Ubuntu Pro FIPS is providing additional coverage for production environments running in the cloud.
Ubuntu FIPS is the first and only FIPS certified image for the public cloud. Ubuntu FIPS is the critical foundation for state agencies administering federal programs and private sector companies with government contracts. Ubuntu FIPS is built upon the power of Ubuntu Pro’s enhanced stability, compliance and security features and is maintained to provide your organization with the strongest FIPS foundation now and in the future.
Additional security patches beyond the basic maintenance that comes with Ubuntu ensure all Critical and High CVEs for 28,000 packages on Ubuntu instances are addressed. Kernel livepatch applies security fixes to the live running kernel, ensuring maximum uptime and minimizing operational overhead. Ubuntu Pro rolls up all the security features Canonical customers enjoy, and enables them automatically with no up front contract required.
Ubuntu FIPS includes Canonical's Ubuntu Advantage Essential offerings for both Infrastructure and Applications such as certification, compliance and hardening profiles including FIPS 140-2, Common Criteria EAL2, CIS and DISA STIG. Security patch coverage expands constantly based on customer priorities and package usage patterns.
No subscription is required. No action is required to gain access to the Ubuntu Advantage security patches; they are automatically available to instances of Ubuntu FIPS. The UA client is included and allows enabling or disabling of specific services.
Ubuntu FIPS is a separate build of Ubuntu certified by the National Institute of Standards and Technology (NIST) with all the additional security capabilities that Canonical (the publisher of Ubuntu) provides to enterprise customers including those who operate in regulated environments such as FedRAMP, HIPAA, PCI.
- NIST certification for the Ubuntu kernel and several security components.
- Canonical's Extended Security Maintenance covers thousands of the most widely deployed packages on Ubuntu. Additionally, kernel livepatch maximizes uptime while providing real-time defense against critical kernel exploits.
- Ubuntu FIPS is backed by a 10-year maintenance commitment from Canonical, including patches for high and critical CVEs for all supported components.