Concept overview
Why VPN Split Tunneling is needed?
Some programs need VPN protection, while others can directly access the internet. In the market, split tunneling is understood as an advanced VPN feature that lets you choose which IP addresses and networks should have a VPN tunnel and which IP addresses could benefit from faster speeds and access to local services. This solution reduces traffic overload on HQ servers, company data centers and helps save hardware costs.
COMPARISON
Split Tunnel vs Full Tunnel
The main differences between split tunneling and full tunneling your traffic are speed and security. With a full tunnel, all traffic goes through your secure VPN connection, making it the more secure option; however, this can also lead to slower speeds due to the amount of traffic that needs to be encrypted and because when all traffic is sent via HQ, it overloads the HQ infrastructure.
With split tunneling, only part of your traffic is sent through a VPN, which means that things like video streaming and video calls will have better performance and there will be less strain on the HQ infrastructure.
NordLayer is currently working on a split tunneling solution and will offer complete functionality soon. For now, NordLayer only partially helps to resolve split tunneling use cases.
Split tunnel
- Some traffic is offloaded to the VPN Client and routed to the Public Network directly. e.g., Video streaming, Zoom, MSTeams
- Not all endpoint traffic is encrypted
- Performance over security
Full tunnel
- All the traffic from VPN Client is routed and controlled by the VPN Server.
- All endpoint traffic is encrypted
- Security over performance
Our Solution
Which Split Tunneling functions does NordLayer cover?
Virtual Private Gateways at NordLayer can cover some split tunneling functions. However, it has to be configured separately through a site-to-site request form. In this case, we can split the traffic intended for HQ/Branch, and the rest will reach the internet through the VPN-encrypted tunnel. This level of security comes with a minimal effect on the performance, as NordLayer VPN servers have up to 1gbps output.
Here are the benefits of NordLayer Split Tunneling:
All the traffic from VPN Client is routed and controlled by the Virtual Private Gateway
All endpoint traffic is encrypted
Security & performance
Avoid extra costs for onsite hardware
Additional info
Frequently Asked Questions
There may be some security risks when using VPN split tunneling. However, if you’ve set it up correctly, those risks can be minimized. In most cases, protecting all internet traffic is unnecessary, and only retaining privacy on the traffic you care about can improve the online experience without compromising security.
Currently, while using NordLayer, all your traffic is routed through an encrypted VPN tunnel by default.