I have read with interest the articles relating to split tunneling. One thing I would value your opinion on is this: I am being informed that as we use PPTP, split tunneling is not an issue and that if an intruder managed to gain access to the portable from the Internet they would not be able to get access to our internal systems. Is this true?
No, that is not true. It does not matter what type of tunnel protocol is used. If an intruder can compromise the remote machine via the Internet and the VPN tunnel is active, there is no reason why they could not use the VPN tunnel. Regardless of the protocol used, a VPN simply is a virtual wire between the remote machine and the home network. If an intruder can get in via one pipe, they can get out via the other. Thus, it is important that remote users have a personal firewall and all security patches in place. Disabling split tunneling is another precaution recommended by most (but not all) security professionals.
Ask the Expert: Solutions for split tunneling with Microsoft PPTP
Ask the Expert: Split tunneling in a VPN environment
News & Analysis: Facing remote security challenges