SIMP Logo

SIMP Stack

A Managed Ecosystem for Secure Operations

SIMP is an Open Source, fully automated, and extensively tested framework that can either enhance your existing infrastructure or allow you to quickly build one from scratch. Built on the mature Puppet product suite, SIMP is designed around scalability, flexibility, and compliance.

Initially designed as a turn-key solution for isolated environments, SIMP includes everything you need to get started building repeatable infrastructures at any scale.

Core Capabilities

The automated subsystems in SIMP keep your systems consistent and protected.

PKI

Fully manage the distribution of key materials throughout your environment and be assured that SIMP services are seamlessly protected.

LDAP

Centralized account management provides effective real-time administration of users.

Host-based Firewall

System-level network protection and logging across all managed systems. All exposed services running on the system have an enforced firewall policy.

Secure Remote Access

Encrypt and authenticate remote system communications. Privileged user access restriction and enforced access control groups help detect insider threats and prevent unauthorized access.

Audit Management

Audit privileged and invalid user activity by actively collecting critical security events across the managed infrastructure.

Unauthorized Service Prevention

Authorize the services that you want to run either system wide or selectively by host. Disable and report on services that have been enabled without authorization.

Our Solution. Your Industry.

Our team of security and automation experts have worked together to design and develop SIMP. We've incorporated the industry-specific considerations needed for regulatory compliance, planning management, and reporting. If there is a box, we check it.

For a list of capabilities related to your industry, please download the informational brochure.

FOSS

GOVERNMENT

  • NIST 800-53
  • DISA STIG
  • HIPAA
  • SOX
  • PCI-DSS
  • GLBA
  • CIP
+

HEALTH

  • NIST 800-53
  • DISA STIG
  • HIPAA
  • SOX
  • PCI-DSS
  • GLBA
  • CIP
+

FINANCIAL

  • NIST 800-53
  • DISA STIG
  • HIPAA
  • SOX
  • PCI-DSS
  • GLBA
  • CIP
+

Energy

  • NIST 800-53
  • DISA STIG
  • HIPAA
  • SOX
  • PCI-DSS
  • GLBA
  • CIP

We Meet Standards and Exceed Best Practice




SIMP Product Statistics

  • 90 +Supported Modules
  • 18NIST Policy Families Spanned
  • 700+Automated Tests


Frequently Asked Questions (FAQ)

You asked and we've answered. If there is anything you need to know to decide whether SIMP is the right compliance framework for your environment please contact us for more information.

How do I add SIMP to my Environment?

The best way to add SIMP to an existing environment is to use our YUM repositories.
Remember, SIMP 4 is for EL6 and SIMP 5 is for EL7!
Don't forget to grab our GPG key to verify your packages!
Detailed instructions can be found on our Confluence Page.

How do I build a new Infrastrucutre with SIMP?

Our preferred methodology; building new infrastructures with SIMP ensures that you start out minimized with reasonable partition defaults from the beginning.
To get started with a fresh SIMP installation, you will want to follow the instructions on the associated Confluence Page.
This is also the method to follow if you want to try the latest bleeding edge code.

Can I Use SIMP In My Environment?

If you are working in a Red Hat Enterprise Linux or CentOS based environment then SIMP can work in your existing infrastructure. Onyx Point is currently developing and testing SIMP compliant modules for Microsoft Windows.

Is SIMP Really Open Source?

The SIMP product is Open Source under the Apache 2 license. We encourage and accept contributions to the project from our online community on GitHub. If you would like to make contributions in any way we are happy to have you.

Can I Use My Existing Puppet Modules With SIMP?

SIMP is compatible with any Puppet modules that do not have namespace conflicts with the core SIMP modules. We heartily encourage the use of the Puppet Forge for enriching the functionality of the SIMP framework.

Does SIMP work with Puppet Enterprise?

Onyx Point is working on seamless integration with Puppet Enterprise as requested by several industry users.
Contact us for more information regarding PE integration.

Why Puppet?

Puppet was chosen due to its nature as a declarative language suited to enforcing security settings as part of a comprehensive configuration run. Over time, Puppet has proven to be a successful language for ease of use by administrators and ease of explanation to security staff.

Do I have to use Puppet?

SIMP uses Puppet as part of its core infrastructure. However, you can compliment the SIMP framework with any automation solution that suits your environment. Be aware that you will need to check the Documentation to ensure that you do not run into operational conflicts. Also, as always, be sure to test carefully before deploying operational code!

How Can I Get SIMP Support ?

SIMP Support is available through Onyx Point Inc. As core developers for SIMP, Onyx Point offers installation integration, custom module development, and maintenance plans. Contact us for more information.




Take Your Productivity to New Heights

Whether you are chief of an organization, a systems administrator, or a developer, we have the tools you need to start on the path to a secure and compliant IT environment. With a secure framework in place and SIMP covering the essentials, you can shift focus to your immediate and long-term business goals. We're glad you are here and look forward to bringing SIMP to your environment.

Still have questions? Contact us to arrange a product demo or read through our online documentation.

Want to help improve SIMP? Fork us on GitHub!

Want to Hear The Latest SIMP News?

We'll never SPAM you, we promise. As an Open Source project, we focus our efforts on the product and the community it supports. If you want to know when Windows will be supported, what the latest release includes, what community contributions we've pushed downstream, etc. then sign up for our periodic news releases.

Fields marked with an * are required

Contact Us


Drop us a line using the form below to get a response from our team.

How can we help?
Sending Message...
Your message was sent successfully to our team. We will be in touch with you soon.
Sorry your message was not sent. Please resubmit.