Disclosure:
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers, and are based on the reviewers' independent and professional examination of the products/services.

• Ownership

vpnMentor is owned by Kape Technologies PLC, which owns the following products: CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

• Affiliate Commissions

While vpnMentor may receive commissions when a purchase is made using our links, this has no influence on the reviews content or on the reviewed products/services. We provide direct links to purchase products that are part of affiliate programs.

• Reviews Guidelines

The reviews published on vpnMentor are written by experts that examine the products according to our strict reviewing standards. Such standards ensure that each review is based on the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users, which may also affect the product's ranking on the website.

Twingate Review 2021 - Is it Safer for Businesses than a VPN?

Author Image Steven Feeney
Steven Feeney | Cybersecurity Researcher
Updated on 26th November 2021

Twingate is a relatively new VPN alternative that uses a zero-trust model, and keeps your business and personal traffic separate. It’s not a VPN, and I quickly learned that Twingate is an entirely different tool. It allows you to set up secured proxy access to your organization’s online resources, invisible to the rest of the internet.

The access is centrally managed, based on user-identity authentication via SSO and 2FA. This presents a more secure means of remotely accessing business infrastructure than your standard IP-based access. You can easily enable granular access for your employees throughout the world, and it offers similar levels of encryption and protection from hackers that you expect from a VPN.

However, it seems that by adopting this model you may be missing out on things that you may expect from a typical business VPN. From kill switches to the ability to bypass geoblocks, you may struggle to accomplish tasks you easily manage with a VPN. Currently there’s no port-access either to easily add temporary access when needed.

I had a good look at Twingate’s features to see if it’s a good substitute for a business VPN — it may not suit all companies.

Try Twingate Risk-Free Now!

Short on Time? Here Are My Key Findings

Twingate Features — Updated in November 2021

💸 Price $5/month
📆 Money Back Guarantee 14
📝 Does VPN keep logs? No
🖥 Number of servers 10
💻 Number of devices per license 5
🛡 Kill switch Yes
🗺 Based in country United States
🛠 Support Via Email
📥 Supports torrenting No

Speeds — Segregates Personal High-Speed Traffic

Twingate could be faster overall than traditional business VPNs, as it uses split-tunnelling to segregate your personal and business traffic. This means that only items specifically designated as a business resource will go through Twingate. So, anything that doesn’t need to be access controlled by your corporation is not routed. This refers to streaming, video calling, and even gaming — if it’s not part of your corporation, it won’t be routed. This means your speeds won’t be affected by Twingate.

Screenshot showing non-business traffic unaffected by speed drops when using Twingate

Thanks to split-tunnelling, you don’t need to disconnect to improve speeds

With a regular VPN, you’d first need to connect to a location next to the local network you need to access. If you’re in a different part of the world, it would take a long time for your information to be encrypted and transmitted. Twingate eliminates the need to connect to a faraway server, and disconnect for some activities. Just don’t expect the added benefit of accessing geo-blocked content like certain streaming sites, or torrenting, for example — this isn’t designed for that.

It’s impossible to gather a speed-test result from traditional sites like Ookla while actually accessing a business resource through Twingate, because Ookla itself won’t be designated as your business resource. Normally, encryption will lower speeds a little bit, but you’re unlikely to be significantly affected by this unless you’re downloading huge amounts of data.

Get Started With Twingate Today!

Server Network — Centrally Managed User Access

Twingate doesn’t have a traditional VPN network. Instead, it allows you to access your business resources through a proxy connection. This could be files, servers, or a gateway, for example.

Screenshot showing Twingate setup

The twingate setup is more complicated than a traditional VPN

It works with 4 main components. The Twingate app detects the requirement for business resource access and forwards the request to the controller, where the user’s permissions are verified. This is then forwarded to the connector which ensures the connection is genuine (resolving the DNS request), and enables TLS encrypted access to the business resource via the relay.

If the files you’re trying to access are a defined business resource, the controller will grant you access to it. However, if you’re trying to access a website that’s normally available, you’ll be able to access it without going through the relay.

Your IP address changes only when you access business resources on the connector, as Twingate establishes a proxy connection to it. This means you could be anywhere in the world, but still appear to be sitting in the office whenever you need secure access to business material.

If this sounds overly complicated and you’d rather explore more familiar VPN setups, have a look at these top business providers.

Security — Differs From a Business VPN

Twingate operates on a zero-trust network, and uses application-level filters for user-identity-based authentication — not network-level. This means that whenever you access a resource, you’ll only be given access to that file, not the entire network. In case of a security breach, only that specific resource would be compromised.

