The table below completes the cross-platform glossary (Apple ▶ Windows ▶ Linux).
Find these under Device Management → Policies → New Policy → Linux.
Policy | What it controls | Min. OS / notes |
Linux Application Block | Black-/allow-list desktop or CLI applications (by package name or path) | Any managed Linux distro |
Linux Bluetooth | Enable/disable the Bluetooth radio, set discoverability, pairing rules | Any Linux |
Escrow LUKS/dm-crypt recovery keys & push recovery unlock commands | Any Linux | |
Linux Firefox Extension | Force-install or block Firefox add-ons via | Any Linux |
Deploy / block Chrome & Chromium extensions | Any Linux | |
Local account password length, complexity, expiry (PAM) (CLI tools only—KDE password UI not supported) | Any Linux | |
Linux Screen Saver | Idle lock, timeout, DPMS blanking (GNOME, XFCE, MATE, Cinnamon) | Any Linux |
apt/dnf/zypper automatic security patching, deferrals, reboot window | Any Linux | |
Linux Tracking | Adjust distro telemetry, location services, advertising IDs | Any Linux |
Linux USB | Allow / block removable storage, set read-only, match VID/PID | Any Linux |
Linux Wi-Fi | WPA2/WPA3 Enterprise & PSK network profiles, auto-join priorities | Any Linux |
Quick tips
Encryption Recovery Policy integrates with Swif’s key vault—no more manual LUKS key escrow.
The Application Block payload is package-manager-agnostic (works with
apt,yum/dnf,pacman, etc.).If you need cross-OS parity (e.g., kill USB storage on every endpoint), create identical policies in the macOS and Windows tabs and assign them to the same device group.