Skip to content

ralph-wright/SIMP

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

System Integrity Management Platform (SIMP)

IMPORTANT

This project is only approved for material that is completely releasable to the public.

Please do not upload material that has not been approved for public release.

Where's the code?!

For those out there that just want the goods, the actual code for the SIMP project is hosted under the SIMP GitHub Organization.

Quickstart

New System/Bare Metal

If you're using a new system such as a blank VM or a bare metal system, you will want to follow the instructions for building an ISO.

Existing System Migration

If you are looking to use the SIMP materials on an existing system, instructions are available on the SIMP Confluence.

User Documentation

Product documentation is housed at ReadTheDocs.org.

Latest Releases

NOTE Release artifacts are all hosted on Bintray

Description

SIMP is a framework that provides a flexible combination of security compliance and operational automation.

The goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide Project and industry best practice.

Though it is fully capable out of the box, the intent of SIMP is to be molded to your target environment in such a way that deviations are easily identifiable to both Operations Teams and Security Officers.

At this time, there are no commercial requirements for the use of SIMP outside of the purchase of Red Hat Enterprise Linux licenses as applicable.

Disclaimer

This Work is provided "as is." Any express or implied warranties, including but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the United States Government be liable for any direct, indirect, incidental, special, exemplary or consequential damages (including, but not limited to, procurement of substitute goods or services, loss of use, data or profits, or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this Guidance, even if advised of the possibility of such damage.

The User of this Work agrees to hold harmless and indemnify the United States Government, its agents, and employees from every claim or liability (whether in tort or in contract), including attorneys' fees, court costs, and expenses, arising in direct consequence of Recipient's use of the item, including, but not limited to, claims or liabilities made for injury to or death of personnel of User or third parties, damage to or destruction of property of User or third parties, and infringement or other violations of intellectual property or technical data rights.

Nothing in this Work is intended to constitute an endorsement, explicit or implied, by the US Government of any particular manufacturer's product or service.

Technology components

SIMP uses Puppet to manage and maintain the configuration of the various component systems.

Though there are many possible configurations, out of the box SIMP provides:

  • Management
    • Puppet Server
    • PuppetDB
    • MCollective
  • Authentication
    • OpenLDAP
  • Kickstart/Update
    • YUM
    • DNS
    • DHCP
    • TFTP

Copyrights

All materials are copyright their respective owners unless otherwise noted.

Per Section 105 of the Copyright Act of 1976, these works are not entitled to domestic copyright protection under US Federal law.

The US Government retains the right to pursue copyright protections outside of the United States.

The United States Government has unlimited rights in this software and all derivatives thereof, pursuant to the contracts under which it was developed and the License under which it falls.

Released under the Apache License, Version 2.

Community

Issue Tracker

SIMP Project JIRA

  • Feel free to sign up for an account here to file bugs, help track issues, or vote for your favorite feature.
  • We suggest using the Agile board view to see what we're currently working on.

Chat Room

Development Chat

SIMP Project HipChat

  • It is highly suggested that you either use a non-primary e-mail for this or that you use an e-mail modifier such as (+simp).
  • When signing up for a new account, use simp-project as the team name.

Code Review System

The SIMP Project is using GerritHub for code review activities.

Dashboards

Google Groups

  • simp : A QA Board for the general community.
  • simp-users : A place for users of SIMP to ask questions, get help, and be part of the community.
  • simp-dev : This list is for the development community interested in extending or contributing to the platform.
  • simp-announce : Announcements for new versions and security events.
  • simp-security : A place to file security related issues that will only be seen by the SIMP team.

Prior to joining a mailing list, please review our Community Code of Conduct.

Contributions

Please see CONTRIBUTING for information on how to contribute to this project.

Component Repositories

Last, but not least, this is the list of all SIMP component modules as hosted under the SIMP project space.

SIMP Provided Materials

RPMs

SIMP will be distributing RPMs via BinTray as we move forward.

Please make sure that the RPMs are properly signed with the GPG key listed below.

GPG Signing Key

All officially released RPMs are signed with the SIMP Release Key

  • ID: 7DA6F216
  • Fingerprint: 103B 439D ADF4 AE61 FA69 98AF EE8C 77AF 7DA6 F216

Build Repositories

Helper Rubygems

Puppet Module Skeleton

The project has its own module skeleton for quickly getting up and running with the expected layout and testing framework for SIMP modules.

Puppet Modules

Forked External Modules

Most forks are simply to fit the materials into our build processes but some have modifications that we are looking to push back upstream when possible.

About

Information Repository for SIMP

Resources

License

Stars

Watchers

Forks

Packages

No packages published