What is the Ubuntu Security Guide?
Security Technical Implementation Guides like the CIS benchmark or DISA-STIG have hundreds of configuration recommendations, so hardening and auditing a Linux system manually can be very tedious. Ubuntu Security Guide (USG) is a new tool available with Ubuntu 20.04 LTS that greatly improves the usability of hardening and auditing, and allows for environment-specific customizations. The following sections provide more information on hardening and auditing with usg.
In this tutorial, we will learn how to audit with the CIS benchmark or DISA-STIG on Ubuntu 20.04 LTS machines, while using an Ubuntu Advantage or Ubuntu Pro subscription.
Understanding the UA client
The Ubuntu Advantage (UA) client is a tool designed to automate access to UA services like Extended Security Maintenance (ESM), USG, FIPS, and more.
What you’ll learn:
- How to check which version of the UA client is installed on your machine and how to update it if necessary
- How to attach the UA client to your Ubuntu Advantage account using your UA token
- How to enable the USG on your Ubuntu machine
- How to perform an audit for CIS or DISA-STIG
What you’ll need:
An active Ubuntu Advantage for Infrastructure or Ubuntu Pro subscription.
An Ubuntu machine running a fresh install* of Ubuntu server or desktop 20.04 LTS
Please note that if you use the tool to harden an existing Ubuntu image, the hardening process may take long.