Containers are packages of software that contain all of the necessary elements to run in any environment: from a private data center, to the public cloud, or even on a developer’s personal laptop. 
 

Web Servers, databases, application servers, middleware, compilers, interpreters, caching applications, messaging servers, machine learning, shells, security scanners, firewall, filtering, inspection, and most everything else. Large catalogs of containers exist that are free to use. Most vendors have their application in a supported container version as well as community supported containers with most mainline configuration variations.

Containers as a Service, or CaaS (pronounced “cass”), enables mission partners to run an application and all its dependencies in isolated processes. These isolated processes, also known as code packages, have everything the app needs to reliably run its software in any environment (including the app, runtime, system libraries, etc.). With all critical elements packaged together, applications can be easily moved from one environment to another. Simply put, CaaS is like an application suitcase, with wheels.

▸    CaaS is a modern IL4/5 Container Platform Cloud Service from DISA
▸    On-Premise protection, behind the DISA communication infrastructure
▸    NIPRnet accessible
▸    Fully ATOed
▸    DoD Identity Integrated - Global Directory (GFUD)
▸    Compatible with public clouds and your on-prem solutions for true hybrid deployment options
▸    As a Service Model, Billed Monthly to Mission Partners
▸    Service delivered and maintained via modern DevSecOps principles and practices - DevSecOps, GitOps, Infrastructure-as-Code and heavy automation

Focus on your mission and applications while DISA handles the Kubernetes Layer: Updates, patching, etc. DISA handles the platform ATO, reducing overhead burden on your IT staff. DISA handles the platform ATO, reducing overhead burden and maintenance on your IT staff while you pay as you go, taking advantage of DISA datacenter security. CaaS has Industry and DoD experts to help you onboard, moving at the speed mission.

Release code faster  Cost Savings  Simpler, lighter, and denser than Virtual Machines Manage application through code No OS to maintain Eliminate Configuration Drift Simplified Networking Large catalogs of applications to build from Deploy to more environments

Speed of Mission Efficiency Density Standardization, Auditing, Version Control         Lightweight Standardization Efficient Deployments No Wheel Rebuilding Portability, Scalability

Given equal CPU and RAM, CaaS is about ½ the price of a traditional hosted virtual server running in a DISA datacenter.

Cloud Native Applications and applications seeking modernization can utilize CaaS to develop or host production container based applications. Code based deployments are constantly monitored through CI/CD pipelines.

Yes, we began offering the service on 1 October 2022. 

A CaaS and commercial application deployment would be very similar and one of the benefits of containerization is the portability between environments. It is likely that if your container runs anywhere else, it runs on CaaS also. However, CaaS is on premise and may easily integrate with existing DISA hosted services to create a hybrid operating environment or transition into container based infrastructure. CaaS  inherits many DISA security controls and comes with NIPR connectivity. 
 

Provides detailed CVE and vulnerable configuration detection in the hosted namespace for running containers. 
 

An OS designed for hosted Cloud Based applications. 

Integrated with GFUD, signing in to OpenShift is easy and CAC protected. 

A high standard for cryptography, enabled at install time on the physical nodes. 

Protects the cluster itself from misconfigurations. 
 

Protects against arbitrary inter-container access and access to the nodes from containers.

A container runs without node level root access, although it can access all of its own assigned resources and no more.