[ COMPLIANCE ]

Use AI on CUI. None of it leaves your facility.

Name: Enclos
Brand: Enclos

Defense work runs on Controlled Unclassified Information, and the rules are clear about where it can live. Enclos runs entirely inside your facility, so your team can use AI on CUI without sending it to a public service.

Book a Demo See how it works

[ THE REALITY ]

Why CUI and public AI tools don’t mix.

[ 01 ]

The rules are explicit.

DFARS 252.204-7012 requires contractors handling Controlled Unclassified Information to safeguard it under NIST SP 800-171. CMMC Level 2 assesses you against those same 110 security requirements.

[ 02 ]

Public AI tools are not authorized.

Consumer and commercial AI assistants are not authorized to store or process CUI, and their terms can reuse what you put in. Pasting a controlled document into one is a finding waiting to happen.

[ 03 ]

You still need AI to compete.

Proposals, spec reviews, and technical work increasingly depend on it. The answer is not to avoid AI. It is to run it where CUI is allowed to live: inside your facility.

[ ARCHITECTURE ]

Nothing leaves your facility.

Documents are uploaded, indexed, and processed on the appliance in your facility. The workspace runs in a browser on your network. No CUI is sent to an external AI service.

Data-flow diagram: the browser and Enclos appliance exchange data only inside your facility; no CUI is sent to ChatGPT, Copilot, or Claude — AIR-GAP CAPABLE · CUI STAYS LOCAL

[ MAPPING ]

Built to map onto the practices you are assessed against.

Enclos lines up with the NIST SP 800-171 practice families behind CMMC, and it is documentable in your SSP. CMMC certifies organizations, not products.

PRACTICE FAMILY

HOW ENCLOS SUPPORTS IT

3.1Access Control

Role-based permissions in the workspace.

3.3Audit & Accountability

A history of uploads, runs, and exports.

3.13System & Comms Protection

Local processing, air-gap capable, no external data flow.

3.8Media Protection

Documents stay on the appliance in your facility.

3.4Configuration Management

Managed, documented configuration records.

3.5Identification & Authentication

Authenticated access to the appliance.

Enclos is CMMC-ready and documentable in your SSP. CMMC certifies organizations, not products.

NIST 800-171

[ DOCUMENTATION ]

Documented for your assessment.

An assessor wants evidence, not assurances. Enclos gives you artifacts you can reference directly in your System Security Plan.

DOC·01Configuration and version records for the system
DOC·02Role-based access controls and authentication
DOC·03A history of uploads, runs, and exports
DOC·04Data-flow documentation showing CUI stays on-premises

[ QUESTIONS ]

What security teams ask first.

Does Enclos make us CMMC compliant?

No. CMMC assesses your organization and its environment, not a product. No tool can be CMMC certified. Enclos is built to support the relevant practices and gives you documentation to reference in your System Security Plan. The assessment is still yours.

Is Enclos FedRAMP authorized?

FedRAMP applies to cloud services. Enclos is not a cloud service. It runs on the appliance inside your facility, so your CUI never goes to an external service that would need a FedRAMP authorization in the first place.

Can it be fully air-gapped?

Yes. Enclos is air-gap capable and can run with no external network connection. Documents are stored, indexed, and processed on the appliance on your network.

How are updates handled without opening a hole?

Through a controlled, documented process that you approve. Updates do not require exposing the system or its data to the public internet.

[ 09BOOK A DEMO ]

See Enclos write a proposal section on your data.

See how the appliance, workspace, defense workflows, and managed service fit together, with AI writing a proposal section or checking spec compliance on your terms.

Appliance included
Air-gap capable
Browser workspace
Defense workflows
Managed service
CMMC-documentable

Installed in your facility. Accessed in a browser. Managed by Enclos.