CUI Enclave Providers for CMMC: How to Compare, Verify, and Choose the Right One

The Defense Compliance Report is an independent trade publication on CMMC 2.0 and DIB compliance. We are not affiliated with the Department of Defense, the Cyber AB, or any U.S. government agency, and this page is not legal or compliance advice.

If you handle Controlled Unclassified Information (CUI) for the Department of Defense and you've started comparing CUI enclave providers, here's the short version. A CUI enclave is a walled-off slice of your IT environment where CUI lives — so a CMMC Level 2 assessment can focus on a defensible boundary instead of automatically pulling in your whole company. For most small and mid-sized defense suppliers, where only a handful of people ever touch CUI, building one is the single highest-leverage move in all of CMMC.

There's a catch the sales calls won't open with — and it's the difference between a clean assessment and an expensive surprise. We'll get to it. We'll also show you the one piece of evidence that separates a real enclave from a marketing claim, because we read the underlying rule to confirm exactly what it requires. First, the map.

Start here: which row sounds like you?

This is the fast version. Find your situation, see where to start, and note the trap. Every claim below is unpacked — with primary sources — further down.

Not sure which row is yours?Answer a few questions about how CUI moves through your business and we'll point you to the provider category that fits your scope, level, and timeline — then connect you with verified providers who can respond. (“Verified,” for this page, means we check the provider's category, public credential or listing status where one exists, and claimed service scope, and we confirm whether they're acting as a readiness consultant, MSP/MSSP, secure-cloud provider, or enclave builder.)

What is a CUI enclave — and how does it cut your CMMC Level 2 scope?

A CUI enclave is a controlled environment — separated from the rest of your network either logically (through firewalls, VLANs, and identity/access controls) or physically (through dedicated hardware) — where all of your Controlled Unclassified Information is stored, processed, and transmitted. Under CMMC Level 2, the assessment evaluates the systems, people, and processes that handle CUI, so confining CUI to a defined enclave narrows the assessment to that enclave and the tools that protect it — rather than your entire company.

Here's the mechanism, in plain terms. The Cybersecurity Maturity Model Certification (CMMC) is the Department of Defense's program for verifying that contractors protect federal information. CMMC Level 2 — the level that applies to companies handling CUI — maps to the 110 security requirements in NIST Special Publication 800-171, Revision 2, organized into 14 control families. (Revision 2 is the controlling version for CMMC Level 2 today.) Without an enclave, every system that touches or could touch CUI is assessed against those requirements. A company with 80 employees where 6 people handle CUI can still end up with every computer, server, and cloud service in scope — because of how CUI moves.

An enclave flips that. Put the CUI in one defensible box and keep it out of everything else, and your scope narrows to the box plus the security tools that protect it. Two honest caveats keep this from being a fairy tale: the scope still includes the accounts and systems that protect or connect to the enclave, and any laptop, person, or cloud service that can still touch CUI comes along for the ride.

The five asset categories that decide what's in and what's out

This is the part that makes or breaks an enclave. 32 CFR § 170.19 codifies five asset categoriesfor a Level 2 assessment, and the DoD CIO's CMMC Level 2 Scoping Guide explains how to apply them:

• CUI Assets — anything that processes, stores, or transmits CUI. Assessed against all 110 requirements. This is the heart of your enclave.
• Security Protection Assets— tools that protect CUI even if they don't hold it: firewalls, your SIEM, identity provider, endpoint detection. Assessed against the requirements relevant to the protection they provide.
• Contractor Risk Managed Assets — assets that couldreach CUI but aren't intended to and aren't fully separated. Risk-managed under your policy, subject to a limited spot-check, not the full control set.
• Specialized Assets — operational technology, IoT devices, test equipment, government-furnished equipment. Documented in your System Security Plan and risk-managed, not assessed against the full control set at Level 2.
• Out-of-Scope Assets — physically or logically separated from CUI, with no protective role. Not assessed at all.

So the popular shorthand — “every system that touches CUI faces all 110 controls” — isn't quite right. Only CUI Assets get the full set. The others are handled differently, which is exactly why categorizing your assets before you buy a platformis the highest-leverage thing you can do. And the rule is unforgiving on one point: if an asset falls into any in-scope category, you cannot simply declare it out of scope. That's why a “secure file tool” alone rarely shrinks scope as much as vendors imply.

Yes, you can be assessed on an enclave instead of your whole enterprise

This is the regulatory green light most contractors don't realize they have. DoD's CMMC Level 2 scoping guidance is explicit that an organization can scope a certification assessment to its entire enterprise network or to specific enclave(s) — that language is right there in the CMMC Level 2 Assessment Guide. An enclave isn't a loophole or a gray area; it's a recognized scoping approach. The catch is that youpropose the boundary, and the assessor can challenge one that isn't genuinely enforced.

How much scope does that remove? Vendor estimates tend to land in the 40–80% range, with comparable cost reductions. Treat those as vendor-reported, not guaranteed — your number depends entirely on how cleanly you segment and how much CUI you can keep out of the rest of the business.

