Canonical works closely with Microsoft to ensure that running Ubuntu on Azure is a great experience. One of the key aspects of this collaboration is ensuring the longevity and security of Ubuntu releases, such as Ubuntu 18.04 LTS, even beyond their Standard Security Maintenance period. We are excited to announce the integration of Ubuntu Pro update awareness into Azure through the Azure Guest Patching Service (AzGPS) and Update Management Center (UMC). This feature highlights the additional updates available through Ubuntu Pro, including those for Ubuntu 18.04 LTS, now under Extended Security Maintenance. This increased visibility of updates is a significant benefit for users of Azure native VMs and VM Scale Sets, as well as those connected via Azure Arc.
Ubuntu Pro, a subscription by Canonical, provides enhanced security, compliance, and system management tools for organisations using Ubuntu in the Azure cloud.
Expanded Security Maintenance (ESM) is one of the key features of Ubuntu Pro. ESM extends the security maintenance period for Ubuntu LTS releases from five to ten years, allowing Ubuntu 18.04 LTS users to continue using their deployments in production until 2028. ESM also expands the security coverage to a much greater range of packages.
The newly integrated Ubuntu Pro feature in Azure helps users identify Ubuntu instances that aren’t receiving all available security updates. For instance, examining an Ubuntu Server 18.04 LTS instance on Azure today could display something like this:
Take note of the message, “Security-ESM update(s) are available for this machine. An Ubuntu Pro subscription is required to remain secure. Learn more.”
This message indicates that 46 security updates are available for this Ubuntu 18.04 LTS instance, of which 42 can only be accessed through ESM. To receive these, you must attach Ubuntu Pro subscription to the instance. If your instance is in this state, it’s crucial to take action, as it has known unpatched security vulnerabilities. The process of obtaining Ubuntu Pro and how to attach it to your instance is explained in the subsequent section.
Looking at the detailed view of packages, we can see that these have Classifications of “Security-ESM”:
Once you have activated Ubuntu Pro on these instances, as explained in the following section, these updates appear as available and can be applied in the usual way, yielding the expected result:
You can obtain Ubuntu Pro on Azure in several ways, depending on your specific needs and the flexibility of your workload. Here are the options:
Ubuntu Pro is accessible for free on up to 5 machines, or 50 if you are an official Ubuntu Community member. To get started, register here.
The Azure Guest Patching Service allows customers to simplify their Guest OS management on their VMs and VM Scale Sets. This service deploys the latest security and critical updates using Safe Deployment Principles, ensuring the customer’s operations remain uninterrupted and secure.
The Azure Update Management Center is designed to manage and govern updates across all your machines. Powered by Azure Guest Patching Service, it provides a unified service for monitoring Windows and Linux update compliance across your Azure, on-premises, and other cloud platform deployments, all from a single dashboard. Canonical collaborates with the Azure Update Management Center team to ensure that it can manage Ubuntu instances effectively at scale.
The introduction of enhanced Ubuntu update awareness into the Azure Update Management Center offers tailored security guidance to our Azure users. This guidance takes into account the actual Ubuntu releases and packages installed. Our ultimate goal is to empower our joint users with timely and relevant information, enabling them to make informed security decisions and thereby enhancing the security of their Ubuntu instances on Azure.
Empower your modern workforce with VDI from HPE and Canonical For years, virtual desktop infrastructure…
Welcome to the Ubuntu Weekly Newsletter, Issue 863 for the week of October 20 –…
With an ambition to become Asia’s technology hub for telecommunications in the 5G/6G era, India…
October 2024 marks the 20th anniversary of Ubuntu. The cybersecurity landscape has significantly shifted since…
This article provides a complete guide to setting up an Apache reverse proxy for an…
Canonical is excited to be a part of the Dell Technologies Forum in São Paulo…