What is VPN Split Tunneling? Explained

Protect your internal infrastructure from traffic overload because of VPN usage

Colleagues discussing VPN split Tunneling solution

Concept overview

Why VPN Split Tunneling is needed?

Some programs need VPN protection, while others can directly access the internet. In the market, split tunneling is understood as an advanced VPN feature that lets you choose which IP addresses and networks should have a VPN tunnel and which IP addresses could benefit from faster speeds and access to local services. This solution reduces traffic overload on HQ servers, company data centers and helps save hardware costs.

COMPARISON

Split Tunnel vs Full Tunnel

The main differences between split tunneling and full tunneling your traffic are speed and security. With a full tunnel, all traffic goes through your secure VPN connection, making it the more secure option; however, this can also lead to slower speeds due to the amount of traffic that needs to be encrypted and because when all traffic is sent via HQ, it overloads the HQ infrastructure.

With split tunneling, only part of your traffic is sent through a VPN, which means that things like video streaming and video calls will have better performance and there will be less strain on the HQ infrastructure.

NordLayer is currently working on a split tunneling solution and will offer complete functionality soon. For now, NordLayer only partially helps to resolve split tunneling use cases.

Split tunnel

Some traffic is offloaded to the VPN Client and routed to the Public Network directly. e.g., Video streaming, Zoom, MSTeams
Not all endpoint traffic is encrypted
Performance over security

Full tunnel

All the traffic from VPN Client is routed and controlled by the VPN Server.
All endpoint traffic is encrypted
Security over performance

Our Solution

Which Split Tunneling functions does NordLayer cover?

Virtual Private Gateways at NordLayer can cover some split tunneling functions. However, it has to be configured separately through a site-to-site request form. In this case, we can split the traffic intended for HQ/Branch, and the rest will reach the internet through the VPN-encrypted tunnel. This level of security comes with a minimal effect on the performance, as NordLayer VPN servers have up to 1gbps output.

Scheme of how NordLayer’s Split Tunneling works

Here are the benefits of NordLayer Split Tunneling:

All the traffic from VPN Client is routed and controlled by the Virtual Private Gateway

All endpoint traffic is encrypted

Security & performance

Avoid extra costs for onsite hardware

Person researching nordlayers split tunneling solution

Protect your business with NordLayer

NordLayer's VPN split tunneling reduces traffic overload on HQ servers and company data centers and helps save costs for hardware. All while keeping your data encrypted and secure.

RESOURCES

VPN Resources

Blog

VPN Service Provider vs. Self-Hosted VPN: which one to choose?

Blog

How cloud security made Omnisend team US expansion safe during the pandemic

Blog

Advantages of using a VPN

Additional info

Frequently Asked Questions

Are there any Split Tunneling security risks?

There may be some security risks when using VPN split tunneling. However, if you’ve set it up correctly, those risks can be minimized. In most cases, protecting all internet traffic is unnecessary, and only retaining privacy on the traffic you care about can improve the online experience without compromising security.

Can you choose which traffic goes through a VPN split tunnel?

Currently, while using NordLayer, all your traffic is routed through an encrypted VPN tunnel by default.