Skip to content

A system automation and configuration management stack targeted toward operational flexibility and policy compliance.

License

Notifications You must be signed in to change notification settings

katana-hydra/SIMP

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

System Integrity Management Platform (SIMP)

IMPORTANT

This project is only approved for material that is completely releasable to the public.

Please do not upload material that has not been approved for public release.

Quickstart

Existing System Migration

If you are looking to use the SIMP materials on an existing system, instructions are available in the SIMP Documentation.

New System/Bare Metal

If you're using a new system, such as a fresh VM or a bare metal system, you will want to follow the instructions for building an ISO.

User Documentation

Product documentation is housed at ReadTheDocs.org.

Latest Releases


NOTE

Release packages are now hosted on PackageCloud

Release Tarballs and ISOs (CentOS powered) can be found at https://simp-project.com/ISO/SIMP

There is also a RPM archive now availble.

Older releases can be found on BinTray

Installation guidance can be found in the official SIMP documentation.


Where's the code?!

For those out there that just want the goods, the actual code for the SIMP project is hosted under the SIMP GitHub Organization.

Description

SIMP is a framework that provides a flexible combination of security compliance and operational automation.

The goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide and industry best practice.

Though it is fully capable out of the box, the intent of SIMP is to be molded to your target environment in such a way that deviations are easily identifiable to both Operations Teams and Security Officers.

At this time, there are no commercial requirements for the use of SIMP outside of the purchase of Red Hat Enterprise Linux licenses as applicable.

Disclaimer

This Work is provided "as is." Any express or implied warranties, including but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the United States Government be liable for any direct, indirect, incidental, special, exemplary or consequential damages (including, but not limited to, procurement of substitute goods or services, loss of use, data or profits, or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this Guidance, even if advised of the possibility of such damage.

The User of this Work agrees to hold harmless and indemnify the United States Government, its agents, and employees from every claim or liability (whether in tort or in contract), including attorneys' fees, court costs, and expenses, arising in direct consequence of Recipient's use of the item, including, but not limited to, claims or liabilities made for injury to or death of personnel of User or third parties, damage to or destruction of property of User or third parties, and infringement or other violations of intellectual property or technical data rights.

Nothing in this Work is intended to constitute an endorsement, explicit or implied, by the US Government of any particular manufacturer's product or service.

Technology components

SIMP uses Puppet to manage and maintain the configuration of the various component systems.

Though there are many possible configurations, out of the box SIMP provides:

  • Management
    • Puppet Server
    • PuppetDB
    • MCollective
  • Authentication
    • OpenLDAP
  • Kickstart/Update
    • YUM
    • DNS
    • DHCP
    • TFTP

Please see the SIMP Documentation for a more in-depth look at the SIMP software stack.

Copyrights

All materials are copyright their respective owners unless otherwise noted.

Per Section 105 of the Copyright Act of 1976, these works are not entitled to domestic copyright protection under US Federal law.

The US Government retains the right to pursue copyright protections outside of the United States.

The United States Government has unlimited rights in this software and all derivatives thereof, pursuant to the contracts under which it was developed and the License under which it falls.

Released under the Apache License, Version 2.

Community

Issue Tracker

SIMP Project JIRA

  • Feel free to sign up for an account here to file bugs, help track issues, or vote for your favorite feature.
  • We suggest using the Agile board view to see what we're currently working on.

Chat Room

Development Chat

SIMP Project HipChat => No account required for this room

  • It is highly suggested that you either use a non-primary e-mail for this or that you use an e-mail modifier such as +simp.
  • When signing up for a new account, use simp-project as the team name.

Code Review

The SIMP Project has moved away from GerritHub and is now using native GitHub for code reviews.

Dashboards

Google Groups

  • simp : A QA Board for the general community.
  • simp-users : A place for users of SIMP to ask questions, get help, and be part of the community.
  • simp-dev : This list is for the development community interested in extending or contributing to the platform.
  • simp-announce : Announcements for new versions and security events.
  • simp-security : A place to file security related issues that will only be seen by the SIMP team.

Prior to joining a mailing list, please review our Community Code of Conduct.

Contributions

Please see CONTRIBUTING for information on how to contribute to this project.

Component Repositories

Last, but not least, this is the list of all SIMP component modules as hosted under the SIMP Project.

SIMP Provided Materials

RPMs

Release RPMs are now hosted on PackageCloud.

Older RPMs can be found on BinTray.

Look for the repository that is associated with the version of SIMP that you wish to build. The latest packages can always be found in the .X repositories. For example, the latest 4 series packages would be found in the 4.X repository.

Please make sure that the RPMs are properly signed with the GPG key listed below.

GPG Signing Key

All officially released RPMs are signed with the SIMP Release Key

* ID: 7DA6F216 * Fingerprint: 103B 439D ADF4 AE61 FA69 98AF EE8C 77AF 7DA6 F216

Build Repositories

Puppet Module Skeleton

The project has its own module skeleton for quickly getting up and running with the expected layout and testing framework for SIMP modules.

SIMP Repositories
Helper Rubygems
Monitoring Dashboards
Forked Repositories

About

A system automation and configuration management stack targeted toward operational flexibility and policy compliance.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Ruby 100.0%