What matters more, compliance or security? Not to recreate the dilemma of “Which came first, the chicken or the egg?”, but this terminology gets interchanged so frequently, you may mistakenly dismiss them as being the same thing. Can your infrastructure be secure without being compliant? Yes. Can your systems be compliant without being secure? Definitely. So what is more important? How are they even related, and can you have both?
SIMP Console Beta 0.16.0 Available
We are proud to announce the availability of SIMP Console 0.16.0. This is the first Beta-ready version of the SIMP Console, and has such contains early functional versions of the core workflow, such as:
- At-a-glance dashboard for failure/success on folders and subfolders.
- Hierarchical tree of folders, to group systems scans based on their placement within your organization
- Ingestion of SCAP scan results from OpenSCAP on Linux platforms using our simp-scanner utility.
- Mapping SCAP scan results into Puppet settings that can be copy-pasted directly into your Hiera data files.
- Cross referencing to NIST and STIG controls
- Local authentication, LDAP authentication, and Google Auth based authentication.
We will be announcing new beta versions roughly every 2 weeks, and will be detailing the specific changes in the release notes section of the email, as well as any specific features we’d like feedback on.
At this stage of the beta program, we are not guaranteeing database backwards compatibility. You may have to rm -rf /var/db/simp/simp-console.db if using sqlite, or drop database and create database if using postgres.
- Initial feedback on RBAC was that it didn’t match expectations for how RBAC should function, so it is currently disabled in this version of the SIMP Console. It will be enabled in a subsequent version after a redesign.
- The description of individual findings is difficult to read and understand. This is due to the data being sent from the scanning utilities, and we are working to replace it with prettier ‘markdown’-based text.
- Copy-to-clipboard does not copy the puppet parameters.
Feedback can be sent by clicking on the ‘Feedback’ link in the user dropdown.
SIMP Console Documentation
The latest revision of all SIMP Console documentation will be found here
Quick Installation Instructions
In order to install simp-console packages from the unstable repository, you need to have a valid SIMP EE or LE license key installed at /etc/simp/license.key
sudo yum install https://download.simp-project.com/simp/yum/simp-unstable-platform.rpm
sudo yum install simp-vendored-ruby
sudo yum install simp-console-0.16.0
sudo service simp-console start
Occasionally, when using a Ruby environment switching tool, such as RVM, you will discover a need to switch back to system Ruby for various reasons. Unfortunately, getting Bundler to automatically play nice with the rest of the system is not well documented. I hope this post helps to remedy that.
SIMP Console Beta 0.17.0 Available
We are proud to announce the availability of SIMP Console 0.17.0. This is primarily a bugfix and refactoring release as we work towards a more complete Role-based Access Control (RBAC) solution.