SIMP - System Integrity Management Platform

SIMP - System Integrity Management Platform |

     The System Integrity Management Platform (SIMP) is an Open Source framework designed around the concept that individuals and organizations should not need to repeat the work of automating the basic components of their operating system infrastructure.
Expanding upon this philosophy, SIMP also aims to take care of routine policy compliance to include NIST 800-53FIPS140-2, the DISA STIG, and the SCAP Security Guide.
     By using the Puppet automation stack, SIMP is working toward the concept of a self-healing infrastructure that, when used with a consistent configuration management process, will allow users to have confidence that their systems not only start in compliance but remain in compliance over time.
Finally, SIMP has a goal of remaining flexible enough to properly maintain your operational infrastructure. To this end, where possible, the SIMP components are written to allow all security-related capabilities to be easily adjusted to meet the needs of individual applications.

Core Capabilities

The automated subsystems in SIMP keep your systems consistent and protected.
  • PKI

    Fully manage the distribution of key materials throughout your environment and be assured that SIMP services are seamlessly protected.
  • PKI

    Fully manage the distribution of key materials throughout your environment and be assured that SIMP services are seamlessly protected.
  • LDAP

    Centralized account management provides effective real-time administration of users.
  • Host-based Firewall

    System-level network protection and logging across all managed systems. All exposed services running on the system have an enforced firewall policy.
  • Secure Remote Access

    Encrypt and authenticate remote system communications. Privileged user access restriction and enforced access control groups help detect insider threats and prevent unauthorized access.
  • Audit Management

    Audit privileged and invalid user activity by actively collecting critical security events across the managed infrastructure.
  • Unauthorized Service Prevention

    Authorize the services that you want to run either system wide or selectively by host. Disable and report on services that have been enabled without authorization.

Known OS Compatibility

  • SIMP 6.X
  • CentOS 6.9
    • ISO #1: CentOS-6.9-x86_64-bin-DVD1.iso
    • Checksum: d27cf37a40509c17ad70f37bc743f038c1feba00476fe6b69682aa424c399ea6
    • ISO #2: CentOS-6.9-x86_64-bin-DVD2.iso
    • Checksum: 631b8640460f46a8139a6a7cbbac5f3594d08c32945449b6bbd65234929ce7a4
  • CentOS 7.0
    • ISO #1: CentOS-7-x86_64-DVD-1611.iso
    • Checksum: c455ee948e872ad2194bdddd39045b83634e8613249182b88f549bb2319d97eb
    • ISO #2: CentOS-7-x86_64-DVD-1511.iso
    • Checksum: 907e5755f824c5848b9c8efbb484f3cd945e93faa024bad6ba875226f9683b16
  • RedHat 6.9
    • ISO #1: rhel-server-6.9-x86_64-dvd.iso
    • Checksum: 3f961576e9f81ea118566f73f98d7bdf3287671c35436a13787c1ffd5078cf8e
  • RedHat 7.2
    • ISO #1: rhel-server-7.2-x86_64-dvd.iso
    • Checksum: 03f3a0291634335f6995534d829bd21ffaa0d000004dfeb1b2fb81052d64a4d5
  • RedHat 7.3
    • ISO #1: rhel-server-7.3-x86_64-dvd.iso
    • Checksum: 120acbca7b3d55465eb9f8ef53ad7365f2997d42d4f83d7cc285bf5c71e1131f

Technology components

SIMP uses Puppet to manage and maintain the configuration of the various component systems.
Though there are many possible configurations, out of the box SIMP provides:
  • Management
    • Puppet Server
    • PuppetDB
    • MCollective
  • Authentication
    • OpenLDAP
  • Kickstart/Update
    • YUM
    • DNS
    • DHCP
    • TFTP

No comments

Note: Only a member of this blog may post a comment.

Powered by Blogger.