Device Profiles use native device posture checks, collected by the Twingate Client, to evaluate whether a device meets the requirements defined in Approved Operating Systems or Trusted Profiles. The checks available vary by platform.
Windows
| Posture check | What it reports |
|---|
| HD encryption | Whether the system disk and other disks are encrypted by BitLocker |
| Screen lock | Whether a password is required when returning from the screen saver |
| Firewall | Whether the firewall (Windows or third party) is enabled, as confirmed by the Windows Security Center |
| Antivirus | Whether antivirus (Windows or third party) is installed, as confirmed by the Windows Security Center |
| Minimum OS version | Whether the OS version meets the configured requirement. Available for Windows 10, 11, and Windows Server 2022 |
macOS
| Posture check | What it reports |
|---|
| Screen lock | Whether a password is required after sleep or screen saver begins |
| Biometric configuration | Whether Touch ID or Face ID is configured. If the device lid is closed (clamshell mode), the device always reports biometric configuration as disabled regardless of the actual setting |
| Firewall | Whether the native firewall is enabled. Only available with the macOS standalone Client. If “Block all incoming connections” is enabled, the device reports the firewall as disabled |
| HD encryption | Whether FileVault is on. Only available with the macOS standalone Client |
| Minimum OS version | Whether the OS version meets the configured requirement. Available for macOS 14 through 26 |
Linux
| Posture check | What it reports |
|---|
| Firewall | Whether UFW, firewalld, or iptables is enabled. Supported on Debian/Ubuntu, CentOS/Fedora, and Arch Linux |
| HD encryption | Whether all partitions except /boot are encrypted using LUKS encryption via the libcryptsetup library |
iOS
| Posture check | What it reports |
|---|
| Screen lock | Whether a passcode is required on the device |
| Biometric configuration | Whether Touch ID or Face ID is configured |
| Minimum OS version | Whether the OS version meets the configured requirement. Available for iOS 18 through 26 |
Android
| Posture check | What it reports |
|---|
| Screen lock | Whether a screen lock is configured, regardless of type |
| Biometric configuration | Whether a biometric login is configured (fingerprint or facial recognition) |
| HD encryption | Whether the device is encrypted using File-Based Encryption |