Device Posture Checks

Native posture checks the Twingate Client collects to evaluate whether a device meets your Approved Operating Systems or Trusted Profiles.

Device Profiles use native device posture checks, collected by the Twingate Client, to evaluate whether a device meets the requirements defined in Approved Operating Systems or Trusted Profiles. The checks available vary by platform.

Windows

Posture checkWhat it reports
HD encryptionWhether the system disk and other disks are encrypted by BitLocker
Screen lockWhether a password is required when returning from the screen saver
FirewallWhether the firewall (Windows or third party) is enabled, as confirmed by the Windows Security Center
AntivirusWhether antivirus (Windows or third party) is installed, as confirmed by the Windows Security Center
Minimum OS versionWhether the OS version meets the configured requirement. Available for Windows 10, 11, and Windows Server 2022

macOS

Posture checkWhat it reports
Screen lockWhether a password is required after sleep or screen saver begins
Biometric configurationWhether Touch ID or Face ID is configured. If the device lid is closed (clamshell mode), the device always reports biometric configuration as disabled regardless of the actual setting
FirewallWhether the native firewall is enabled. Only available with the macOS standalone Client. If “Block all incoming connections” is enabled, the device reports the firewall as disabled
HD encryptionWhether FileVault is on. Only available with the macOS standalone Client
Minimum OS versionWhether the OS version meets the configured requirement. Available for macOS 14 through 26

Linux

Posture checkWhat it reports
FirewallWhether UFW, firewalld, or iptables is enabled. Supported on Debian/Ubuntu, CentOS/Fedora, and Arch Linux
HD encryptionWhether all partitions except /boot are encrypted using LUKS encryption via the libcryptsetup library

iOS

Posture checkWhat it reports
Screen lockWhether a passcode is required on the device
Biometric configurationWhether Touch ID or Face ID is configured
Minimum OS versionWhether the OS version meets the configured requirement. Available for iOS 18 through 26

Android

Posture checkWhat it reports
Screen lockWhether a screen lock is configured, regardless of type
Biometric configurationWhether a biometric login is configured (fingerprint or facial recognition)
HD encryptionWhether the device is encrypted using File-Based Encryption

Last updated 1 month ago