Cloud Access Point

The Boundary Cloud Access Point (BCAP) or Cloud Access Point (CAP) is predetermined by your organization. Therefore, it is not in the scope of this guide. The CAP provides access to commercial cloud environments from the Defense Information Systems Network (DISN). The CAP also provides boundary protection of DISN from the cloud. At the DISN boundary, it includes cyber-defense capabilities, such as firewall, intrusion detection systems (IDS), and intrusion prevention systems (IPS). It's common for organizations to use the DoD Cloud Native Access Point Reference Design for accessing AWS.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

SCCA components and requirements

Virtual Data Center Security Stack