Canonical security subscriptions for Ubuntu Linux now available

Security maintenance service for Ubuntu LTS releases offers CVE protection and security updates for some 23,000 packages beyond the main OS.

Cybersecurity

Canonical’s Ubuntu Pro, a Linux security maintenance subscription service covering thousands of applications and toolchains in the open-source ecosystem, is generally available as of January 26.

Released in beta in October, Ubuntu Pro helps users of Linux desktops and servers get CVE (common vulnerabilities and exposures) patches, harden their systems at scale, and stay compliant with standards such as FedRAMP, HIPPA, PCI-DSS. Ubuntu Pro covers an additional 23,000 packages beyond the main OS, providing protection against critical, high, and selected medium CVEs for applications and toolchains ranging from Ansible and Apache Tomcat to Node.js, Puppet, PowerDNS, Redis, Rust, and WordPress.

The standard Ubuntu Pro subscription covers security updates for all packages in the Ubuntu Main and Ubuntu Universe repositories. Ubuntu Pro costs $25 per year per workstation and $500 per year per server. Personal subscriptions for up to five machines are available free. Subscriptions are available at ubuntu.com/pro/subscribe with a 30-day free trial.

Ubuntu Pro is available for every Ubuntu LTS release from 16.04 LTS, and is already in production for large-scale customers. In addition to offering security patches, Ubuntu Pro includes tools for compliance management in regulated and audited environments.

In addition, Ubuntu Security Guide enables best-in-class hardening and compliance standards such as CIS benchmark and DISA-STIG profiles, the company said. Ubuntu users can access FIPS-certified cryptographic packages needed for all federal agencies as well as organizations operating under compliance with HIPPA, FedRAMP, and PCI-DSS.

Automated patching at scale is enabled through the Landscape system management tool. Also featured is Livepatch, which patches critical and high-severity kernel vulnerabilities at runtime, minimizing unplanned reboots.

Copyright © 2023 IDG Communications, Inc.