Do all tools need to be FedRAMP certified to pass CMMC audit?

Couple Questions:

  1. I would like to use JumpCloud DaaS to manage cross platforms i.e. OSX, Windows and Linux. This provides policies, MFA, SSO and other features that are nice like password sync. Is is a requirement to utilize a platform for it to be FedRAMP certified for CMMC? Does anyone have any knowledge on that?

  2. What is everyone using for this type of environment? We are using Azure MDM/Intune soon but that still does not seem to help us with enforcing certain features policy wise.

Curious about this as well since JumpCloud does not store any data, it only enforces policies. So you would think that it would be acceptable. It is really tough finding a platform that does everything you need under one umbrella.