Our company has many remote employees who are working from home and often face issues with slow ISP speeds. We're concerned about ensuring that none of our users are vulnerable to man-in-the-middle (MITM) attacks from rogue access points while traveling. Is there a way to secure their network traffic without requiring a full tunnel VPN on their devices?
5 Answers
They can't expect better speeds with a split tunnel, to be honest. The data remains the same, whether it's through a VPN or not.
You know, just make sure your users are connecting to secure HTTPS websites. Traffic over HTTPS can't really be tampered with by rogue access points. A full VPN isn't always necessary if users are being careful with their connections.
Exactly! Plus, relying on commercial VPNs can sometimes introduce a false sense of security, since they themselves could also be considered a form of a man-in-the-middle if mismanaged.
Definitely, but my colleague is all about avoiding bottlenecks, especially with IPSec. We really need to find a balance that keeps everyone secure without slowing things down too much.
Have you looked into SASE solutions? They combine network security and WAN capabilities, which could suit your needs well.
Just a heads up, public VPNs can kind of set off alarm bells for MITM risks—they often have questionable security practices.
Consider using a cloud-based L7 firewall like ZScaler. It’s pretty effective for securing traffic without the overhead of a full tunnel VPN.
That's not necessarily true! A split tunnel can help prioritize certain traffic, which might speed things up under the right conditions.