Ubuntu Security Certifications
Canonical’s security certifications offerings are available to Ubuntu Advantage customers. For further information, please contact a member of the Canonical Sales team.
Federal Information Processing Standards Publications (FIPS) are issued by the National Institute of Standards and Technology (NIST). FIPS 140-2 specifies the security requirements for cryptographic modules. These requirements address the areas of secure design and implementation.
Ubuntu 16.04 LTS (Xenial) and Ubuntu 18.04 LTS (Bionic) have certified FIPS packages. Ubuntu 20.04 LTS (Focal) has FIPS packages currently undergoing the NIST review process.
Future Ubuntu LTS releases will also be put through the certification process. Visit the NIST Computer Security Resource Center’s Modules In Process List to see current Canonical modules in the certification process.
Certified use of FIPS packages
Non-Certified use of FIPS packages
Common Criteria for Information Technology Security Evaluation (CC) is an international standard. The CC provides a common set of requirements for the security functionality of IT products and for assurance measures applied to these IT products during a security evaluation.
The evaluation process establishes a level of confidence that the security functionality of these IT products and the assurance measures applied to these IT products meet these requirements:
Ubuntu 20.04 LTS (Focal), Ubuntu 18.04 LTS (Bionic), and Ubuntu 16.04 LTS (Xenial) have compliance benchmark documents developed by the Center for Internet Security (CIS), available on their website. Canonical has developed a tool to assist in hardening Ubuntu LTS systems based off of the published CIS benchmarks.
|1||fips||FIPS for Ubuntu|
|2||fips-cloud-containers||FIPS for clouds and containers|
|1||cc||Common Criteria for Ubuntu|
|1||cis||Center for Internet Security (CIS) Compliance for Ubuntu|
|2||cis-manual-requirements||Required Manual Configuration|
|2||cis-juju||Hardening via Juju|
|2||cis-ruleset-params||ruleset-params.conf Parameter Information|
|2||cis-audit||Auditing a CIS-Hardened Ubuntu System|