Sicura Enterprise Edition
  1. Introduction
  2. Server Installation
  3. Client Installation
  4. Configuring SIMP Compliance Engine
  5. Configuring SCAP Dashboard

Windows Client Installation

The Windows Puppet Agent installer for 64-bit Windows is bundled with SIMP EE.

Using a local browser, open https://<ip_of_server>/assets/puppet-agent-windows/puppet-agent-5.0.0-x64.msi, save the installer locally, and run the downloaded installer file. Please note Internet Explorer has been reported to not download the installer directly, but try to open it in the browser instead. If this is the case for you, open https://<ip_of_server>/assets/puppet-agent/, right click the agent msi file, and select save target as.

Once you have installed puppet-agent, you will need to edit C:\ProgramData\PuppetLabs\puppet\etc\puppet.conf and make sure you are pointing the agent to the correct ca_server:


It is recommend to use Notepad++ to edit puppet.conf in order to prevent line ending related issues.

SIMP on Windows platforms leverages the SIMP Compliance Engine (SCE) to enforce all compliance settings. You are required to configure the compliance engine in Hiera and enforce a specific profile. To use the default disa_stig level of enforcement similar to what is enforced in a Linux installation, add the following to /etc/puppetlabs/code/environments/production/data/windows.yaml.

compliance_markup::enforcement: [ ‘disa_stig‘]