The system administrator gives granular permissions, so that only specific groups of people or individuals can access a certain resource. This is a very helpful management tool, as one app allows you to control the entire network. It’s significantly more straightforward than trying to achieve this with a traditional VPN.

Authentication is achieved using SSO methods like Okta and Google. Not only is this a well-protected account but it allows for second factor authentication. Twingate uses native 2FA functionality so you can make use of this extra layer of safety even if your SSO doesn’t natively have it.

Your business resources are invisible with no internet-facing gateway, with the obvious exception of those who have access to the network. Split tunneling always ensures defined business traffic passes through Twingate, regardless of where you are — on hotel WiFi, a cafe, or at home.

I contacted Twingate to confirm the type of encryption used. While data is being transferred, it is secured via SSL/TLS. When the data is at rest, it is protected by Google cloud services featuring AES-256 encryption, with symmetric keys. Data keys are encrypted using a regularly changed master key, stored in a secure keystore.

You might miss certain features associated with standard business VPNs, like a kill-switch to ensure that everything goes through an encrypted tunnel without exception. With Twingate, it’s down to the business to decide what does. There might be a business need to routinely change IP addresses to certain locations, too.

Try Twingate Free Now!

Privacy — Collects Data but Separates Personal Traffic

Twingate does collect some of your information. Mostly this is standard information needed to set up your account, or for diagnostic purposes. Some of it is voluntary but the ways that Twingate might use it is spelled out clearly in the privacy policy.

Screenshot showing Twingate privacy policy

You can find the privacy policy easily and it spells out what happens to your data

Considering Twingate’s many integrations, it’s important to mention that it will also receive information from the 3rd party apps you may be using with it. However, it can’t read data that’s not routed through it. This means that it won’t log any of your usual personal traffic, such as video calls and instant messages.

However, it is based in the US which is a member of the 5 Eyes Alliance. Although Twingate says it will fight any demands for your data, this does mean that your data could potentially be claimed by any member countries. If this is a concern, take a look at these standard VPNs with solid privacy policies.

Does Twingate Work in China? Yes

Twingate support confirmed that it will work in China. This is good news if you have employees located there that need to access essential business resources. It will be as if they’re in the office as usual.

Get Started With Twingate Today!

Simultaneous Device Connections — Unlimited Depending on Plan

The basic plan allows up to 5 simultaneous device connections. This is per user, and allows up to 50 users. The business plan lets you increase the number of users to 150 though the device limit stays at 5.

However, if you need more than this you can choose the bespoke enterprise account which allows unlimited device connections (as well as unlimited users).

Device Compatibility — Works with all Major Platforms

Twingate works with all the most popular platforms, including Windows, Mac, Android, iOS, Linux, and Chrome OS.

Ease of Use

8.4

Set-Up & Installation — IT Specialist Knowledge Recommended

Initial set-up requires a few extra steps from the account admin, firstly by choosing a sign-in method: Google, GitHub, Microsoft, or LinkedIn.

Screenshot showing Twingate sign-up methods

Chances are your business will be using one of these sign-in methods already

Next the domain name needs to be established. This will be the name new users log in with when they’re first getting connected to the network.

Screenshot showing Twingate domain creation


You can choose any domain name, so long as it’s not already taken

Once you sign up you are immediately redirected to a streamlined dashboard, where you are given the option to try the product, it even offers a calendar to set up a time. I had an automated message from customer support outlining what to do next.

I added my network (Google Cloud), and then set up the connector. The network administrator setting this up should have relatively high-level IT knowledge — the connector is deployed using command lines with Azure, Helm, or Docker. However, there are installation guides and support on hand if you need it.

Screenshot showing addition of Google Cloud network

Some steps may require experienced IT personnel to complete the setup process

Then it’s just a case of adding your resources, and adding any new users via their email address. There is currently no port-level access, but this is all part of the approach of a super-secure zero-trust network. Whenever you access a business resource now, so long as it’s been defined it will be just as easy to access as if you were physically in the office (if you have one).

Get Twingate Now!

Compare Twingate With The Top Alternative VPNs

9.9
9.5
9.3
9.3

Pricing

6.7
Yearly Teams
$5 /month
Yearly Business
$10 /month
Monthly Business
$12 /month

Twingate’s pricing is perhaps more suited to those with larger businesses. It has two standard plans to choose from as well as a bespoke enterprise plan. The most affordable “Teams” plan is $5/month monthly, and allows up to 50 users to connect 5 simultaneous devices, with 5 remote networks.

