Windows - Software - Install Twingate (64-Bit)

What the Twingate Installer does

This Automox Worklet™ installs Twingate on Windows endpoints. Twingate provides zero-trust network access (ZTNA) that replaces traditional VPN solutions with a more secure, user-friendly approach to accessing internal resources from anywhere.

The Worklet validates that the required dependency (.NET Desktop Runtime 8.0.0 or later) is installed before proceeding. If the dependency is missing, the Worklet exits with an error to prevent failed installations. Optionally, you can enable automatic dependency installation.

During remediation, the Worklet downloads the latest Twingate MSI from the Automox cache and installs with your configured options including network name (to skip manual entry), optional update settings, and NCSI global DNS configuration. User interaction may be required for initial authentication after installation.

Problems with manual Twingate deployment

Manual deployment of ZTNA clients consumes significant IT resources across distributed endpoints. Remote workers wait days for secure access while tickets queue for hands-on installation. Users who attempt self-installation enter incorrect network names, create failed authentication attempts, and generate support escalations.

Inconsistent client versions create compatibility issues with your Twingate infrastructure. Endpoints without preconfigured network settings require manual user input, leading to typos, connection failures, and increased onboarding friction that delays productivity for new remote workers.

How Twingate installation works

1. Evaluation phase: The Worklet searches Windows registry uninstall keys for "Twingate" in both 64-bit and 32-bit registry paths. If found, the endpoint is compliant. If not found, the Worklet checks for .NET Desktop Runtime 8.0.0+ (x64). If the dependency is missing, it exits with an error. If present, it proceeds to remediation.

2. Remediation phase: The Worklet verifies the dependency again, creates a cache directory, downloads Twingate_x64.msi from the Automox API cache, applies configured install arguments (network, no_optional_updates, ncsi_global_dns), executes the MSI installer, validates installation, and cleans up.

Twingate installation requirements

• Windows 8 or later (64-bit)

• PowerShell 5 or later

• .NET Desktop Runtime 8.0.0 or later (x64) - must be installed before running this Worklet

• Network connectivity to download from api.automox.com

• Active Twingate subscription

• Optional: Configure network parameter with your Twingate network name

Outcomes after deploying Twingate

Your endpoints run Twingate with preconfigured network settings, eliminating manual user setup. Remote workers authenticate through their identity provider and immediately access protected resources without IT intervention. The client appears in the system tray with your network name already configured, reducing support tickets for connection issues.

Installation logs persist at ProgramData\amagent\WorkletCache\WSE-572\Twingate_install.log for troubleshooting failed deployments. Subsequent Worklet evaluations detect the existing installation and skip remediation, preventing duplicate installs. Your zero-trust network access deployment completes consistently across all Windows endpoints with standardized configuration.

How to validate install twingate (64-bit) changes

1. Run this Worklet on a pilot Windows endpoint and review evaluation output for install twingate (64-bit).

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as Test-ApplicationInstall, Test-DotNetDesktopRuntime, Get-VersionsFromRegistryView.

4. Validate remediation effects from script operations such as Test-DotNetDesktopRuntime, Test-ApplicationInstall, Add-WorkletCache, then rerun evaluation for compliance.

Expected state after install twingate (64-bit) changes

After remediation, endpoints reflect the target install twingate (64-bit) configuration and report compliant status in Automox.

You can confirm results by correlating activity logs with evaluation checks (Test-ApplicationInstall, Test-DotNetDesktopRuntime, Get-VersionsFromRegistryView) and remediation actions (Test-DotNetDesktopRuntime, Test-ApplicationInstall, Add-WorkletCache).