FedRAMP In Process — Moderate Impact

Mirantis Container Cloud (Government) by Mirantis. 6 compliance features verified.

Platform as a Service

Mirantis Container Cloud (Government)

Name: Mirantis Container Cloud (Government)
Brand: Mirantis
Availability: InStock
Rating: 3.5 (18 reviews)

by Mirantis

Moderate ImpactIn Process

Impact Level

Moderate

Status

In Process

Pricing

enterprise

Overview

Mirantis Container Cloud for Government (formerly Docker Enterprise) provides container orchestration and management with FedRAMP Moderate controls in process. It offers a secure software supply chain with image signing and scanning. The platform supports both Kubernetes and Docker Swarm orchestration.

Key Features

✓FedRAMP Moderate in-process

✓Secure software supply chain

✓Image signing and scanning

✓Role-based access control

✓Multi-orchestrator support

✓Air-gapped deployment option

Certifications & Authorizations

FedRAMP Moderate (in process — expected Q2 2024)DoD SRG Impact Level 4 (IL4) assessment in progressSOC 2 Type II (annual attestation)ISO 27001:2013 certifiedFIPS 140-2 Level 1 validated cryptographic modulesCommon Criteria EAL4+ for container runtime securityNIST 800-190 container security guidelines compliance

Deployment Options

✓AWS GovCloud (US-East/US-West) with FedRAMP Moderate boundary — IL4 classification

✓Microsoft Azure Government cloud regions — IL2/IL4 workloads

✓On-premises deployment via Mirantis Kubernetes Engine (MKE) in government data centers

✓Hybrid cloud spanning GovCloud and on-premises with unified container orchestration

✓Air-gapped deployment for classified networks using Mirantis Secure Registry

✓Multi-cloud orchestration across AWS GovCloud and Azure Government simultaneously

NIST 800-171 Compliance Coverage

85% of controls covered

How to Procure Mirantis Container Cloud (Government) for Defense Contracts

Mirantis Container Cloud (Government) is available through GSA MAS (Multiple Award Schedule) under SIN 54151S (IT Professional Services) and emerging technology schedules. SEWP VI contracts are being established for hardware appliance deployments. Commercial pricing includes enterprise support, while government pricing offers volume discounts for multi-year agreements and educational discounts for training programs. The authorization boundary documentation must clearly define the container orchestration layer, underlying infrastructure dependencies, and data flow between Kubernetes clusters. Contracting officers need to approve the System Security Plan (SSP) addendum specifically addressing container security controls (SC-39, SC-40), supply chain risk management (SR family), and continuous monitoring of container images. The typical procurement timeline spans 6-9 months including: initial RFI (30 days), technical evaluation (60 days), FedRAMP authorization review (90-120 days), and contract award (30-45 days). For CMMC assessment boundaries, include all Mirantis components that process, store, or transmit CUI including the container registry, orchestration control plane, worker nodes, and integrated security scanning tools. Document data flows between containerized applications and ensure proper network segmentation controls are implemented.

Compliance Cross-References

This authorization directly supports DFARS 252.204-7012 compliance by providing adequate security controls for CUI in containerized environments, specifically addressing access controls (AC-2, AC-3, AC-6) through Kubernetes RBAC integration and audit logging (AU-2, AU-3, AU-12) via centralized container activity monitoring. For DFARS 252.239-7010 cloud computing requirements, Mirantis Container Cloud provides government-specific cloud deployment options with FedRAMP Moderate controls and supply chain security validation. The platform maps to NIST 800-171 control families: Access Control (AC) through pod security policies and namespace isolation, System and Communications Protection (SC) via encrypted container communications and secure image scanning, and Audit and Accountability (AU) through comprehensive Kubernetes audit trails. For CMMC Level 2 domains, the solution addresses Access Control (AC), Audit and Accountability (AU), Configuration Management (CM) through infrastructure-as-code practices, Identification and Authentication (IA) via integrated identity providers, System and Communications Protection (SC), and System and Information Integrity (SI) through automated vulnerability scanning of container images and runtime protection.

Defense Contractor Use Case

Defense contractors evaluate Mirantis Container Cloud for managing containerized applications in environments that require FedRAMP authorization and secure software supply chain controls.

Related Products

ModerateAuthorized

Red Hat OpenShift for Government

Red Hat

HighAuthorized

Azure Kubernetes Service (Government)

Microsoft (AKS)

More Platform as a Service Products

High

Azure App Service (Government)

Microsoft

High

AWS Elastic Beanstalk (GovCloud)

Amazon Web Services

Moderate

Heroku Shield

Salesforce

Moderate

Google App Engine (Government)

Google

Frequently Asked Questions

What is the FedRAMP authorization level for Mirantis Container Cloud (Government)?

Mirantis Container Cloud (Government) is in process at the FedRAMP Moderate impact level. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.

Can defense contractors use Mirantis Container Cloud (Government) for CUI?

Mirantis Container Cloud (Government) is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.

How does Mirantis Container Cloud (Government) pricing compare to commercial?

Mirantis Container Cloud (Government) government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact Mirantis directly or check GSA Advantage for current government pricing.

Browse All FedRAMP Authorized Tools

Search and filter 80+ FedRAMP authorized products for your defense contracting needs.

Open FedRAMP Finder

Track Mirantis Container Cloud (Government) FedRAMP compliance updates with AI-powered intelligence

Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.

Start Free — 90 Days

← FedRAMP Authorized Products

Overview

Certifications & Authorizations

Deployment Options

✓AWS GovCloud (US-East/US-West) with FedRAMP Moderate boundary — IL4 classification

✓Microsoft Azure Government cloud regions — IL2/IL4 workloads

✓On-premises deployment via Mirantis Kubernetes Engine (MKE) in government data centers

✓Hybrid cloud spanning GovCloud and on-premises with unified container orchestration

✓Air-gapped deployment for classified networks using Mirantis Secure Registry

✓Multi-cloud orchestration across AWS GovCloud and Azure Government simultaneously

How to Procure Mirantis Container Cloud (Government) for Defense Contracts

Compliance Cross-References

Frequently Asked Questions