Overview

The CIS Hardened Image Level 1 ARM on Ubuntu Linux Server 20.04 LTS is a pre-configured image built by the Center for Internet Security (CIS®) for use on Amazon Elastic Compute Cloud (Amazon EC2). It is a pre-configured, security-hardened image that aligns with the robust security recommendations, the CIS Benchmarks, making it easier for organizations to meet regulatory requirements.

Not only is this image pre-hardened to the CIS Benchmarks guidance, but it is also patched monthly in alignment with the updates from the software vendor.

Key Benefits

Enhanced Security: Mitigates risks like malware, denial of service, and authorization issues by following globally-recognized secure configuration guidance to support your cloud security posture management (CSPM) program.

Compliance Readiness: Helps your organization comply with PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, select NIST publications, and more.

Faster Deployment: Pre-configured according to CIS Benchmarks, allowing you to deploy secure virtual machine images.

Consistency Across Environments: Ensures consistent security configurations across development, testing, and production environments, reducing drift and compatibility risks.

Cost Efficiency: Lowers remediation efforts, reduces attack surface, and minimizes business loss from security incidents.

Easier Maintenance: Regular updates ensure that your systems are always in line with the latest security standards and software patches.

This image is hardened against the corresponding Level 1 profile which is intended to be practical and prudent, provide a clear security benefit, and not inhibit the utility of the technology beyond acceptable means. No packages are installed on or removed from this image outside of those already present on the base image or as recommended in alignment with the corresponding CIS Benchmark recommendations.

To demonstrate conformance to the CIS Ubuntu Linux Server 20.04 LTS Level 1 Benchmark, industry-recognized hardening guidance, each image includes an HTML report from CIS Configuration Assessment Tool (CIS-CAT® Pro). Each CIS Hardened Image contains the following files:

Base_CIS-CAT_Report.html - this provides a report of CIS-CAT Pro run against the instance before any change is made by CIS (e.g., software updates, CIS hardening).

basevm.txt - this provides a list of the packages resident on the instance prior to any change being made by CIS (e.g., software updates, CIS hardening).

CIS-CAT_Report.html - this provides a report of CIS-CAT Pro run against the instance after the corresponding CIS Benchmark was applied to the image.

Exceptions.txt - this provides a list of recommendations that are not applied because the configuration of those recommendations may inhibit the use of this image in this CSP, require environment-specific expertise, or hinder the integration of this image with CSP services or extensions.

afterhardening.txt - this provides a list of packages resident on the instance after the corresponding CIS Benchmark was applied to the image.

These reports are located in /home/CIS_Hardened_Reports.

For customized pricing options or private offers, reach out to us at cloudsecurity@cisecurity.org .

To learn more or access the corresponding CIS Benchmark, please visit https://www.cisecurity.org/cis-benchmarks or sign up for a free account on our community platform, CIS WorkBench, https://workbench.cisecurity.org/ .

Highlights

Hardened according to a Level 1 CIS Benchmark that is developed in a consensus-based process and that is accepted by government, business, industry, and academia.
Helps with compliance to PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, select NIST publications, and more.
Pre-configured to align with industry best practices that are developed and supported by CIS, this image has hardened account and local policies, firewall configuration, and computer-based and user-based administrative templates.

Details

Sold by

Center for Internet Security

Typical total price

This estimate is based on use of the seller's recommended configuration (t4g.medium) in the US East (N. Virginia) Region. View pricing details

$0.056/hour

Pricing

CIS Hardened Image Level 1 on Ubuntu Linux Server 20.04 LTS (ARM)

Info

View purchase options

Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covering your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

Region

Usage costs (83)

Info

Instance type	Product cost/hour	EC2 cost/hour	Total/hour
m6g.medium	$0.022	$0.038	$0.06
m6g.large	$0.022	$0.077	$0.099
m6g.xlarge	$0.022	$0.154	$0.176
m6g.2xlarge	$0.022	$0.308	$0.33
m6g.4xlarge	$0.022	$0.616	$0.638
m6g.8xlarge	$0.022	$1.232	$1.254
m6g.12xlarge	$0.022	$1.848	$1.87
m6g.16xlarge	$0.022	$2.464	$2.486
m6g.metal	$0.022	$2.464	$2.486
m6gd.medium	$0.022	$0.045	$0.067

Additional AWS infrastructure costs

Type	Cost
EBS General Purpose SSD (gp2) volumes	$0.10/per GB/month of provisioned storage

Vendor refund policy

Refunds through AWS are not available at this time. You will only be billed for actual time of instance use. As with all CIS security products, our aim is always 100 percent customer/member satisfaction.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Version

Delivery details

64-bit (Arm) Amazon Machine Image (AMI)

Amazon Machine Image (AMI)

An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

Version release notes

Additional details

Usage instructions

Once the instance is running, connect using SSH. Use "ubuntu" as the username. Immediately apply latest security updates after launching the instance.

Resources

Vendor resources

CIS Ubuntu 20.04 LTS Benchmark - L1 (ARM)

Support

Vendor support

Questions, feedback, and support accessing CIS-developed AMIs is provided by contacting

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Red Hat Enterprise Linux 9 Latest with support by AskforCloud LLC

By Askforcloud LLC

This product has charges associated with it for support. Red Hat Enterprise Linux 9 (RHEL 9), the latest release of the worlds leading enterprise Linux platform.

View product

CentOS 8.1 Enterprise CHI/Linux - SL1

By Siteage, LLC

CentOS 8.1 Minimal Enterprise Linux CHI - SL1 Cloud Hardened Images (CHI) with the standard of National Checklist Program (NCP) . CHI provides low level design (LLD) on setting the security configuration of operating systems.

View product

Minimal Ubuntu 20.04 LTS - Focal Supported by Bansir

By Bansir LLC

This is a repackaged software product wherein additional charges apply for Bansir's support 24 hours for 365 days of the years. Experience Minimal Ubuntu 20.04, a preconfigured solution for streamlined efficiency. Enjoy Bansir's expert technical support for a seamless experience.

View product

CIS Hardened Image Level 1 on Ubuntu Linux Server 22.04 LTS

By Center for Internet Security

This product has charges associated with the pre-built hardening to the CIS Benchmarks™ and recurring maintenance. The CIS Hardened Images® are hardened in accordance with the associated CIS Benchmarks, an industry best practice for secure configuration. Reduce cost, time, and risk by building your AWS solution with CIS AMIs.

View product

Customer reviews

Write a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

1 external reviews

External reviews are sourced from G2 and are not included in the star rating for this product.

Medical Devices

CIS Benchmark for Ubuntu server

Reviewed on Jan 25, 2024

Review provided by G2

What do you like best about the product?

Security settings that needs to be inplemented at file level, directory level, service files level in depth are something that helped me in my project for DevSecOps role.
Other security aspects related to grub, pam authentication, apparmor profile security enforcing are very mich useful from cis benchmark to implement in production grade systems.

What do you dislike about the product?

I dont have much dislikes. Everything is upto the mark.

What problems is the product solving and how is that benefiting you?

Ubuntu OS level security settings that will prevent security breaches.