Can someone please tell me if there are security issues with split-tunnelling in relation to vpn clients.
For instance I have several users who use the vpn client to connect to the work office and also they browse the internet from their home machines whilst connected to the work office using the vpn client.
Do you suggest that I take out the split-tunnel command from the pix configuration? What I have noticed on the vpn client side, under the status|statistics tab is that when browsing the internet whilst connected to the work office via the vpn client there are a lot of 'bypass counts'.
Is this an indication that the vpn client is not allowing unencrypted traffic to get to the work office and is only allowing communication (encrypted) between the vpn client and work office PIX.
Are there any security concerns on having split-tunnelling enabled, will my work office be compromised??
Will be most grateful if someone could give me some answers.