VPN Split Tunneling: The Benefits and Risks

  Рет қаралды 38,854

F5 DevCentral

F5 DevCentral

Күн бұрын

Пікірлер: 57
@Jotin8664
@Jotin8664 3 жыл бұрын
This was short and straight to the point! Loved it
@larrshinshin7606
@larrshinshin7606 3 жыл бұрын
I love learning networking concepts from Charles Manson! Keep 'em coming!
@TeflonGeneral
@TeflonGeneral 3 жыл бұрын
😂😂
@sust77
@sust77 3 жыл бұрын
While he was teaching, it felt I already knew him and then I realized he looks like Simon from GOT TALENT, and he has got some talent definitely . Thanks for the Lecture
@crescentaerialimaging
@crescentaerialimaging 4 жыл бұрын
I'm impressed with the backwards writing! lol.
@HagenvonEitzen
@HagenvonEitzen 4 жыл бұрын
I would have created a mirrored label for my shirt, written normally, and mirrored the video :)
@Za-xh9tj
@Za-xh9tj 4 жыл бұрын
@@HagenvonEitzen i saw this then i realized, ah nvm. but then i look at his shirt, the devcentral is not mirrored. so he is actually writing in reversed lol
@sagehudson2408
@sagehudson2408 3 жыл бұрын
i guess im randomly asking but does someone know a trick to log back into an Instagram account? I was dumb lost my account password. I appreciate any assistance you can give me
@jaxsonharrison9461
@jaxsonharrison9461 3 жыл бұрын
@Sage Hudson instablaster ;)
@pnp109
@pnp109 2 жыл бұрын
Love it Peter ! Very clear and helpful ! Thank you :)
@devcentral
@devcentral 2 жыл бұрын
Thanks! Glad you enjoyed and we appreciate the comment!
@1.9.9.1
@1.9.9.1 3 жыл бұрын
He looks like a staring contest world champion lmao great video brotha, helps understand the process for sure. 👍
@devcentral
@devcentral 3 жыл бұрын
Thanks! And, appreciate the comment.
@snasheet
@snasheet 4 жыл бұрын
Split Tunnel is generally against the best practices as internet bound traffic is not get inspected by the firewalls however having split tunnel enabled allow users to forward latency sensitive traffic directly to internet (not via VPN tunnel), Most companies enabled split tunnel for voice and video traffic as VPN encryption/decryption adds overhead which affect the performance sensitive applications.
@JasonRahm
@JasonRahm 4 жыл бұрын
Salman Nash many companies take that security posture for sure, but policies differ on requirements. Also for situations like we are in now where capacity planning didn’t foresee 100x increases in resources, splitting off nonessential traffic while the entire workforce is at home eases the burden on infrastructure allowing mission critical traffic to pass.
@alastavi9630
@alastavi9630 4 жыл бұрын
@@JasonRahm I think so O365 reduce the max users on F5 APM, enable the split tunneling to O365 in direct. Web trafic through cloud proxy or other solution and the corp trafic in the tunnel. O365 without split tunneling on APM is divise by 2 the max CCU value.
@Littleanimalsarecute
@Littleanimalsarecute 2 жыл бұрын
New subscriber 🐿🐿🐿 The squirrels loved the reminder to sign our work. Sometimes they sign my chair 😁. One of their funnier pranks as they wait for me to come back outside and see if I sit in the chair before I notice. Anyway, great video. 👍
@devcentral
@devcentral 2 жыл бұрын
Glad you lied it and we appreciate the comment!!
@tld8102
@tld8102 3 жыл бұрын
how do you write inverted and left hand
@devcentral
@devcentral 3 жыл бұрын
this is how we do the Lightboard Lessons: kzbin.info/www/bejne/i2iokH9qrKiDisU
@sbmasonator
@sbmasonator 3 жыл бұрын
Super helpful, pal.
@psilvas
@psilvas 3 жыл бұрын
thanks much! Appreciate the comment! ps
@indieshack4476
