Netman runs on Ubuntu 24.04 LTS and inherits its security certifications, hardening tools, and long-term support commitment. Every component in the stack is open source, independently auditable, and battle-tested in production at scale.
As a Ubuntu-based appliance, Netman has access to the same security certifications and hardening frameworks that Ubuntu 24.04 LTS supports. These certifications are maintained by Canonical and available through Ubuntu Pro.
Federal Information Processing Standards (FIPS) 140-3, published by NIST, defines requirements for cryptographic modules used in government and regulated environments. FIPS 140-3 cryptographic modules for Ubuntu 24.04 LTS are currently undergoing assessment by a CST laboratory and CMVP validation.
Ubuntu FIPS documentation →The Center for Internet Security publishes configuration benchmarks for hardening operating systems. Ubuntu 24.04 LTS includes CIS benchmark profiles that can be applied automatically using the Ubuntu Security Guide (USG), a tool developed by Canonical to automate system hardening.
Ubuntu CIS documentation →The Defense Information Systems Agency (DISA) publishes Security Technical Implementation Guides (STIGs) for the U.S. Department of Defense. DISA has evaluated Ubuntu 24.04 LTS and published the first version of its STIG. A corresponding Ubuntu Security Guide hardening profile is in development.
Ubuntu DISA-STIG documentation →Ubuntu's security certifications are maintained by Canonical and require an Ubuntu Pro subscription. Certification status is subject to change as assessments progress. For the latest status, refer to Canonical's official certification documentation for Ubuntu 24.04 LTS.
Ubuntu 24.04 LTS provides tooling and certified components that support compliance with these additional frameworks.
Security and privacy controls for federal information systems
Payment Card Industry Data Security Standard
Health Insurance Portability and Accountability Act
UK government-backed certification scheme for cyber security
For details on Ubuntu's role in meeting these requirements, see Canonical's certifications overview.
Every component in the Netman platform is open source. Open-source software is independently auditable, benefits from broad community review, and has transparent vulnerability disclosure processes.
HAProxy is used by some of the highest-traffic websites in the world, including GitHub, Reddit, and Stack Overflow. It maintains a public CVE database and a documented security vulnerability response process. HAProxy is distributed under the GPL v2 licence and its source code is publicly available.
HAProxy security advisories →nftables is the Linux kernel's native packet classification framework, replacing iptables. As part of the mainline Linux kernel, it undergoes continuous review by kernel developers worldwide and benefits from the Linux kernel's established security vulnerability process managed by the kernel.org security team.
nftables project page →keepalived provides VRRP-based failover for Linux, ensuring automatic promotion of standby nodes when a primary fails. It is widely deployed in production load-balancing environments and maintained as an open-source project with public issue tracking and source code.
keepalived project page →gdnsd is an authoritative DNS server with geographic and health-check-aware routing. It powers Netman's GSLB functionality, routing users to the nearest healthy data centre. The project is open source under the GPL v3 licence with public source code and issue tracking.
gdnsd project page →Let's Encrypt is a free, automated certificate authority operated by the non-profit Internet Security Research Group (ISRG). It has issued billions of certificates and undergoes annual third-party audits. Netman integrates with Let's Encrypt to automate TLS certificate issuance and renewal.
Let's Encrypt about page →Ubuntu 24.04 LTS receives five years of standard security maintenance from Canonical, extendable to twelve years with Ubuntu Pro. Canonical's security team actively patches vulnerabilities in the base system and over 36,000 packages in the Ubuntu archive.
Ubuntu security overview →In addition to its open-source foundations, Netman includes security features at the application level.
Netman appliances receive operating system security patches automatically via Ubuntu's unattended-upgrades, keeping the base system current without manual intervention.
In clustered deployments, configuration is synchronised between nodes using csync2 over TLS-encrypted connections, ensuring configuration data is protected in transit.
The Netman web interface supports multiple user roles — superadmin, admin, and observer — so teams can enforce least-privilege access to configuration and monitoring.
The management interface is served over HTTPS. SSL/TLS termination for load-balanced services supports modern cipher suites and automated certificate management via Let's Encrypt.
Try Netman free for 3 months. No credit card required.