CUI enclave providers compared: which category fits your scope?

CUI enclave options fall into roughly five categories: an encrypted email-and-file overlay, a Microsoft 365 GCC High enclave, a Microsoft 365 GCC environment, an AWS GovCloud or Azure Government build, and a fully managed enclave — plus single-function tools that fill one gap inside a larger enclave. They differ on what's actually inside the assessment boundary, their FedRAMP standing, whether they support export-controlled data, and who operates them. Those four columns decide fit.

We built the table below by reading the DFARS cloud requirement and confirming each platform's FedRAMP standing against primary or authoritative sources, verified as of June 2, 2026. Re-confirm the live status yourself before you sign — we explain exactly how in the FedRAMP section, and it matters more than any other line here.

How the categories actually differ

Do you actually need GCC High — or is a lighter enclave enough?

You don't choose “GCC High” or “an enclave” in the abstract — you choose based on where CUI actually flows. If CUI is mostly file-and-email exchange for a limited group, a lighter encrypted enclave can be enough. If CUI is woven through company-wide Microsoft collaboration, or you handle export-controlled data, GCC High (or another U.S.-person-enforcing government cloud) becomes the realistic path. The deciding factors are export control, how embedded CUI is in daily work, and how many people touch it.

This is the most commercially important question on the page, because GCC High is expensive and a full migration is disruptive — and plenty of small suppliers get quoted a full migration when their real CUI footprint is narrow. Use this logic:

• You handle ITAR or export-controlled (EAR) technical data. You need U.S.-person-only access. That points to GCC High or AWS GovCloud, not GCC and not most overlays unless the overlay enforces U.S.-person access. This isn't a preference; it's a requirement of the data.
• Your CUI is non-export-controlled and runs across Microsoft collaboration, with several users. A GCC High enclave is the clean fit — or a full GCC High move if most of your people touch CUI.
• Only a handful of people exchange CUI, and you want minimal disruption. An encrypted email/file enclave keeps the rest of the company on commercial and gets you there fastest and cheapest.
• You have little in-house IT/security and want speed. A managed enclave with inherited controls.
• CUI is in apps, workloads, or engineering systems. AWS GovCloud or Azure Government plus a productivity layer.

There's an honest counterpoint worth stating: if most of your revenue is defense work and most of your staff touch CUI all day, the split-personality friction of an enclave — two identities, two places to look, constant “which mailbox is this?” decisions — can cost more in lost time and user error than just moving everyone into GCC High.

FedRAMP “Authorized” vs. “Equivalent”: the distinction that fails assessments

“FedRAMP Moderate Authorized” means a cloud service holds a FedRAMP authorization and appears in the FedRAMP Marketplace. “FedRAMP Moderate Equivalent” means a FedRAMP-recognized third-party assessor has confirmed the service meets 100% of the FedRAMP Moderate controls — with no open findings from that assessment — under DoD's December 2023 equivalency memo, even though it is not listed in the Marketplace. Both can satisfy the DFARS cloud requirement; a vague, unverified “FedRAMP” claim that turns out to be neither is exactly what creates a finding in your assessment.

Here's where the requirement comes from. DFARS clause 252.204-7012— “Safeguarding Covered Defense Information and Cyber Incident Reporting,” in DoD contracts since 2016 — says that if a contractor uses an external cloud service provider to store, process, or transmit covered defense information, the contractor must require and ensure the provider meets security requirements equivalent to the FedRAMP Moderate baseline, andcomplies with the clause's paragraphs (c) through (g) on cyber-incident reporting, malicious software, media preservation, forensic access, and damage assessment.

Then, on December 21, 2023, DoD's CIO issued a memodefining what “equivalency” actually demands — and it's strict. Equivalency is not a vendor saying “we're basically FedRAMP.” It requires:

• 100% compliance with the latest FedRAMP Moderate baseline (NIST SP 800-53 Rev. 5 Moderate, roughly 325 controls), confirmed by a FedRAMP-recognized 3PAO. No self-attestation.
• No open Plan of Action and Milestones (POA&M) items from that 3PAO assessment — everything from the assessment must be closed and validated.
• A complete Body of Evidence provided to you, the contractor.

And here's the part that should change how you shop: DCMA DIBCAC validates that equivalency, and the responsibility sits with you, not the cloud provider. Under the memo, if your provider drifts out of compliance, that's your problem to answer for in your assessment. Which means choosing a provider that can actually produce the evidence isn't paperwork — it's protecting your certificate.

Verify it yourself — here's how

• For an authorization: search the FedRAMP Marketplace (marketplace.fedramp.gov) for the exact product name. Confirm the package, the impact level (Moderate or High), and that the status is current. Record the date you checked.
• For an equivalency claim:ask for the provider's 3PAO assessment attestation and the Body of Evidence behind it, plus the Customer Responsibility Matrix— the document that tells you which controls the provider handles, which are shared, and which are left to you. If a provider can't produce these, treat “equivalent” as marketing until proven otherwise.

