Canonical has achieved FIPS 140-2 Level 1 certification for Ubuntu 16.04 LTS for the modules and hardware platforms listed in the section below. Other hardware platforms may successfully operate with the FIPS packages, but strictly, the FIPS certificates referenced below are limited to the specific hardware platforms described. Questions as to whether the FIPS certifications referenced below will be sufficient for a given customer’s hardware will need to be referred to the customer’s IT security policy.

Canonical is also currently pursuing Common Criteria EAL2 certification for Ubuntu 16.04 LTS.

For Ubuntu 16.04 LTS, the following security hardening guides are available:

  • Defense Information System Agency (DISA) Security Technical Implementation Guide (STIG)
  • Center for Internet Security (CIS) Benchmark (14.04 LTS, 16.04 LTS)

Canonical is planning to make its security certifications offerings available only to customers, typically customers of Ubuntu Advantage Server Advanced. For further information, please contact a member of the Canonical Inside Sales team at inside-sales@lists.canonical.com.

Security certifications for Ubuntu 16.04

  • FIPS 140-2
  • Hardware platforms
    • IBM Power System 8001-22C with PAA
    • IBM Power System 8001-22C without PAA
    • IBM Power System 8247-22L with PAA
    • IBM Power System 8247-22L without PAA
    • IBM Power System 8335-GTB with PAA
    • IBM Power System 8335-GTB without PAA
    • IBM z13 with PAI
    • IBM z13 without PAI (single-user mode)
    • Supermicro SYS-5018R-WR with PAA
    • Supermicro SYS-5018R-WR without PAA
  • Common Criteria (EAL2)

Hardening guides

  • DISA STIG - Received official notification from DISA that Ubuntu 16.04 LTS STIG has been approved pending revision. STIG going through DISA post approval review and will be posted on DISA website when completed.
  • CIS Benchmark available for 14.04 LTS and 16.04 LTS

Security/Certification (last edited 2017-12-13 15:38:55 by emilyr)