Security and performance are the focus as Canonical launches Ubuntu 20.04 LTS
Mark Shuttleworth of Canonical
Canonical, the publisher of Ubuntu, has made Ubuntu 20.04 LTS generally available, with a particular emphasis on security and performance.
“Accelerating open source globally is our mission. Ubuntu 20.04 LTS is the new state of the art open source platform for the enterprise and the entrepreneur,” says Mark Shuttleworth, CEO of Canonical. “We bring together thousands of contributors and the technology companies to make Ubuntu 20.04 LTS the standard reference platform for secure cloud and edge compute.”
Ubuntu has reached the top of independent rankings of enterprise Linux security. Ubuntu 20.04 LTS applies Kernel Self Protection measures, assures control flow integrity and adds stack-clash protection for systemic forward-looking enterprise security.
Ubuntu 20.04 LTS also includes Secure Boot to protect against low level attacks and rootkits, often employed by Advanced Persistent Threat groups, and limits attack proliferation or ‘blast radius’ with strict snap confinement of key exposed applications on the desktop and server such as the local Kubernetes package MicroK8s. To mitigate social engineering attacks, Ubuntu 20.04 LTS introduces Fast ID Online (FIDO) for universal multi-factor and passwordless authentication.
Canonical works with platform partners to anchor security for the operating system in the deepest possible fashion in modern hardware capabilities. “Ubuntu 20.04 LTS pushes the envelope with the latest developments in security and scalability, ” says Robert Gomer, director of AMD Datacentre Alliances. “It adds native support for AMD Secure Encrypted Virtualisation with accelerated memory encryption designed for data-in-use protection as well as high-performance scaling for AMD EPYC processors with 256 threads and beyond.”
WireGuard is a new, simplified VPN with modern cryptography defaults. WireGuard is included in Ubuntu 20.04 LTS and will be backported to Ubuntu 18.04 LTS to support widespread enterprise adoption. “Including WireGuard by default in all recent versions of Ubuntu means that users will finally have a great out-of-the-box secure tunnel on Ubuntu,” said Jason A. Donenfeld, creator of WireGuard.
Ubuntu continues to be the OS of most public cloud workloads. Canonical recently launched Ubuntu Pro on public clouds, which broadens Ubuntu security maintenance to cover every single package in Ubuntu for a full ten years. Ubuntu Pro also includes FIPS and Common Criteria EAL to meet FedRAMP, PCI, HIPAA and ISO compliance requirements. “We’ve partnered with the Canonical team to think of new ways to solve the security challenges and excited that Ubuntu 20.04 LTS is now available. In Google Cloud, Shielded VM hardening is enabled by-default on Ubuntu 16.04 LTS, 18.04 LTS, and now on 20.04 LTS – and at no additional cost,” said Nelly Porter, lead product manager at Google Cloud.
“We’re excited to partner with Canonical to bring the Ubuntu 20.04 LTS innovations across our toolchain — from developers on WSL to scaling enterprise production deployments in Azure,” said John Gossman, distinguished engineer at Microsoft Corp. “In this release, we’ve made it easier than ever to manage workstation environments and to enjoy the long-term stability and security of Ubuntu Pro for Azure across a wide range of compute options.”
The new Windows Subsystem for Linux v2 in Windows 10 enables deep and direct integration of Ubuntu in Windows desktops and servers, both for cross-platform development and for sophisticated blended Windows/Linux production capabilities.
Ubuntu has become the platform of choice for Linux workstations. Canonical certifies multiple Dell, HP, and Lenovo workstations, and supports enterprise developer desktops. Machine learning and AI tools from a range of vendors are available immediately for Ubuntu 20.04 LTS, along with 6,000 applications in the Snapcraft Linux App Store including Slack, Skype, Plex, Spotify, the entire JetBrains portfolio and Visual Studio Code.
Ubuntu is widely deployed as a Kubernetes host in public cloud and private infrastructure. It is also widely used for containerised operations in mainframe environments.
“Canonical and IBM continue to work closely together to offer cloud solutions with Ubuntu on IBM LinuxONE and IBM Z. Announcement of Ubuntu 20.04 LTS running on IBM LinuxONE and IBM Z continues to deliver on our support for containers and Kubernetes which is fuelling our client’s journey to a hybrid cloud to support their mission critical workloads,” According to Michael Desens, vice president, offering management, IBM Z and LinuxONE, IBM. “It also includes support for IBM Secure Execution for Linux, a trusted execution environment for IBM Z and LinuxONE. IBM Secure Execution for Linux provides both enterprise-grade confidentiality and protection support for sensitive data, and is designed to run large numbers of workloads in full isolation at scale, with protection for both insider and external threats across the hybrid cloud environment.”
“Performance and security are increasingly critical to processing the amount of data generated by one trillion connected devices, especially as more compute takes place at the edge,” comments Kevin Ryan, senior director of software ecosystem development, Infrastructure Line of Business, Arm. “The combination of Ubuntu 20.04 LTS with Arm Neoverse-based platforms provides developers with a strong foundation for building high-performing and secure applications ready for this next era of compute.”
Accelerated computing is an essential element of new data centres, with GPU platforms from NVIDIA, as well as SmartNICs and FPGAs powering innovation in data science and machine learning. Ubuntu 20.04 LTS simplifies AI deployments, both in the data centre and at the edge, with the NVIDIA CUDA software stack. “Enterprises are transforming their businesses with NVIDIA AI and data science solutions,” said Manuvir Das, head of enterprise computing at NVIDIA. “Developers and data science teams use the Ubuntu platform to support their most important work, and our collaboration with Canonical enables these industry innovators to get AI-powered insights from their data faster.”
Ubuntu is described by Canonical as the open infrastructure platform, and they say has made “significant inroads to the enterprise data centre in recent years,” in partnership with global hardware vendors and system integrators.
“Intel is excited to continue to work together with Canonical to enable our upcoming Intel platforms, as they become available, on Canonical Ubuntu 20.04 LTS release”, says Mark Skarpness Intel vice president and general manager system software engineering. “Together our goal is to deliver ground-breaking optimisations and performance acceleration across architectures from development to cloud environments.”
“As organisations build out their multi-cloud strategies, customers tell us they need simplified IT experiences to transform their business through more efficient and agile operations with reduced costs. This Ubuntu certification spans our latest Dell EMC PowerEdge servers in the data centre, with solutions for Openstack, Kubernetes and AI/ML frameworks like Kubeflow delivering consistent infrastructure, support and services in this digital transformation era” adds Ravi Pendekanti, SVP, product management and marketing, Dell EMC Server and Infrastructure Systems.
Raju Penumatcha, SVP and chief product officer at Supermicro concludes, “As a global provider of enterprise Computing, Storage, Networking Solutions, and Green Computing Technology, we have a long-standing partnership with the Canonical team to bring technology innovations to benefit our mutual customers. We are very excited with release of Ubuntu 20.04 LTS that brings even more value to our customers with improved hardware support, reboot-free kernel updates, faster boot times, along with numerous optimisations aimed at improving performance on the Kubeflow enabled machine learning solutions.”
Ubuntu 20.04 LTS is available for download here.
Comment on this article below or via Twitter@IoTGN