Ask the Expert

Policy for using split tunnels

I am doing some research on the existence of a policy regarding the use of split tunnels. Does the Department of Defense (DoD) or any other federal agency have a policy prohibiting the use of split tunnels?

Requires Free Membership to View

Despite diligent searching, I have not been able to find any definitive federal policy prohibiting or permitting the use of split tunnels. Now that I have written this, I'm sure lots of people will write in to to tell us where to find the policy.

From a DoD perspective, the general policy is that only DoD issued computers can even connect to a DoD network whether directly or via dialup VPN. This is done so that the configuration of those computers can be controlled and locked down. Users are not allowed to load their own software. VPN software that I have encountered is set up to disable split tunneling, forcing any Internet connection to go out via the DoD firewalls.

If you think about it, this policy makes sense. Do you want your employees to load their own software on their company-owned computers? Do you want them accessing the Internet without benefit of a firewall? If you allow personally-owned computers or computers with split-tunneling to access your network, that is exactly what you are doing. You may very well be opening up your network to problems that you thought you were avoiding.

For more info on this topic, visit these resources:
  • Security Policy Tip Index
  • Ask the Expert: VPNs and split tunneling
  • Glossary: Tunneling

    This was first published in October 2003

  • There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: