Reference Guide
Table Of Contents
Security quick reference
Topics:
• Supported platforms
•
Security profiles
• USB device security
• GRUB password security
• BIOS password security
• Application deployment security
Supported platforms
Dell Hybrid Client version 1.5 is supported on the following platforms:
● Wyse 5070 Thin Client—The Dell Hybrid Client software is preloaded and installed on the device.
● OptiPlex 7070 Ultra—The Dell Hybrid Client software is preloaded with Dell Client Agent-Enabler (DCAE) installed.
● OptiPlex 3090 Ultra—The Dell Hybrid Client software is preloaded with Dell Client Agent-Enabler (DCAE) installed.
● OptiPlex 7090 Ultra—The Dell Hybrid Client software is preloaded with Dell Client Agent-Enabler (DCAE) installed.
● Latitude 3320—The Dell Hybrid Client software is preloaded with Dell Client Agent-Enabler (DCAE) installed.
Security profiles
Dell Hybrid Client enables you to set different levels of Security Profiles to provide an enhanced device security for deploying
third-party applications. This feature is available from Dell Hybrid Client version 1.5 onwards.
As part of security profiles, Dell Hybrid Client supports application sandboxing using Firejail and AppArmor.
Firejail profile restricts the running environment of untrusted applications and thereby enhances the device security. It is based
on the Linux kernel sandboxing technology. For more information about the Linux Firejail sandbox, see the Firejail Security
Sandbox article at firejail.wordpress.com.
AppArmor profile confines a program to only access the specified set of resources. This is based on the setting that specifies
what files a given program can access. Enabling this feature adds an additional layer of protection to your applications. For more
information about the Ubuntu AppArmor documentation at help.ubuntu.com.
You can use Wyse Management Suite to configure the security profile settings. For more information about how to configure
the security profiles, see the Dell Hybrid Client Version 1.x Administrator's Guide at www.dell.com/support.
The following table describes different levels of security profiles that can be enabled on Dell Hybrid Client.
Table 1. Security profiles
Security feature Low Security
Profile
Medium Security Profile—This profile
is enabled by default.
High Security Profile
AppArmor profile for the
Dell Hybrid Client-bundled
applications.
Disabled Enabled Enabled
Default Firejail profile for
third-party unsigned Debian
applications.
Disabled Enabled by default. If the desktop
file of the application is not available
in the /usr/share/applications
location, the default firejail is disabled. In
this case, if the metadata* is provided,
the default firejail can be enabled.
Enabled only if the metadata
is provided and high granular
settings are not available in
the metadata.
2
6 Security quick reference