SIMP is a framework that aims to provide a reasonable combination of security compliance and operational flexibility.
The ultimate goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide Project and industry best practice.
Though it is fully capable out of the box, the intent of SIMP is to be molded to your target environment in such a way that deviations are easily identifiable to both Operations Teams and Security Officers.
Supported Operating Systems
The following Operating Systems are supported:
- Red Hat Enterprise Linux
- 6.6
- 7.1
- CentOS
- 6.6
- 7.1-1503-01
Technology components
SIMP uses Puppet to manage and maintain the configuration of the various component systems.
Though there are many possible configurations, out of the box SIMP provides:
- Management
- Puppet Server
- PuppetDB
- MCollective
- Authentication
- OpenLDAP
- Kickstart/Update
- YUM
- DNS
- DHCP
- TFTP
SIMP Provided Materials
Build Materials
Puppet Modules
- pupmod-simp-acpid
- pupmod-simp-activemq
- pupmod-simp-aide
- pupmod-simp-apache
- pupmod-simp-auditd
- pupmod-simp-autofs
- pupmod-simp-backuppc
- pupmod-simp-cgroups
- pupmod-simp-clamav
- pupmod-simp-common
- pupmod-simp-concat
- pupmod-simp-dhcp
- pupmod-simp-elasticsearch
- pupmod-simp-freeradius
- pupmod-simp-functions
- pupmod-simp-ganglia
- pupmod-simp-gfs2
- pupmod-simp-iptables
- pupmod-simp-jenkins
- pupmod-simp-kibana
- pupmod-simp-krb5
- pupmod-simp-libvirt
- pupmod-simp-logrotate
- pupmod-simp-logstash
- pupmod-simp-mcafee
- pupmod-simp-mcollective
- pupmod-simp-mozilla
- pupmod-simp-multipathd
- pupmod-simp-named
- pupmod-simp-network
- pupmod-simp-nfs
- pupmod-simp-nscd
- pupmod-simp-ntpd
- pupmod-simp-oddjob
- pupmod-simp-openldap
- pupmod-simp-openscap
- pupmod-simp-pam
- pupmod-simp-pki
- pupmod-simp-polkit
- pupmod-simp-postfix
- pupmod-simp-pupmod
- pupmod-simp-rsync
- pupmod-simp-rsyslog
- pupmod-simp-site
- pupmod-simp-selinux
- pupmod-simp-shinken
- pupmod-simp-simp
- pupmod-simp-snmpd
- pupmod-simp-ssh
- pupmod-simp-sssd
- pupmod-simp-stunnel
- pupmod-simp-sudo
- pupmod-simp-sudosh
- pupmod-simp-svckill
- pupmod-simp-sysctl
- pupmod-simp-tcpwrappers
- pupmod-simp-tftpboot
- pupmod-simp-tpm
- pupmod-simp-upstart
- pupmod-simp-vnc
- pupmod-simp-vsftpd
- pupmod-simp-windowmanager
- pupmod-simp-xinetd
- pupmod-simp-xwindows
- rubygem-simp-rake-helpers
- rubygem-simp-cli
Forked External Modules
Most forks are simply to fit the materials into our build processes but some have modifications that we are looking to push back upstream when possible.
- augeasproviders
- augeasproviders_apache
- augeasproviders_base
- augeasproviders_core
- augeasproviders_grub
- augeasproviders_mounttab
- augeasproviders_nagios
- augeasproviders_pam
- augeasproviders_postgresql
- augeasproviders_puppet
- augeasproviders_shellvar
- augeasproviders_ssh
- puppet-elasticsearch
- puppetlabs-apache
- puppetlabs-postgresql
- puppetlabs-stdlib
- puppetlabs-inifile
- puppetlabs-puppetdb
- puppetlabs-mysql
- puppetlabs-java
- puppet-gpasswd
- augeasproviders_sysctl
- puppet-datacat
- puppetlabs-java_ks
- puppet-memcached