VPN Split Tunneling nowadays is an option or feature that is placed in all modern services. It has grown in use midst the COVID-19 pandemic as many remote workers use them in order to access security features. However a number of risks have been associated with this technology citing the possibility of security vulnerabilities.
VPN Split Tunneling May Be Dangerous After All
As more and more company employees embrace remote working a major part of them are actually actually using some kind of a VPN tunnel connection to access their company internals network resources. Many enterprise tools also bundle it as part of the application bundle. Remote desktop nowadays is performed over such a connection as standard.
VPN Split tunneling is part of the specifications of many software and hardware devices that are designed to provide the secure connection. By definition it splits a workstation’s traffic into two zones — the first one is reserved for internal resources that can be accessed only by using an encrypted connection, while the second one will be able to access the wider Internet directly.
The basic VPN connection will route all inbound and outbound traffic directly to the encrypted connection overseen by the VPN software and according to its configuration. While the basic setup works in most situations there are some exceptions that can happen. Both internal and external resources cannot be accessed at the same time, the speed of transmission will be limited by the VPN’s allocated bandwidth and local machines on the internal company network who are not assigned with the same VPN tunnel protocols will not be accessible. This leads to two very important issues — some VPN services prescribe a certain quota when it comes to bandwidth and when it is reached the overall speed may be limited and the users may be forced into paying extra. The second one is that proper configuration must be made so that all local network devices are routed through the VPN.
VPN Splitting works by creating these two zones that will divide the traffic into a direct Internet connection and another one which transfers it via the VPN tunnel. While this resolves much of the issues that are experienced it also adds several security and privacy risks:
- Internet Service Provider Direct Traffic Stays Visible — Any direct traffic that is not sent via the VPN tunnel can be seen by the Internet Service Provider (ISP). All unencrypted traffic can also fall victim to dangerous man-in-the-middle attacks.
- Higher Risk of Network Breach — Infected computers with various computer viruses that have the VPN service enabled and running can allow remote attackers to access internal company resources.
We can recommend that you talk with your system administrator and VPN service provider in order to mitigate the risks as soon as possible. To a large extent most vulnerable situations can be avoided with the proper usage and configuration.
Martin Beltov
Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.
Follow Me: