You may not need to encrypt all of your internet traffic by sending it through a virtual private network (VPN), but if you want to route it through a second tunnel on an open network, split tunnelling is essential. 

What is split tunnelling?

Split tunnelling is one of the many benefits of a VPN. It is the process of establishing a secure connection to route data through an insecure environment, such as an open public network. The data is transmitted via your internet connection through powerful encryption, known as a tunnel. This tunnel safeguards its contents and no one can see or access what is inside. 

Split tunnelling gives you more control over the process by allowing you to choose which app or website traffic is routed through the tunnel and which is routed via your regular internet connection. The ability to select which internet connection to use prevents some of your web traffic from being slowed needlessly. You may also choose which apps and services use your public IP address.

Split tunnelling versus full tunnelling

Full tunnelling involves sending all of your traffic through your VPN, whereas split tunnelling means sending some of your traffic through a VPN and some over the open network. Full tunnelling is more secure than split tunnelling since it encrypts all of your traffic rather than just a part of it. This does mean that full tunnelling can lead to a slower internet connection as all your data goes through the encryption process. 

The pros of split tunnelling

Keep your VPN running

Unfortunately, some programmes and services simply will not function with your VPN enabled. They may need your home IP address for authentication, or they may completely ban communication from known VPN servers.

If you leave your VPN on all the time for maximum security, you may find yourself turning it off when you need to use one of these apps or services. It’s inconvenient, and it puts you at danger of compromising private data if you forget to re-enable your VPN. Safeguarding your privacy  while using the internet is something that should always be prioritised. Split tunnelling means you won’t have to worry about this as you can specify which apps go through the tunnel.

Conserve bandwidth 

Another advantage of split tunnelling is that it conserves bandwidth. Because you can choose which programmes to route through the VPN server, you will have faster internet access and reduce wasted bandwidth.

In addition, if you have a mobile with a fixed data plan, you will reach the limit quicker while using a VPN. By using split tunnelling, you can choose which applications go through the VPN tunnel and avoid using more data that you need to. 

Access network resources 

When connecting to devices on your local area network (LAN), such as a wireless printer, routing your device traffic through a VPN can cause issues. Split tunnelling is often suggested as a solution to this problem.

Access websites and applications that block VPN traffic

Sites such as Ticketmaster and Spotify block VPN traffic. Wikipedia prohibits VPN users from modifying articles, and online banking services may need additional authentication if you use a VPN. You can effectively secure your internet connection by activating VPN split tunnelling, which routes programmes that do not work through the VPN outside the encrypted tunnel.

Access restricted content

One of the top reasons to use a VPN is to sidestep geographic content restrictions on streaming services such as Netflix. However, you may still require access to local search results or information that is restricted to your home location. Split tunnelling allows you to specify which programmes use your home IP address and which use the VPN server’s IP address.

The cons of split tunnelling

Putting corporate systems at risk

Defensive technology is deployed by information security specialists throughout corporate environments to safeguard endpoints and prevent users from doing particular tasks, whether purposefully or unintentionally. Using split tunnelling means not all endpoints are secure. 

Security compromises and digital threats are a real concern for businesses. If the corporate VPN routes internet traffic through a central location, it can also route that traffic through network security systems such as intrusion prevention systems (IPS) to perform deep packet analysis in order to detect harmful content. As very few employees would have the same level of security infrastructure on their home networks, routing all traffic through the business infrastructure effectively places your home network behind the corporate firewall, where it is likely safer.

Data breaches

As the use of split tunnelling might allow users to bypass gateway security within the company network, this might circumvent data loss prevention systems and could lead to breaches of sensitive files and company information. If only part of the connection is encrypted through the VPN tunnel, hackers or those with malicious intents may gain access to the company network.

If employees are not on the company network but rather working remotely, using public Wi-Fi in a hotel or cafe, they may have heightened anxiety over cyber security. This is a valid worry and other devices on the local network should be considered as hostile by default in these instances. They could be intercepting traffic and attempting to break into your device using local protocols. You should be wary of using split tunnelling on public Wi-Fi and it might be worth the reassurance of higher security to encrypt absolutely everything through the VPN server before sending it out to the internet.

Should I use split tunnelling? 

Looking at both the pros and cons, is split tunnelling something you should consider using? This will depend on whether you are considering split tunnelling for business use or personal use as there are benefits and drawbacks for both. 

If you want to safeguard important data without sacrificing internet speed, utilise VPN split tunnelling. If you’re willing to divide your online activity into what you want to keep private and what you don’t, VPN split tunnelling could work well for you.