For Level 2 (C3PAO), your C3PAO reviews the cloud provider's Customer Responsibility Matrix and evidence as part of your assessment. For Level 3, the assessment is conducted by DCMA DIBCAC, not a C3PAO.

Match the claim to the evidence

We built this table so you can walk into a sales call and ask for the document, not the adjective.

The catch no vendor leads with: an enclave is necessary, but not sufficient

A CUI enclave does not, by itself, make your company CMMC compliant. CMMC Level 2 certifies your information system — your people, processes, and technology as a whole — not a product you bought. The enclave is a necessary foundation, but you still own your endpoints, your documentation, your incident-response obligations, and the assessment itself. For some companies, an enclave is even the wrong move — and it's worth knowing which kind of company you are before you spend a dollar.

The reason is structural, not a knock on any product. CMMC certifies an information system, not a standalone tool. The enclave can carry a large share of the technical controls. It cannot carry:

• Your endpoints. The laptops, desktops, and mobile devices that access the enclave are usually CUI Assets or Security Protection Assets in their own right. Downloads, local sync, screenshots, and printing all pull CUI out of the box.
• Your people and processes. Training, access decisions, and the discipline to keep CUI inside the boundary. A user who forwards a CUI email to the wrong mailbox just expanded your scope.
• Your documentation.Your System Security Plan (SSP), your Plan of Action and Milestones (POA&M), your asset inventory, your data-flow diagrams. No platform writes these for you, and assessors live in them.
• Your incident response. DFARS 252.204-7012 requires reporting cyber incidents affecting covered defense information to DoD within 72 hoursof discovery. That's your obligation, enclave or not.
• The assessment. A C3PAO assesses you. The enclave provider isn't a party to your certificate.

And the harder truth: a poorly designed enclave can cost more than going all-in. Run two parallel worlds — secure and non-secure — and you inherit dual identities, user confusion, and ongoing administrative overhead. Worse, if CUI leaks out of the enclave, your entire scope-reduction argument collapses and those assets come back into scope.

Two readers should take a different road:

• If most of your revenue is defense work and most of your staff touch CUI all day, the split-brain friction will likely cost you more than it saves. An all-in government-cloud move is often the better economics. See our GCC High CMMC guide.
• If you only handle Federal Contract Information (FCI) and no CUI, you're probably looking at CMMC Level 1 — 15 basic safeguards and an annual self-assessment — not a CUI enclave at all. Don't overspend solving a problem you don't have.

What a CUI enclave actually costs (by path, not one vague range)

CUI enclave cost depends on the path you choose, how many people touch CUI, and your starting maturity — so a single number is useless. As a planning baseline drawn from public pricing and DoD's own published estimates: an encrypted email/file overlay runs roughly $20–$32 per CUI user per month; a fully managed enclave runs roughly $150–$400 per user per month, or about $2,000–$12,000 per month total; and a Microsoft 365 GCC High enclave adds a per-user license premium plus virtual-desktop or device costs and management. The CMMC assessment is a separate cost on top.

Most contractors fixate on the platform's sticker price. The bigger cost drivers are scope and starting point.

Red-flag answers from a vendor

If you hear any of these in a sales conversation, slow down:

• “You'll be CMMC compliant once you buy this.”
• “You don't need to worry about your endpoints.”
• “We're FedRAMP equivalent” — with no Body of Evidence to show.
• “Your assessor won't need that.”
• “We don't provide a Customer Responsibility Matrix.”
• “You can keep using your commercial environment exactly as you do now.”

How we evaluated this

We evaluate CUI enclave options by workflow fit, effect on CMMC Level 2 scope, FedRAMP authorization or equivalency evidence, what controls remain the contractor's responsibility, assessment readiness, and independence considerations. We do not rank providers by sponsorship, and we do not claim any provider can guarantee a certification outcome.

The regulatory facts on this page come from primary sources we read directly, not from other articles. The fit and cost judgments are editorial conclusions built on top of those facts, and we mark them as such. We separate what the regulations state from what a provider claims.

A note on independence: we may receive referral compensation from some provider categories when a reader asks to be matched. That doesn't change the regulatory facts, the evidence requirements, or the fit criteria on this page — those come from the rules, not from our partners. Read our Editorial & Advertising Policy.

Frequently asked questions

Still not sure? Do this in order.

If you don't know where CUI flows in your business, don't pick a provider yet. Take three steps, in this order:

1. Map your CUI flow — where it enters, where it lives, where it goes.
2. Identify your likely enclave category using that map and the table at the top of this page.
3. Request evidence-ready provider matches so the providers come to you with the right documentation.

You came here to make an expensive decision with less risk. You now have the framework the vendors don't hand out: what an enclave does and doesn't do, which category fits your CUI flow, the one piece of FedRAMP evidence that separates real from marketing, and what this should cost. That's enough to act.