SIMP - System Integrity Management Platform

SIMP is a framework that aims to provide a reasonable combination of security compliance and operational flexibility.

The ultimate goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide Project and industry best practice.

Though it is fully capable out of the box, the intent of SIMP is to be molded to your target environment in such a way that deviations are easily identifiable to both Operations Teams and Security Officers.

Supported Operating Systems

The following Operating Systems are supported:

• Red Hat Enterprise Linux
  • 6.6
  • 7.1
• CentOS
  • 6.6
  • 7.1-1503-01

Technology components

SIMP uses Puppet to manage and maintain the configuration of the various component systems.

Though there are many possible configurations, out of the box SIMP provides:

• Management
  • Puppet Server
  • PuppetDB
  • MCollective
• Authentication
  • OpenLDAP
• Kickstart/Update
• YUM
• DNS
• DHCP
• TFTP

SIMP Provided Materials

Build Materials

• simp-core
• simp-doc
• simp-rsync

Puppet Modules

• pupmod-simp-acpid
• pupmod-simp-activemq
• pupmod-simp-aide
• pupmod-simp-apache
• pupmod-simp-auditd
• pupmod-simp-autofs
• pupmod-simp-backuppc
• pupmod-simp-cgroups
• pupmod-simp-clamav
• pupmod-simp-common
• pupmod-simp-concat
• pupmod-simp-dhcp
• pupmod-simp-elasticsearch
• pupmod-simp-freeradius
• pupmod-simp-functions
• pupmod-simp-ganglia
• pupmod-simp-gfs2
• pupmod-simp-iptables
• pupmod-simp-jenkins
• pupmod-simp-kibana
• pupmod-simp-krb5
• pupmod-simp-libvirt
• pupmod-simp-logrotate
• pupmod-simp-logstash
• pupmod-simp-mcafee
• pupmod-simp-mcollective
• pupmod-simp-mozilla
• pupmod-simp-multipathd
• pupmod-simp-named
• pupmod-simp-network
• pupmod-simp-nfs
• pupmod-simp-nscd
• pupmod-simp-ntpd
• pupmod-simp-oddjob
• pupmod-simp-openldap
• pupmod-simp-openscap
• pupmod-simp-pam
• pupmod-simp-pki
• pupmod-simp-polkit
• pupmod-simp-postfix
• pupmod-simp-pupmod
• pupmod-simp-rsync
• pupmod-simp-rsyslog
• pupmod-simp-site
• pupmod-simp-selinux
• pupmod-simp-shinken
• pupmod-simp-simp
• pupmod-simp-snmpd
• pupmod-simp-ssh
• pupmod-simp-sssd
• pupmod-simp-stunnel
• pupmod-simp-sudo
• pupmod-simp-sudosh
• pupmod-simp-svckill
• pupmod-simp-sysctl
• pupmod-simp-tcpwrappers
• pupmod-simp-tftpboot
• pupmod-simp-tpm
• pupmod-simp-upstart
• pupmod-simp-vnc
• pupmod-simp-vsftpd
• pupmod-simp-windowmanager
• pupmod-simp-xinetd
• pupmod-simp-xwindows
• rubygem-simp-rake-helpers
• rubygem-simp-cli

Forked External Modules

Most forks are simply to fit the materials into our build processes but some have modifications that we are looking to push back upstream when possible.

• augeasproviders
• augeasproviders_apache
• augeasproviders_base
• augeasproviders_core
• augeasproviders_grub
• augeasproviders_mounttab
• augeasproviders_nagios
• augeasproviders_pam
• augeasproviders_postgresql
• augeasproviders_puppet
• augeasproviders_shellvar
• augeasproviders_ssh
• puppet-elasticsearch
• puppetlabs-apache
• puppetlabs-postgresql
• puppetlabs-stdlib
• puppetlabs-inifile
• puppetlabs-puppetdb
• puppetlabs-mysql
• puppetlabs-java
• puppet-gpasswd
• augeasproviders_sysctl
• puppet-datacat
• puppetlabs-java_ks
• puppet-memcached

Download SIMP