Protect your internal infrastructure from traffic overload because of VPN usage
Concept overview
Some programs need VPN protection, while others can directly access the internet. In the market, split tunneling is understood as an advanced VPN feature that lets you choose which IP addresses and networks should have a VPN tunnel and which IP addresses could benefit from faster speeds and access to local services. This solution reduces traffic overload on HQ servers, company data centers and helps save hardware costs.
COMPARISON
The main differences between split tunneling and full tunneling your traffic are speed and security. With a full tunnel, all traffic goes through your secure VPN connection, making it the more secure option; however, this can also lead to slower speeds due to the amount of traffic that needs to be encrypted and because when all traffic is sent via HQ, it overloads the HQ infrastructure.
With split tunneling, only part of your traffic is sent through a VPN, which means that things like video streaming and video calls will have better performance and there will be less strain on the HQ infrastructure.
NordLayer is currently working on a split tunneling solution and will offer complete functionality soon. For now, NordLayer only partially helps to resolve split tunneling use cases.
Our Solution
Virtual Private Gateways at NordLayer can cover some split tunneling functions. However, it has to be configured separately through a site-to-site request form. In this case, we can split the traffic intended for HQ/Branch, and the rest will reach the internet through the VPN-encrypted tunnel. This level of security comes with a minimal effect on the performance, as NordLayer VPN servers have up to 1gbps output.
NordLayer's VPN split tunneling reduces traffic overload on HQ servers and company data centers and helps save costs for hardware. All while keeping your data encrypted and secure.
Additional info
There may be some security risks when using VPN split tunneling. However, if you’ve set it up correctly, those risks can be minimized. In most cases, protecting all internet traffic is unnecessary, and only retaining privacy on the traffic you care about can improve the online experience without compromising security.
Currently, while using NordLayer, all your traffic is routed through an encrypted VPN tunnel by default.