Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

An error occurred while submitting your form. Please try again or file a bug report. Close

  1. Blog
  2. Article

Hugo Huang
on 16 November 2021


If this is your desire, it is Ubuntu Pro’s commitment: “Ubuntu Pro will secure your Open-Source Freedom for 10 years”. Security and Freedom shouldn’t be a debate, a trade-off, even a dilemma. Security shouldn’t be your concern when you embrace Open-Source.

A 10-year commitment

Canonical backs Ubuntu Pro for 10 years, ensuring security updates are available throughout, with a guaranteed upgrade path. For example, Ubuntu 16.04 Pro will continue to get security updates until 2026. 

Ubuntu Pro automatically entitles Extended Security Maintenance (ESM). Let’s SSH into your Ubuntu Pro virtual machine. If you haven’t yet upgrade your Ubuntu LTS to Ubuntu Pro, please follow this tutorial. In less than One Minute, you will be able to get your Ubuntu Pro machine without losing any of your mission critical workloads. Once you SSH into your Ubuntu Pro, input:

You will see:

SERVICEENTITLEDSTATUSDESCRIPTION
cisyesenabledCenter for Internet Security Audit Tools
esm-appsyesenabledUA Apps: Extended Security Maintenance (ESM)
esm-infrayesenabledUA Infra: Extended Security Maintenance (ESM)

Wait a second, why are there two “ESM”?

Open Source Security

ESM-infra guarantees 10-year Extended Security Maintenance (ESM) for packages in the Main repository, which includes Canonical-supported free and open-source software. On the other hand, ESM-apps further extend “Extended Security Maintenance” to the Universe repository, which covers community-maintained free and open-source software. Suppose you want to install Node.js; let’s check if the machine pulls the package from the repo:

apt-cache policy nodejs
nodejs:
Installed: (none)
Candidate: 4.2.6~dfsg-1ubuntu4.2+esm1
Version table:
    4.2.6~dfsg-1ubuntu4.2+esm1 500
      500 https://esm.ubuntu.com/apps/ubuntu xenial-apps-security/main amd64 Packages
    4.2.6~dfsg-1ubuntu4.2 500
      500 http://us-central1.gce.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages
      500 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 Packages
    4.2.6~dfsg-1ubuntu4 500
      500 http://us-central1.gce.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages

Ubuntu Pro adds security coverage for the most important open source applications like Apache Kafka, NGINX, MongoDB, Redis and PostgreSQL.

Related posts


Carlos Bravo
28 August 2025

Ubuntu Pro Minimal 22.04 LTS with CIS hardening is now generally available on AWS

Canonical announcements Article

August 28, 2025 – We are excited to announce the general availability of Ubuntu Pro Minimal 22.04 LTS with CIS hardening, a new variant of Ubuntu designed for organizations that require tight security controls, minimal attack surface, and out-of-the-box compliance. This new offering combines the efficiency of Minimal Ubuntu with the enter ...


Nicholas Morris
26 August 2025

Generating allow-lists with DNS monitoring on LXD

DevOps Article

Allow-listing web traffic – blocking all web traffic that has not been pre-approved – is a common practice in highly sensitive environments. It is also a challenge for developers and system administrators working in those environments. In this blog, we’ll cover an easy way to mitigate this challenge by using LXD to generate allow-lists.  ...


Jehudi
22 August 2025

A complete security view for every Ubuntu LTS VM on Azure

Compliance Article

Azure’s Update Manager now shows missing Ubuntu Pro updates for all Ubuntu Long-Term Support (LTS) releases: 18.04, 20.04, 22.04 and 24.04. The feature was first introduced for only 18.04 during its move to Expanded Security Maintenance. With this addition, Azure highlights where Ubuntu LTS instances would benefit from Expanded Security M ...