What is the CIS benchmarking tool?
The Center for Internet Security (CIS) has published hardening benchmarks for all Ubuntu LTS versions since Ubuntu 12.04 LTS. These hardening benchmarks are meant to be best-practice security configurations. Canonical has developed a tool that automates the process of hardening and auditing Ubuntu LTS images based on the published CIS benchmarks, enabling you to harden an image within minutes.
In this tutorial, we will learn how Ubuntu Advantage for Infrastructure and Ubuntu Pro customers, as well as personal users taking advantage of their free access to Ubuntu Advantage for Infrastructure, can use the Ubuntu Advantage client (UA client) to enable the CIS benchmarking tool on Ubuntu 16.04 ESM, 18.04 LTS and 20.04 LTS machines.
Understanding the UA client
The Ubuntu Advantage (UA) client is a tool designed to automate access to UA services like Extended Security Maintenance (ESM), CIS, FIPS, and more. The client is available for all Ubuntu LTS releases, however some services, such as the CIS benchmarking tool, are in beta or are not available for all Ubuntu LTS or ESM releases.
What you’ll learn:
- How to check which version of the UA client is installed on your machine and how to update it if necessary
- How to attach the UA client to your Ubuntu Advantage account using your UA token
- How to enable the CIS benchmarking tool on your Ubuntu machine