Ubuntu Pro beta invitation

Welcome to the Ubuntu Pro discourse! As the product manager for Ubuntu Pro, I am very excited to launch the public beta today and to open up this new forum for all our beta users to share their experience with this new service.

Ubuntu Pro has been several years in the making and is a big milestone for many teams at Canonical. We have always been committed to enhancing the security of open-source software and working closely with the community to achieve this goal.

What is Ubuntu Pro?

Ubuntu Pro is an additional layer of security and compliance services on top of an Ubuntu LTS. What’s really exciting is that it’s available to anyone free of charge for up to 5 machines. The Ubuntu LTS commitments are not changing. Ubuntu Pro expands the security coverage of an Ubuntu LTS to include packages from the Ubuntu Universe repository. It also extends the maintenance commitment to the full ten years since the LTS release.

What’s included?

Ubuntu Pro provides security coverage for critical, high and selected medium Common Vulnerabilities and Exposures (CVEs) to thousands of applications and toolchains, including Ansible, Apache Tomcat, Apache Zookeeper, Docker, Drupal, Nagios, Node.js, phpMyAdmin, Puppet, PowerDNS, Python 2, Redis, Rust, WordPress, and more.

Canonical backports security fixes from newer versions of applications, giving Ubuntu Pro users a path to long-term security with no forced upgrades. The result is a decade of API stability.

Which Ubuntu LTS releases are covered?

Ubuntu Pro is available for every Ubuntu LTS from 16.04 LTS for servers and workstations. It is already in production for large-scale customers offering global services.

Currently, all security patches for the Ubuntu Universe repository are offered under public beta. No Ubuntu Security Notices (USNs) are being provided for them before Ubuntu Pro moves from public beta to general availability.

What are the compliance and hardening features?

For enhanced compliance and hardening, Ubuntu Pro users can access FIPS 140-2 certified cryptographic packages, necessary for all Federal Government agencies as well as organisations operating under compliance regimes like FedRAMP, HIPAA, and PCI-DSS. Ubuntu Security Guide (USG) enables well-known hardening and compliance standards such as certified CIS benchmark tooling and DISA-STIG profiles. System management at scale is facilitated through Landscape.

Want to try it out and share your feedback?

Ubuntu Pro was built thanks to our collaboration with our enterprise customers and partners. Today, we are making all of it available to the whole Ubuntu community. We would love to hear about your experience with Ubuntu Pro to help drive our roadmap. Try the beta and us know what else you would like to see included with Ubuntu Pro.

For additional information:

9 Likes

There is some debate on Ask Ubuntu (AU) about support for Ubuntu Pro on that platform. Discussion here:

Are Ubuntu Pro support questions off-topic?
https://meta.askubuntu.com/questions/20159/are-ubuntu-pro-support-questions-off-topic

What are your feelings about support for this product being available, or perhaps not available, on platforms such as AU?

Hi Andrew,

Thank you for reaching out, and welcome to the Ubuntu Pro discourse.

Initially, I created this space to answer any questions about Ubuntu Pro, whether it’s about the public beta, free personal subscriptions, or paid subscriptions for enterprises.

In the post you shared, Thomas Ward provided a perfect answer to the question. In the future, I don’t mind if you point users to the Ubuntu Pro discourse or if you ping me to chime into a discussion on AU. My goal is to ensure that our users know what Ubuntu Pro gives and how to enable it if they wish to use it.

Finally, as the esm-apps service is currently in beta, I want to capture feedback from our early adopters to identify and address any issues they have with it. This would allow us to launch esm-apps GA with confidence soon.

2 Likes

Where would I post a question I have about an issue with Ubuntu Pro v27.13.3?

if you have an issue, you should file a bug on launchpad:

1 Like

Hi,

The Security Guide currently does not support Ubuntu 22.04. When will this be rolled out?

Thanks

Hi, this is still in development and we are intending to release it by May 2023.
Hope that helps.

I’m currently running xubuntu 22.04 LTS in a VM. I’m trying to get confirmation that Firefox and Chromium will support xubuntu 22.04 LTS until April 2027 without an Ubuntu Pro subscription and until April 2032 with an Ubuntu Pro subscription. I’ve searched all over the internet and have posted on various forums where I’ve received contradictory responses but no clear answer. I’m now requesting assistance here.

hi @xode0000

I suppose that you are using it as a snap? If that’s the case then you can simply keep continue using the stable channel which gets regularly updated and upgraded.

“I suppose that you are using it as a snap?”

→ Absolutely. Unlike what I’ve seen others post about snap, snap has actually worked out good for me, the key being it lets firefox and chromium access /mnt/hgfs/* (VMWare shared folders).

“…you can simply keep continue using the stable channel which gets regularly updated and upgraded.”

→ Even if the GUI desktop I’m using is XFCE (xubuntu) and not Gnome (ubuntu)? That’s what I’ve not been able to confirm. I did sign up for Ubuntu Pro, received a token and ran all of the tests that website suggested in my xubuntu VM and those test results showed no errors. It would stand to reason that, even if the xubuntu 22.04 XFCE GUI desktop doesn’t get supported beyond April 2025, that xubuntu 22.04 snap, firefox and chromium would still continue to be supported since the snap in xubuntu is the same as snap in Ubuntu. But, I wanted to get confirmation of that.

Hey there, I think you can rest easy regarding updates for the Firefox snap. :slight_smile:

When we shipped Firefox as a .deb, any updates rolled out by Mozilla would need to be backported by engineers in the Ubuntu Desktop team to previous releases to ensure compatibility and avoid regressions in older releases. This means that at any one time our engineers were covering (approximately) the current LTS, LTS -1 and LTS -2 plus any in-support interim releases, and this isn’t including the security patching coverage for even older releases covered by Ubuntu Advantage (now Pro). This could cause some delay to rolling out the latest updates on older releases and meaningful overhead in the engineering team.

By switching to a snap, Firefox is always the latest version provided by Mozilla, and since dependencies are bundled there is minimal overhead from a maintenance standpoint to running the same snap on older releases or different versions of Ubuntu. This means that someone running Firefox as a snap on 18.04 is getting the same frequency of updates as someone running the Firefox snap in 22.04 or 24.04 and the engineering work the desktop team do to package the Firefox snap is essentially covered by the support commitment of the current LTS even if the release you’re running on is out of LTS support. This is not to say this is true of all snaps where sometimes we may need to maintain different versions for different releases, but for Firefox this is the case.

As a result you get the benefits of the latest Firefox regardless of the release you’re running on and the desktop engineering team have been able to invest more time in other areas such as the new installer, App Center and upcoming Security Center.

I hope that helps.

1 Like

“Hey there, I think you can rest easy regarding updates for the Firefox snap…I hope that helps.”

→ This helps a lot. Thank you for responding.

“…the desktop engineering team have been able to invest more time in other areas such as the new installer, App Center and upcoming Security Center.

→ Xubuntu 22.04 out of the box came extremely well put together. But, probably like every end user, there are features specific to me I needed and it would be unreasonable to expect any OS, Ubuntu or otherwise, to have right out of the box. Xubuntu 22.04 has also been flexible enough that I was able to add all of those extra features I needed. One of those extra features I added is realtime scanning for malware of Firefox and Chromium downloads as those are downloaded, as well as realtime scanning of email as I receive it.

1 Like