A more expensive “Business” plan upgrades the amount of users to 150, allows 10 remote networks, and adds resource-level access control — though the number of devices per user stays the same.

The Enterprise account allows you to fully customize a plan that works for your company’s specific requirements. This can give you access to extra features such as unlimited devices and users, network analytics, secure service accounts, and priority support.

Both the Teams and Business plans allow you to try out Twingate with your business for free, using the 14-day free trial.

Credit cards are typically the only payment method available, though Enterprise account subscribers can request other methods.

If you have a sizable business, you’ll probably find these prices to represent good value for money. Whereas, if you’re a small business with only a few team members, a traditional premium VPN like ExpressVPN might be worth considering.

Try Twingate Free Now!

Reliability & Support

8.4

Twingate has support, but it may not be available when you need it. It uses a ticketing system, messaging, and email as its main means of support. The messaging wasn’t always available “live” when I tried it, however, so if your business hours don’t align with support hours you might find this a potential problem. It has guides and FAQs to help with more frequent problems, and I found these to be sufficiently detailed.

Screenshot showing Twingate chat support

There is a chat service but it’s not “live” all the time

Priority support is available to Enterprise plan subscribers only. These users have access to Twingate phone support.

The Bottom Line

Final Verdict

Twingate provides your business with the tools to access online resources securely. If you’re looking for a standard business VPN, Twingate is probably not for you. A lot of the things that you expect to see with a secure VPN, such as a kill switch, aren’t present. This is because it’s not a VPN. It’s a zero-trust-based alternative that focuses on user-identity for authentication, and keeps personal traffic separate.

Its bespoke Enterprise plan can be customized to meet your company’s needs. Plans work out to be better value for larger companies, because the additional cost may be harder to justify for just a few team-members.

While its security features are missing a few things we expect from a VPN, it does use AES-256 encryption, and SSL/TLS to protect your data. A zero-trust network means that each connection is treated as suspect, and scrutinized accordingly with SSO and 2FA measures.

Twingate is based in the US, a Five Eyes Alliance territory. It does log information, although this is mostly for analytical or functional purposes. Your personal data (or even business traffic you don’t want to go through Twingate) is untouched with split-tunnelling. Provided you entrust your company resources to a 3rd party, I think Twingate represents a good alternative to a VPN for secure, granular access. Best of all, you can test Twingate with your business completely free.

Try Twingate Now!

  • Zero-trust network
  • SSO and 2FA protection
  • Bespoke pricing plans
  • Segregates personal traffic from business traffic
  • Granular access control
  • Split tunnelling
  • AES-256 encryption and SSL/TLS
  • Comprehensive support
  • 14-day free trial
  • Get started with Twingate now

FAQs on Twingate

Is Twingate safe?

Twingate has a lot of features protecting your business infrastructure. By rendering your resources invisible to the internet, you are protected from any malicious entities that may pry into your business’ data. With SSL and TLS protecting your data in transit, and AES-256 encryptions protecting it while static, it is secure at all times.

Twingate is based in the US, a Five Eyes Alliance member. This means that the data it collects could potentially be demanded by any Eyes Alliance country. However, so long as you trust Twingate with your business resources, this shouldn’t be a concern. Your personal web traffic is also unaffected.

Will Twingate slow my speeds down?

Twingate shouldn’t significantly slow your speeds. The network set up on your private domain allows you to work as if you’re on your work premises even when you aren’t. If you need to do anything that could potentially cause latency, split tunneling is available to ensure everything is operating at maximum efficiency. If you make a video call, for example, Twingate won’t do anything that could cause lag.

What is zero-trust network access?

A zero trust network treats every connection as suspicious, and so requires stricter identity-driven authentication. Only users given access by admins and using their SSO (and potentially 2FA) can enter the network. After that, any data transferred or at rest within the network is secured using cryptographic protocols or military-grade encryptions.

How can I connect to Twingate?

After initial set-up, Twingate still requires a few steps before a user can connect. You’ll need to be given admin access and the domain name. Your SSO will be your means of signing in, as well as Twingate’s native 2FA (if your administrator has activated it).

There is an email ticketing system, online chat, and a series of guides and FAQs if you need further help getting connected. The chat isn’t always “live”, and only Enterprise account subscribers receive priority support.

Get Started With Twingate Today!

Money Back Guarantee (Days) : 14
Mobile app :
Number of devices per license : 5

Twingate User Reviews

!
How would you rate Twingate?
Was this review helpful? 0 0
Sorry about that!
(Minimum 10 characters.)