Guide · Architecture choice

EnclavAI vs Claude on AWS Gov / Claude for Government

Both are legitimate paths for defense contractors working under CMMC and DFARS 252.204-7012. They are complementary, not interchangeable — the question is where your CUI is allowed to run, not which model is “smarter.”

Not legal advice. Authorizations change; your SSP, enclave design, and assessor determine what is in scope. Verify against the FedRAMP Marketplace and your contract requirements.

Can I use ChatGPT or Claude with CUI?

Commercial ChatGPT / Claude: No for CUI — data leaves your assessment boundary onto commercial infrastructure not authorized for that processing.

Claude on Amazon Bedrock (GovCloud) / Claude for Government: Yes when configured inside an authorized enclave — Anthropic and AWS publish FedRAMP High and DoD IL4/5 paths for government workloads. You inherit cloud provider controls; your team still must scope CUI correctly, document the system in your SSP, and operate it within your CMMC boundary.

EnclavAI: Yes for teams that need the model inside their own boundary — local open-weight inference (Ollama), zero egress by design, human approve/reject on every artifact, deterministic destructive-command gating, and tamper-evident signed evidence export. Nothing is sent to Anthropic, OpenAI, or any cloud LLM API.

Side-by-side (STIG / POA&M / DevSecOps focus)

Dimension Claude Gov / Bedrock (authorized cloud) EnclavAI (in-boundary local)
Where inference runs AWS / Anthropic operated Gov cloud (in your configured enclave) Your VM, GovCloud EC2, Azure Gov VM, or air-gapped host — Docker Compose
Model Claude (frontier, managed) Open-weight local model (e.g. Qwen2.5-Coder 7B) — you control the artifact
Data egress Prompts/responses traverse authorized cloud paths (must be in scope) App + optional network-layer egress lock; no cloud LLM calls
Architecture pattern Often single-agent or sequential workflows on Claude (Anthropic’s recommended pattern for high-control domains) Sequential governed loop: ingest → draft → Evidence & Risk Scan → human approve → audit export
STIG remediation Custom build on Claude API / Bedrock + your tools & guardrails Built-in STIG agent, destructive scanner, .ckl round-trip, batch remediation UI
Evidence for assessors You design logging, retention, and export (CloudTrail, your app) HMAC-signed evidence packages, per-artifact audit, offline verify script
Best when You already standardized on AWS Gov + Bedrock; want frontier model; cloud enclave is approved Air-gap, strict zero-egress policy, on-prem metal, or “no vendor LLM API” requirement
Partnership Anthropic + AWS ecosystem (Partner Network, SI implementers) Self-hosted product — no Anthropic dependency

Which should we choose?

Use this decision tree — many organizations use both in different enclaves:

How this relates to Anthropic’s agent architecture guide

Anthropic’s Building Effective AI Agents framework recommends single-agent or sequential workflows for high-control domains (compliance, financial, safety-critical) — not autonomous multi-agent swarms. EnclavAI implements that discipline with a local model: sequential draft → scan → human gate → signed export. Different runtime than Claude; same architectural instinct.

See also

Evaluating OpenAI instead? EnclavAI vs ChatGPT FedRAMP / ChatGPT Gov / Azure OpenAI — same complementary framing for the Microsoft/OpenAI path.

Try before you commit

We’re onboarding our first 1–2 design partners free (white-glove install in your sub, testimonial + short case study). Paid pilots resume after the first reference.