SIMP Stack

A Managed Ecosystem for Secure Operations

SIMP is an Open Source, fully automated, and extensively tested framework that can either enhance your existing infrastructure or allow you to quickly build one from scratch. Built on the mature Puppet product suite, SIMP is designed around scalability, flexibility, and compliance.

Initially designed as a turn-key solution for isolated environments, SIMP includes everything you need to get started building repeatable infrastructures at any scale.

Core Capabilities

The automated subsystems in SIMP keep your systems consistent and protected.

PKI

Fully manage the distribution of key materials throughout your environment and be assured that SIMP services are seamlessly protected.

LDAP

Centralized account management provides effective real-time administration of users.

Host-based Firewall

System-level network protection and logging across all managed systems. All exposed services running on the system have an enforced firewall policy.

Secure Remote Access

Encrypt and authenticate remote system communications. Privileged user access restriction and enforced access control groups help detect insider threats and prevent unauthorized access.

Audit Management

Audit privileged and invalid user activity by actively collecting critical security events across the managed infrastructure.

Unauthorized Service Prevention

Authorize the services that you want to run either system wide or selectively by host. Disable and report on services that have been enabled without authorization.

Our Solution. Your Industry.

Our team of security and automation experts have worked together to design and develop SIMP. We've incorporated the industry-specific considerations needed for regulatory compliance, planning management, and reporting. If there is a box, we check it.

For a list of capabilities related to your industry, please download the informational brochure.

FOSS

GOVERNMENT

  • NIST 800-53
  • DISA STIG
  • HIPAA
  • SOX
  • PCI-DSS
  • GLBA
  • CIP
+

HEALTH

  • NIST 800-53
  • DISA STIG
  • HIPAA
  • SOX
  • PCI-DSS
  • GLBA
  • CIP
+

FINANCIAL

  • NIST 800-53
  • DISA STIG
  • HIPAA
  • SOX
  • PCI-DSS
  • GLBA
  • CIP
+

Energy

  • NIST 800-53
  • DISA STIG
  • HIPAA
  • SOX
  • PCI-DSS
  • GLBA
  • CIP

We Meet Standards and Exceed Best Practice




SIMP Product Statistics

  • 90 +Supported Modules
  • 18NIST Policy Families Spanned
  • 700+Automated Tests


Frequently Asked Questions (FAQ)

You asked and we've answered. If there is anything you need to know to decide whether SIMP is the right compliance framework for your environment please contact us for more information.

How do I add SIMP to my Environment?

The easiest method for trying SIMP is to grab an ISO!

Alternatively, the SIMP Quick Start Documentation contains everything you need to get started with a SIMP installation.

How do I build a new Infrastructure with SIMP?

Our preferred methodology; building new infrastructures with SIMP ensures that you start out with a minimized package load and reasonable partition defaults from the beginning.

To get started, grab an ISO and then proceed to the relevant user documentation.

Can I Use SIMP In My Environment?

If you are working on a supported version of Red Hat Enterprise Linux or CentOS based environment then SIMP will work in your existing infrastructure.

We also provide commercially available modules for Microsoft Windows.

Is SIMP Really Open Source?

The SIMP product is Open Source under the Apache 2 license.

We encourage and accept contributions to the project from our community on GitHub.
If you would like to make contributions in any way we are happy to have you!

Please see the Contributors Guide for full details and don't hesitate to ask for help if you need it!

Can I Use My Existing Puppet Modules With SIMP?

SIMP is compatible with any Puppet modules that do not have namespace conflicts with the core SIMP modules. We heartily encourage the use of the Puppet Forge for enriching the functionality of the SIMP framework.

Does SIMP work with Puppet Enterprise?

YES!
We have developed and tested updates to the SIMP modules that allow it to work seamlessly with Puppet Enterprise

Contact us for more information regarding PE integration.

Why Puppet?

Puppet was chosen due to its nature as a declarative language suited to enforcing security settings as part of a comprehensive configuration run.

Over time, Puppet has proven to be a successful language for ease of use by administrators, developers, and security personnel alike.

Do I have to use Puppet?

SIMP uses Puppet as part of its core infrastructure. However, you can compliment the SIMP framework with any automation solution that suits your environment. Be aware that you will need to check the Documentation to ensure that you do not run into operational conflicts.

As always, be sure to test carefully!

How Can I Get SIMP Support ?

SIMP Support is available through Sicura

As core developers for SIMP, Sicura offers installation integration, custom module development, and maintenance plans. Contact us for more information.




Take Your Productivity to New Heights

Whether you are chief of an organization, a systems administrator, or a developer, we have the tools you need to start on the path to a secure and compliant IT environment. With a secure framework in place and SIMP covering the essentials, you can shift focus to your immediate and long-term business goals. We're glad you are here and look forward to bringing SIMP to your environment.

Community Chat

Connect with us in our SIMP Slack Workspace.

No login is required, but it will allow us to answer your questions once you're offline.

SIMP News

Keep up with the latest SIMP news and events over at the Sicura Blog

File a Bug or Feature Request

Feedback via our JIRA Bug Tracker is always appreciated!

Our JIRA instance has been graciously donated to us by the fine folks at Atlassian Software as part of their support of Open Source projects.