Перейти до основного
Microsoft
separator
https://catalogartifact.azureedge.net/publicartifacts/dcassociatesgroupinc.ubuntu-2204-lts-3369e09f-853c-4f90-ab13-b4d062bf173f/image0_dcalogo216x216.png

Pre-hardened Ubuntu Server 22.04 LTS

Видавець: Derek Coleman & Associates Corporation

Pre-hardened Ubuntu 22.04 LTS VM optimized for secure Azure production workloads.

Pre-hardened Ubuntu Server 22.04 LTS on Azure

A production-ready, general-purpose Ubuntu Server 22.04 LTS (“Jammy Jellyfish”) image, built and hardened for the Azure Marketplace. This is the balanced, do-everything 22.04 LTS — secure, fast, and Azure-optimized with sensible defaults rather than a workload-specific tuning profile. It is the OS most teams actually want as their standard Linux base: stable kernel, five-year support window, and a clean hardened starting point that behaves predictably under web, app, database, and container workloads alike. Certified to Microsoft Marketplace standards.

Who this is for: Platform engineers, ISVs, and operators who want one consistent, well-hardened 22.04 LTS image as the default base for the majority of their Linux fleet, without committing to a compute-tuned or specialty edition.

Target industries & use cases: SaaS and ISV hosting, financial services, healthcare, government, retail, and telecom — web servers, application backends, container nodes, database hosts, CI runners, and dev/staging environments that need a reproducible, audited general-purpose Linux base.

Value proposition: Provisioning a secure, general-purpose 22.04 host on Azure means installing the Azure Linux Agent, configuring Trusted Launch, applying current kernel CVEs, hardening SSH and auditd, and validating against Microsoft Marketplace certification. This image does all of that for you:

  • Monthly patch cadence — each version is rebuilt from upstream Ubuntu security updates within days of release
  • 33 documented hardening traps applied — every published version is gated through an automated trap-audit covering Trusted Launch, sysprep race conditions, Defender pre-installation, hardening-script residue, and 29 more
  • Trusted Launch + Secure Boot enabled by default — Gen2 image with vTPM and signed-boot configured per Microsoft’s OEM requirements
  • Azure Linux Agent pre-installed and pre-configuredwalinuxagent.service is running; custom-script and run-command work on first boot
  • Audit trail per release — build provenance and certification evidence retained for every published version

How this differs from rolling your own: The public Ubuntu 22.04 cloud image is fine for a single dev VM but lacks the Azure-specific hardening (serial console locked down, root SSH disabled, password auth disabled, audit logging configured) that production needs. This edition keeps the default tuning deliberately balanced — if you need the compute-tuned profile, see our 22.04 High-Performance edition; this one is the general-purpose standard. Aligned with our 20.04, 24.04, and compute-tuned 22.04 images for one fleet playbook.

Recommended deployment: Standard_D2as_v5 or larger for general-purpose web and app workloads; Standard_E2as_v5 or larger for memory-heavy databases. Premium SSD or Premium SSD v2 for data disks. Front public web workloads with Azure Application Gateway with TLS termination. SSH key authentication required (password auth disabled).

Azure integration: Azure Linux Agent, Trusted Launch + Secure Boot, Azure Monitor Agent, Azure Backup, Azure Disk Encryption, Azure Defender for Servers, VM Scale Sets, and Azure VM Run Command all attach via standard extensions with no compatibility shims.

Support: support@dcassociatesgroup.com · www.dcassociatesgroup.com/support — 24-hour initial response SLA.

Documentation: www.dcassociatesgroup.com/docs/ubuntu-2204-lts-on-azure — deployment guide, hardening reference, monthly changelog.