Hugo Huang
on 9 November 2021


This article was last updated 2 year s ago.

CIS Benchmarks are best practices for the secure configuration of a target system. The Center for Internet Security, Inc. (CIS®) is the authority backing CIS Benchmarks. Ubuntu Pro is entitled to be CIS compliant and packaged with CIS toolings from Canonical.

Let’s SSH into your Ubuntu Pro virtual machine. If you haven’t yet upgrade your Ubuntu LTS to Ubuntu Pro, please follow this tutorial. In less than One Minute, you will be able to get your Ubuntu Pro machine without losing any of your mission critical workloads. Once you SSH into your Ubuntu Pro, input:

You will see:

SERVICE ENTITLEDSTATUSDESCRIPTION
cisyesdisabledCenter for Internet Security Audit Tools
[…]

Let’s enable CIS for this VM:

You will see:

If you check the status:

You will see:

SERVICEENTITLEDSTATUSDESCRIPTION
cisyesenabledCenter for Internet Security Audit Tools
[…]

With tooling packages installed, let’s harden your Ubuntu 16.04 Pro system with CIS Level 1 Server profile:

In less than 3 minutes, your Ubuntu Pro will go through the whole process of hardening and you will get a CIS level-1 compliant environment with no more manual configuration. Let’s audit the system:

The output should be similar to:

The HTML report as shown above will also present your CIS score. For comprehensive CIS hardening instructions, you can check Ubuntu CIS Compliance documentation.


Newsletter
signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Related posts


Hugo Huang
13 May 2024

Ubuntu Pro 24.04 LTS Lands on Google Cloud: Power Up Your Cloud Experience

Ubuntu Pro Cloud and server

Exciting news for cloud enthusiasts and developers! Ubuntu Pro 24.04 LTS (Noble Numbat) is now available on Google Cloud, bringing a robust and secure platform for your cloud workloads. This latest Long Term Support release from Canonical offers a wealth of features and enhancements, making it the perfect choice for...

Hugo Huang
13 May 2024


Rajan Patel
26 June 2025

NodeJS 18 LTS EOL extended from April 2025 to May 2032 on Ubuntu

Article Ubuntu

Canonical provides up to 12 years of security patching for open source software packaged and published through Ubuntu Pro repositories. These security commitments differ from upstream open source software maintainers, like the OpenJS Foundation.

Rajan Patel
26 June 2025


Miona Aleksic
21 May 2025

Simplify security maintenance and compliance with Ubuntu Pro auto-attach for LXD guests

Article Cloud and server

With the latest LXD release, Ubuntu Pro now supports auto-attachment for LXD guest instances, offering organizations a seamless way to extend Ubuntu Pro benefits across their infrastructure.

Miona Aleksic
21 May 2025