@indieshack4476 3 жыл бұрын
Very helpful summary if split tunnelling (and how do you write backwards so well!)
@psilvas
@psilvas 3 жыл бұрын
Hey thanks! Appreciate the note. You can see how we do this with this tweet: twitter.com/psilvas/status/1113495222502088704?lang=en Or, watch this video Jason and John did showing how: kzbin.info/www/bejne/i2iokH9qrKiDisU
@hillfordh816
@hillfordh816 4 жыл бұрын
I think many companies were forced to move to split tunneling whether they wanted to or not to alleviate the bottlenecks in their offices. For the internet bound now traffic maybe a solution like open dns or cisco umbrella could add a layer or visibility?
@monnombre6547
@monnombre6547 3 жыл бұрын
awesome explanation!!!
@crazebane4394
@crazebane4394 3 жыл бұрын
Thanks needed this
@francessmith2265
@francessmith2265 2 жыл бұрын
Thanks Pete
@devcentral
@devcentral 2 жыл бұрын
Appreciate the comment!! thanks! (this is Peter answering!) 🙂
@LoneWoIfPack19
@LoneWoIfPack19 3 жыл бұрын
I'm a moron. I still don't know what apps I should or shouldn't be using with a VPN
@JasonRahm
@JasonRahm 3 жыл бұрын
not at all! You are not alone, and this is a driving force for the edge technology discussion. Does it make sense to centralize control for everything, carrying all the traffic back to corporate to process before sending outbound? Or does it make sense to push some of that decision making out to the client-edge so security and performance can be managed closer to the source?
@intel_da_developer4791
@intel_da_developer4791 4 жыл бұрын
Great video
@devcentral
@devcentral 4 жыл бұрын
Appreciate the comments!
@intel_da_developer4791
@intel_da_developer4791 4 жыл бұрын
Learning to be a hacker now
@sdotagain312
@sdotagain312 4 жыл бұрын
Is bridging the users home network and the corporate network a risk with split tunnel?
@devcentral
@devcentral 4 жыл бұрын
Hi SB~ Could be *if* bridging mode is enabled. In order to route a private Internet connection into a VPN, the user's client has to have the bridging mode activated & typically this is not a default setting. Also an administrator can use a group policy to deactivate the bridging feature and prevent the user from activating it. If the concern is potentially infecting a corporate network with malware through a private connection that could happen. However, almost every company uses antivirus software to eliminate malware before it enters the company’s systems. Infected USB drives on a local machines is probably more of a risk than internet traffic overall. So, the risk of infection through split tunneling is highly unlikely.
@The3lloba
@The3lloba 7 ай бұрын
Does anyone know how an RDP connection to a host that’s on VPN with split-tunneling disabled can be done?
@princecyril4233
@princecyril4233 Жыл бұрын
Thanks 🙏🙏
@thomasdotmp3
@thomasdotmp3 2 жыл бұрын
couldn't watch because the squeaking marker was breaking me
@montchofrejus
@montchofrejus 2 жыл бұрын
Is he really writing backwards. That’s genius
@devcentral
@devcentral 2 жыл бұрын
Thanks for the comment! This is how we do these: kzbin.info/www/bejne/i2iokH9qrKiDisU
@beefyjoe2084
@beefyjoe2084 2 жыл бұрын
anyone else thought the white dot was a dead pixel on their monitor for a second
@yotty97
@yotty97 3 жыл бұрын
but how do app-based split tunnel work? like in the PIA and expressvpn apps- there u can choose specific apps to over the vpn or not
@devcentral
@devcentral 3 жыл бұрын
