Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

An error occurred while submitting your form. Please try again or file a bug report. Close

  1. Blog
  2. Article

Canonical
on 26 February 2019

Ubuntu is EAL2 certified

EAL2 Security Ubuntu

Canonical has received Common Criteria EAL2 certification. The evaluation covers a fresh install of Ubuntu 16.04.4 LTS on one of the supported platforms listed in the certification report.

Common Criteria (CC) for Information Technology Security Evaluation is an international standard (ISO/IEC IS 15408) for Computer security certification. It provides an assurance that a product satisfies a defined set of security requirements. The security requirements for the evaluation are specified in the Security Target. The certification is based on the Operating System Protection Profile (OSPP) together with an extended requirement for virtualization. The evaluation was obtained through CSEC – The Swedish Certification Body for IT Security. The consulting for the evaluation was performed by atsec Information Security, a U.S. Govt and BSI accredited laboratory. The certification report is available on the CSEC website for more information.

Canonical has obtained an EAL2 certification which is recognized in 30 countries who are members of CCRA. This is a mandatory requirement for Government usage and also in financial institutions and organizations dealing with sensitive data.  

How to obtain Ubuntu Common Criteria certified configuration?

CC configuration requires a specific set of software and hardware that was used in the certification. The software bits that would put a system in evaluated configuration are available to Ubuntu Advanced  customers. This includes utilities to make the EAL2 configuration changes, additional packages, and the Evaluated Configuration Guide. The Evaluated Configuration Guide is a security guide that explains how to set up the evaluated configuration, and provides information to administrators and ordinary users to ensure secure operation of the system.

After a fresh install of Ubuntu 16.04.4 LTS server following the instructions in the evaluated configuration guide,  the additional software bits are executed to put the system into the EAL2 configuration. The EAL2 configuration includes the Ubuntu FIPS packages offering stronger cryptography.

Please get in touch for more details.

Contact us

The original version of this blog was posted here.

Related posts

ilvipero
9 January 2026

London called, and the world answered: creating a Summit without borders

Ubuntu Article

When we announced that the Ubuntu Summit 25.10 would be a remote event, we knew we were taking a big step. We asked ourselves: how can we capture the spirit of an in-person community event and convey its energy through a screen? How can we connect the circle of friends from all over the world? ...

Canonical
5 January 2026

Canonical announces Ubuntu support for the NVIDIA Rubin platform

Canonical announcements Article

Official Ubuntu support for the NVIDIA Rubin platform, including the NVIDIA Vera Rubin NVL72 rack-scale systems, announced at CES 2026 CES 2026, Las Vegas. – Canonical, the publisher of Ubuntu, is pleased to announce official support for the NVIDIA Rubin platform and the latest distributions of the new NVIDIA Nemotron 3 open models.  As A ...

Florencia Cabral Berenfus
17 December 2025

Extending ROS Noetic Support with ESM-Enabled Content Snaps

Robotics Article

Canonical has now extended its ESM (Expanded Security Maintenance) for ROS coverage to ROS Noetic content-sharing snaps. With ESM for ROS now available in both deb and snap formats, Ubuntu continues to be the trusted foundation for secure, long-term robotics innovation. ...