Many of you are supporting home computers or corporate laptops remotely connected over a virtual private network (VPN) using Remote Desktop. Microsoft recently provided guidance to use a technique called split tunnel VPN. Microsoft is also trialing the Office 365 Network Onboarding Tool check your connectivity and setup with Office 365. You indicate your physical location and then enter your tenant’s name to download the tool. You will need to install .NET Core 3.1.3 to complete the advanced test. Once completed it will report on your use of VPNs, proxy or other connectivity. It will also report on split tunnel VPN use.
Split tunnel VPN security concerns
I see near religious arguments over the use of split tunnel VPNs. Some argue they provide the ability to place the network traffic that is used for maintenance (Windows updating, installation of Click to Run Office 365) over the users’ local connection without introducing more risk. Others say that unless you ensure that all traffic is across the corporate VPN, you can’t inspect the traffic to keep the firm secured.
VPN security concerns come down to how you connect the client or workstation to the network. If you connect a remote client to your network using virtual private networking and do not limit or restrict the client workstation, an infected machine can introduce risks and malware to your network.