Making Sense of Split Tunneling: Part 1

Posted: January 3, 2013 in Mobile, Rethink Remote Access, VPN
Tags: , ,

By Patrick Oliver Graf, General Manager of Americas, NCP engineering

Split tunneling is not a new concept in the realm of remote access networking. The technology emerged in the 1990s to allow VPN users to access a public network and a LAN or WAN simultaneously. But despite this longevity, its merits and security continue to be disputed. So what is the reality, should split tunneling be allowed? Or should IT administrators steer clear?

First, let’s take a closer look into how split tunneling works. In VPNs, there are basically two types of virtual tunnels that enable secure data transmission: full tunnels and split tunnels. In full tunnel mode, a remote corporate user establishes an Internet connection from a client PC, which then runs through the VPN. This naturally includes the user’s private data traffic. As a result, every time the user scans the web, be it for shopping on eBay, checking personal email, or accessing the company CRM, it is done through the company VPN gateway.

In certain cases, a full tunnel configuration is necessary. For example, companies that frequently and closely cooperate with their partners to allow employee access to IT systems within their own networks should take a full tunnel approach. This, for example, enables employees and partners to access order lists or product data. In this scenario, however, a remote user only receives access to the partner’s server through the corporate VPN gateway and cannot access them through other connections.

The other virtual tunnel configuration, split tunnels, only transmits data through the VPN tunnel from a website or from another IT service within the corporate network. For all other connections, such as Facebook or web mail, the client PC directly accesses the providers’ servers. Downloads from external websites are not directed through the corporate network and the VPN.

Now that you have an overview of split and full tunnel configurations, it’s time to take a closer look at their application. Tune in next time to learn the advantages of split tunneling and when full tunneling might be a better alternative.

Comments
  1. […] Making Sense of Split Tunneling: Part 1 […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s