Introducing our Upcoming CMMC XEnclave™
Introducing XEnclave™: A CMMC Version 2 Level 2 Compliant Enclave designed for rapid implementation and continuous compliance
Trexcel Corporation is excited to announce XEnclave™, our upcoming CMMC Version 2 Level 2 compliant solution, to be available for beta testing in early 2025. XEnclave™ delivers an advanced, all-in-one security platform designed to meet the stringent requirements of businesses handling sensitive data.
Security and Compliance at the Core
XEnclave™ is primarily an on-premise dedicated workstation-based system that utilizes Windows 11 Pro workstations configured in FIPS mode to provide hardware-level encryption and robust data protection. These XEnclave™ workstations are connected to a XEnclave™ Secure Network Appliance, ensuring secure and protected communications throughout your on-premise XEnclave™ infrastructure.
Functionality Discussion
XEnclave™ is a dedicated CMMC Enclave that does not support your "normal" non-CUI workloads like email. The XEnclave™ Workstation is a PC running Windows 11 Pro in a "locked down" mode. It comes with security capabilities such as encrypted disks, multiple factor authentication, opensource office software that can read most common office file formats, and optional capabilities to share your "CUI" among your workstations and to move data into and out of your XEnclave™ in a controlled manner. It connects to an XEnclave™ Secure Networking Appliance that connects to the Internet using an RJ45-based connection. This device securely connects the XEnclave™ Workstations to XEnclave™ management tools that are on-premise and to Trexcel's management tools for our support of your system. Clients provide a network connection that will provide internet access that does not have access to its local information technology resources.
XEnclave™ provides multiple-factor authentication (MFA) for your users and our administrators. An app on your user's phone implements the MFA, although other dedicated hardware devices are possible. We support Preveil's CMMC-compliant Drive product as an option for securely distributing CUI across your Workstations and sharing it with other CMMC-compliant parties. Clients with simpler requirements may be able to use the no-cost "DoD SAFE" CUI, PII, and PHI data transfer solution provided by DoD, assuming all of their CUI data exchanges are with supporting DoD parties. Clients utilizing our upcoming Technology Assurance Platform solution in conjunction with their XEnclave™ instance will have additional options for secure CUI data movement.
Communications within the XEnclave™ and Trexcel's support services utilize FIPS 140-2 validated encryption to keep communications secure and compliant with CMMC standards. Data at rest and off-system data communications, as well as system backups, are also protected with FIPS-validated encryption.
Application software, such as industry-specific tools like CAD/CAM software and other required Windows compatible software can potentially be installed on Client XEnclave™ Workstations. It will have to meet all XEnclave™ software qualification requirements, including our security requirements, such as a means of getting software patches without creating "holes" in the XEnclave™ network. If approved, XEnclave™ support staff will distribute the software to the Client's XEnclave™ Workstation(s).
We generally provide XEnclave™ Workstations with no keyboard, mouse, and monitors, although specific laptop configurations may be supported in the future. This provides our Clients with the flexibility to configure their desktop Workstations to meet their specific requirements. An efficient working configuration can include a USB PC sharing device, and the user can quickly "switch" between the XEnclave™ Workstation and their regular PC or Macintosh, where they can use their email client(s) and their other software. Other users may have two keyboards on their desks and physically switch between them, reducing the practical impact of a scope-limited XEnclave Workstation by having what they need at their fingertips.
Networked printers are not supported, as many printer models can store CUI data onboard, increasing the CUI related scope of the Enclave and the processes our Clients will be required to implement and follow. Note that USB-attached printers with no onboard data storage (post power off) are supported, and the CUI created and/or received on paper must be managed by the related XEnclave procedures.
Streamlined Management for Efficiency
XEnclave™ offers seamless management and continuous monitoring, keeping your XEnclave updated and ensuring visibility into potential security threats. With comprehensive remote management and advanced security event monitoring, XEnclave™ ensures that your organization stays technically compliant and secure with ease.
Stay ahead in security with XEnclave™, the most complete solution for businesses aiming to meet the highest data protection and compliance standards.
Faster Implementations
We aim to achieve the fastest, most fully compliant implementations possible. This goal requires sustained effort and can feel more like a change to your way of life than executing a project. Cybersecurity threats are evolving, and we expect the Defense Department's requirements will also continue to evolve. Cybersecurity is now a way of life, and applying different levels of control to information with varying risks and consequences if released or lost is an economically efficient approach for the future. Consider XEnclave™ as part of your long-term risk and consequence-based cybersecurity strategy.