In this instance, we have AppTunnels. This is where only a particular application, like Outlook or a CRM or RDP, etc, will get a specific encrypted tunnel only for that traffic/application. It can be configured to launch when the user clicks their app. Everything else goes thru the regular internet connection like normal. Hope that helps?
@yotty97
@yotty97 3 жыл бұрын
@@devcentral but how does it work? does it require a WFP callout driver? how to setup specific routing rules unique for an app?
@devcentral
@devcentral 3 жыл бұрын
Sorry, I should have also included these. Manual Chapter APM: Configuring App Tunnel Access - techdocs.f5.com/en-us/bigip-15-1-0/big-ip-access-policy-manager-application-access/configuring-app-tunnel-access.html and Manual Chapter TMOS: Route Domains - techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-routing-administration-13-0-0/8.html
@yotty97
@yotty97 3 жыл бұрын
@@devcentral thx
@unknownuser-sr2zh
@unknownuser-sr2zh 4 жыл бұрын
ooh!! i forgot to sign my work... LOL
@NathanAnsari
@NathanAnsari 4 жыл бұрын
Would split tunneling be able to solve an issue for example such as being disconnect with the exchange server in outlook when VPN is actualy instead of having to keep starting Outlook first and then connect to the VPN when it comes down to O365? Does anybody know by any chance?
@devcentral
@devcentral 4 жыл бұрын
Depending on your infrastructure, if O365 is your Outlook feeder, then you might not need a VPN connection at all. You could Federate the credentials through a VPN controller but not necessarily need a tunnel. Some do split-tunnel with O365 (MS Recommended) so that only traffic for the corp network goes over the tunnel while O365 goes to the appropriate cloud. You could also create application specific tunnels for things like Outlook, so that all email goes thru the tunnel and any other traffic (public, that is) would go out through your ISP.
@charliebrown7328
@charliebrown7328 4 жыл бұрын
Is the opposite of split-tunneling full way tunneling?
@devcentral
@devcentral 4 жыл бұрын
No split tunnel means everything, including Netflix, etc traffic, goes through the encrypted tunnel.
@bertvandegrift7200
@bertvandegrift7200 4 жыл бұрын
@@devcentral That's wrong. Split Tunnel means that corporate data goes through the tunnel, Netflix and other public traffic goes straight to the public internet.
@psilvas
@psilvas 4 жыл бұрын
@@bertvandegrift7200 we should have replied with, 'Not using split-tunnel' rather than No split tunnel since it could be taken as No, split-tunnel... :-)
@ayleafs
@ayleafs 3 жыл бұрын
why is there reverb on the audio lmao
@molinadennis
@molinadennis 3 жыл бұрын
The way like you make this presentation is very insecure.
@TV-ob1if
@TV-ob1if 3 жыл бұрын
huh
Why I no longer use a VPN (most of the time) and nor should you
11:25
Sun Knudsen
Рет қаралды 1,3 МЛН
What is BIG-IP?
13:26
F5 DevCentral
Рет қаралды 112 М.
How to Fight a Gross Man 😡
00:19
Alan Chikin Chow
Рет қаралды 21 МЛН
What is a TLS Cipher Suite?
20:47
F5 DevCentral
Рет қаралды 116 М.
Why VPNs are a WASTE of Your Money (usually…)
14:40
Cyberspatial
Рет қаралды 1,5 МЛН
Remote Desktop Protocol (RDP) using an SSL VPN
5:27
F5 DevCentral
Рет қаралды 72 М.
Beat Ronaldo, Win $1,000,000
22:45
MrBeast
Рет қаралды 106 МЛН
TOR Hidden Services - Computerphile
11:42
Computerphile
Рет қаралды 1,2 МЛН
Perfect Forward Secrecy
13:26
F5 DevCentral
Рет қаралды 72 М.
The Hidden Networks: Onion Routing, TOR, Lokinet, I2P, Freenet
22:23
Rob Braxman Tech
Рет қаралды 96 М.
What is a Web Application Firewall (WAF)?
10:04
F5 DevCentral
Рет қаралды 253 М.
SSH Tunneling Explained
6:37
Tinkernut
Рет қаралды 492 М.