3.4 KiB
| title | description | keywords |
|---|---|---|
| Hardened Desktop | Overview of what Hardened Desktop is | security, hardened desktop, enhanced container isolation, registry access management, admin controls, root access, admins, docker desktop |
Note
Hardened Desktop is available to Docker Business customers only.
Hardened Desktop is a security model for Docker Desktop. It's designed to provide admins with a simple and powerful way to improve their organization's security posture for containerized development, without impacting the developer experience that Docker Desktop offers.
It is for security conscious organizations who don’t give their users root or admin access on their machines, and who would like Docker Desktop to be within their organization’s centralized control.
The Hardened Desktop security model moves the ownership boundary for containers to the organization, meaning that any security controls admins set cannot be altered by the user of Docker Desktop.
Hardened Desktop includes:
- Settings Management, which helps admins to confidently manage and control the usage of Docker Desktop within their organization.
- Enhanced Container Isolation, a setting that instantly enhances security by preventing containers from running as root in Docker Desktop’s Linux VM and ensures that any configurations set using Settings Management, cannot be modified by containers.
- Registry Access Management, which allows admins to control the registries developers can access.
Docker plans to continue adding more security enhancements to the Hardened Desktop security model.
Enhanced Container Isolation
Understand how Enhanced Container Isolation can prevent container attacks.
