Ubuntu Pro Tackles the Challenge of Enterprise Open Source Adoption
For modern enterprises, adopting open source isn’t a matter of “if,” but “when.” Open source’s momentum is remarkable and, more and more every year, open source is associated with cutting-edge technologies, cost savings, and a modernized technology stack.
Ninety-seven percent of applications leverage open source code, and 90% of companies are applying or using it in some way. According to Forrester, more than half of Fortune 500 companies use open source software for their development projects. In 2022, developers started 52 million new open source projects on GitHub. And, developers across the platform made more than 413 million contributions to open source projects.
And yet, attractive as open source is, many organizations still struggle with the “how.” Concerns over support, security, and compliance continue to hover over open source adoption. Those certainly are areas where no enterprise can afford to compromise.
With these challenges in mind, Canonical, the publisher of Ubuntu, recently released Ubuntu Pro, a comprehensive subscription for open source security, compliance, and support.
Following Ubuntu Pro’s introduction into beta in October 2022, the general availability is a significant development for users of the world’s most popular Linux operating system, and the most prevalent across major public clouds, accounting for nearly 34% of Linux market share, more than double the next distribution.
Think of Ubuntu Pro as a layer of additional services on top of the standard Ubuntu LTS (Long-Term Support). It is available for every Ubuntu LTS from 16.04 LTS to the most recent 22.04 LTS released last year. Since the beta announcement last fall, tens of thousands of Ubuntu users have signed up for the service.
At a time when security remains the top concern for organizations around the world, Ubuntu Pro recognizes that the operating system underpins the security of any application. Ubuntu Pro protects organizations against common vulnerabilities and exposures (CVEs) far beyond the operating system (OS). The subscription covers a broad spectrum of open source applications, which comes with a 10-year commitment of timely security patches, certified compliance and hardening for systems at scale.
For those operating in compliance-heavy industries like government, healthcare, and financial services, Ubuntu Pro enables organizations to remain compliant with regimes such as FedRAMP, HIPAA and PCI-DSS.
What’s more, the Ubuntu Pro significantly enhances both the security coverage and technical support beyond the main operating system.
Let’s drill down into Ubuntu Pro’s key enterprise features.
Enhanced Security Capabilities
Ubuntu Pro subscriptions include Landscape, Canonical’s monitoring and management tool for all versions of Ubuntu that offers software updates, configuration management, policy compliance and permission control for the entire physical and virtual fleet.
Landscape can administer both physical and virtual machines. Managing desktops and servers on-premises and in the cloud can be done via managing one machine. All machines with an Ubuntu Pro subscription can use Landscape SaaS or self-hosted Landscape at no additional cost.
Canonical has an 18-year track record of timely security updates for the main Ubuntu OS, with critical CVEs patched in less than 24 hours on average. Ubuntu Pro’s coverage spans critical, high, and selected medium CVEs for thousands of applications and toolchains.
For developers using Ansible, Apache Tomcat, Apache Zookeeper, Docker, Nagios, Node.js, phpMyAdmin, Puppet or Python 2, Ubuntu Pro expands coverage for critical, high and medium CVEs for 10 years of security and maintenance with security patches backported to the same version of the application, far beyond the upstream commitments for enhanced API stability and no forced migrations. This also covers thousands of other applications and toolchains in Ubuntu’s repositories, such as Redis, Rust, WordPress, and more.
For most users, these security fixes occur automatically, with Ubuntu’s unattended upgrades. System management and automated patching at scale are facilitated through Landscape.
Ubuntu Pro also includes Livepatch, which patches critical and high-severity kernel vulnerabilities at runtime to minimize the need for unplanned reboots of an Ubuntu estate.
Canonical collaborates with top security scanning and vulnerability management providers to make sure information about Ubuntu Pro CVE fixes is available through commonly used tooling and dashboards.
Another benefit is easy and automatic integration of Ubuntu Desktop into an existing Active Directory architecture via System Security Services Daemon (SSSD), as well as ADsys, Canonical’s new Active Directory client. This aligns the Active Directory management experience of Ubuntu with the one available in Windows, allowing system administrators to securely manage a fleet of Ubuntu desktops at scale.
A Single Subscription for Open Source Security and Compliance
Besides providing timely security patches, Ubuntu Pro includes certified tools for compliance management in regulated and audited environments. Ubuntu Security Guide (USG) enables best-in-class hardening and compliance standards such as CIS benchmarks and DISA-STIG profiles.
This is important for organizations with an especially heavy compliance requirement. Take government, for example. Complying with U.S. government security standards like FISMA, FIPS, FedRAMP or DISA-STIG is critical not only for government agencies, but also for companies that do business with those agencies and bound by strict security rules.
Ubuntu Pro helps by allowing users to access FIPS-certified cryptographic packages necessary for all federal agencies as well as organizations operating under other compliance regimes like HIPAA and PCI-DSS.
The Ubuntu Pro subscription expands Canonical’s 10-year security coverage and optional technical support to an additional 23,000 packages beyond the main operating system. Having a team of experts ready 24/7 to bug-fix thousands of open source packages is great for organizations looking to consume open source in their mission-critical and production environments.
Ubuntu Pro can be combined with up to 24×7 enterprise-grade support coverage for the Ubuntu operating system. Additionally, it can cover open infrastructure such as MAAS, LXD, Kubernetes, OpenStack or Ceph/Swift storage, and now also a range of open-source applications, such as Kafka, Kubeflow, OpenJDK, PostgreSQL, Telegraf, Samba, and Vault.
Canonical can extend the service further by providing a technical account manager or dedicated support engineer or taking full responsibility for the whole environment — from the initial setup to operations of the environment on behalf of the customer, with up to 99.9% SLA-backed uptime.
Subscription Types and Pricing
The standard Ubuntu Pro subscription covers the full set of security updates for all packages in Ubuntu Main and Universe repositories — this is the most suitable choice in most cases. Ubuntu Pro costs $25 per year for a workstation or $500 per year for a server and is available directly from ubuntu.com/pro/subscribe with a 30-day free trial.
Ubuntu Pro is also available through Canonical’s public cloud partners’ marketplaces – Amazon Web Services, Azure, and Google Cloud. Instead of needing to contract with Canonical directly, users can simply choose Ubuntu Pro as an add-on to their public cloud subscription.
The Bottom Line
A fragmented approach to security, compliance, and long-term maintenance is among the most significant obstacles to open source adoption. Enterprises are hungry for modular, cloud-native application platforms that dot all the i’s and cross all the t’s in these requirements.
Ubuntu Pro’s enterprise-grade features, expanded security commitment, compliance reporting tools, are built to eliminate these worries about open source adoption.