Certification

Differences between revisions 7 and 8
Revision 7 as of 2017-06-26 20:22:53
Size: 1410
Editor: trogado
Comment:
Revision 8 as of 2017-06-27 13:17:46
Size: 1532
Editor: trogado
Comment:
Deletions are marked like this. Additions are marked like this.
Line 8: Line 8:
For further information, please contact a member of the Canonical Inside Sales team at inside-sales@lists.canonical.com.

Canonical is seeking FIPS and CC certification for 16.04 LTS. We are also working to create DISA STIG and CIS Benchmark rulesets, together with auditing and remediation tooling, for 16.04 LTS.

Canonical is planning to offer Security Certification and Hardening for Ubuntu via a "paid for" Ubuntu Advantage Premium package. As a result, the FIPS and CC enabled packages will not be available in the publicly available Ubuntu archives.

For further information, please contact a member of the Canonical Inside Sales team at inside-sales@lists.canonical.com.

Security certifications for Ubuntu 16.04

  • FIPS 140-2

    • OpenSSH validated level 1 May 2017 (Server: 2906, Client: 2907)

    • OpenSSL validated level 1 April 2017 (2888)

    • Kernel Crypto API in review, target completion 4Q17

    • Strongswan review pending, target completion 4Q17

  • Common Criteria (EAL2)
    • Current Status - in progress

Final location for the FIPS and CC enabled packages - tbd

Official hardening guides

  • DISA STIG
    • The STIG is currently going through the QA process with DISA.

  • CIS Benchmark available for 14.04 and 16.04

Security/Certification (last edited 2017-12-13 15:38:55 by emilyr)