against the biggest companies in the world,” said Hrncir. 

Putting customers in control

Red Hat technology is critical to ORock’s success, offering the easy-to-use platform for running Kubernetes that ORock and its customers are looking for. “Red Hat OpenShift provides the security, tooling, and Application Program Interface (APIs) that every customer is asking for in a way that can be spun up very quickly and repeatably,” said Plummer. “The automation provided by Red Hat Satellite for provisioning reduces errors; without automation, you have human errors, security errors.”

A portal allows ORock’s customers to manage their entire environments, from the configuration and management of their Red Hat OpenStack instances to firewalls, routers, and switches. They can use Red Hat CloudForms to manage their virtual machines and private clouds and Red Hat Satellite automation to deploy consistent and reliable Red Hat OpenShift as a service environment for running their applications. 

Plummer also reveals that ORock’s customers are asking for Continuous Integration and Continuous Delivery & Deployment (CI/CD). To meet their demands, ORock has integrated preformed CI/CD pipelines that customers can run in their Red Hat OpenShift environments directly into its cloud instantiation. “The CI/CD pipeline includes a lot of different open source tools,” said Plummer. “And they integrate very nicely into Red Hat OpenShift.”  

Expanding horizons

While FedRAMP is a necessity in the public sector space, it has become a differentiator in the commercial markets; it creates an additional layer of security from a risk, compliance, and brand perspective for organizations needing to protect very sensitive data. “Our offering built on Red Hat products gives government-grade security to organizations across all verticals,” said Hrncir. “We are currently taking that government-grade environment and security to highly regulated commercial sectors, primarily financial services and healthcare, in partnership with Red Hat.” 

ORock is also looking at using its solutions built on Red Hat technology to pursue the media and entertainment industry. Media companies move large volumes of content across networks; their global supply chain has to be protected. “Media and entertainment companies are targets for ransomware and hack attacks,” said Hrncir. “The Red Hat platform serves us well going after that business: transporting large volumes of data securely and at high speeds in a predictable flat-rate cost model that is attractive to the media and entertainment space.”  

ORock has worked extensively with Red Hat from a technology perspective, providing development environments, testing Red Hat OpenStack, checking Red Hat Ceph Storage meets FIPS compliance, and more. As a Red Hat Premier Certified Cloud and Service Provider and participating in the High Touch Beta (HTB) program for Red Hat OpenStack, ORock has biweekly calls with the Red Hat OpenStack business unit to ensure Red Hat is supporting ORock to the fullest.

The ORock colleagues conclude by emphasizing the critical nature of its Red Hat partnership: “We would not be able to offer our differentiated solutions without the innovation, training, and resources from Red Hat. Our Red Hat partnership is critical to our success; we see it continuing for a long time.”

About ORock Technologies

ORock Technologies provides cloud services and IaaS solutions for Independent Software Vendors and enterprise customers in government, media and entertainment, and highly regulated commercial markets. ORock operates a private, high-performance fiber optic network and a FedRAMP Moderate open source cloud to meet stringent customer requirements for data security, performance, and compliance. ORock offers several hosting and connectivity options while supporting FedRAMP authorization and lowering cost of ownership for government and commercial enterprises.