Despite diligent searching, I have not been able to find any definitive federal policy prohibiting or permitting the use of split tunnels. Now that I have written this, I'm sure lots of people will write in to SearchSecurity.com to tell us where to find the policy.
From a DoD perspective, the general policy is that only DoD issued computers can even connect to a DoD network whether directly or via dialup VPN. This is done so that the configuration of those computers can be controlled and locked down. Users are not allowed to load their own software. VPN software that I have encountered is set up to disable split tunneling, forcing any Internet connection to go out via the DoD firewalls.
If you think about it, this policy makes sense. Do you want your employees to load their own software on their company-owned computers? Do you want them accessing the Internet without benefit of a firewall? If you allow personally-owned computers or computers with split-tunneling to access your network, that is exactly what you are doing. You may very well be opening up your network to problems that you thought you were avoiding.
For more info on this topic, visit these SearchSecurity.com resources:
This was first published in October 2003