What is Split Tunneling in VPN?
Split Tunneling in VPNs is a feature that allows you the flexibility to route your internet traffic via separate tunnels.
You can choose which tunnel your internet traffic is routed on an app-by-app or a website-by-website basis. For instance, consider a situation where you want to interact with devices on the local network while keeping your internet traffic encrypted. An even more relatable problem is when you need more bandwidth for a few apps but want to encrypt internet traffic for the remainder of the apps.
Split tunneling essentially gives you more power over how your data is transmitted. You can either choose the relatively slower, safer tunnel or the faster, not-so-safe tunnel. To understand why encrypted tunnels are slower, you need to know how split tunneling works in VPNs.
How Does Split Tunneling Work in VPNs?
When you connect to the internet and try to access a website, your device establishes a connection directly with the website’s server. There are no middlemen, and your connection speed is whatever your ISP provides based on your internet plan.
Once you connect with a VPN, your device first connects with a VPN server, which subsequently establishes a connection with the website’s server. The VPN server encrypts the data before transmitting it further. Since your data now needs to pass through an intermediary, it slows your connection speeds.
This is where split tunneling provides a lot of value. It helps you find the sweet spot between security and speed since it allows you to transmit a portion of the traffic through a secured and slower tunnel and other data through an unencrypted tunnel.
Best Split Tunneling VPNs
Not all VPNs come with a split tunneling feature, but here are a few of the best ones that do.
ExpressVPN: Split Tunneling Based on Apps
ExpressVPN is one of the few VPNs that support in-app split tunneling. It’s pretty easy to set up. You open the Options window, and the split tunneling is right at the bottom of the General tab.
You can choose the apps you want to exclude from the VPN tunnel, and that’s it. For a VPN as expensive as ExpressVPN, the lack of a website-based split tunneling feature is a downside.
NordVPN: Split Tunneling Based on Apps and Websites
There are several reasons you should consider NordVPN if you want split tunneling. First, it offers split tunneling based on apps as well as websites. App-based split tunneling is readily available on the VPN’s app.
However, the only caveat is that website-based split tunneling is available only through NordVPN’s Chrome extension, which has CyberSec (a lightweight feature that allows split tunneling). Regardless, you do have this option, unlike ExpressVPN. Plus, it costs significantly less than ExpressVPN — something to consider if you’re on a budget.
Types of Split Tunneling
Notice how both VPNs allow you to choose apps for which you want to use VPNs and apps for which you wish to disable the VPN.
While it may look like you could choose either one and move along, you’d be better off with one choice than the other. Let’s get some context on types of split tunneling as we talk about which option you should choose.
Inverse Split Tunneling
This is the method you should ideally use. Inverse split tunneling, in simpler terms, means that you use the VPN for all apps or websites except for the ones for which you add an exception. Think of it as whitelisting apps and websites that you want to connect directly to the internet. You can connect apps that require more bandwidth directly to the internet while keeping the remainder of the traffic encrypted.
App or Website-based Split Tunneling
This is the exact opposite of inverse split tunneling. Instead of whitelisting apps or websites, you set your VPN app to only focus on a few apps, such as online banking apps or torrent clients. The remainder of your traffic goes through your normal internet connection unsecured.
While choosing between the above two types, it is more about being safe than sorry. Since you can whitelist apps that require more bandwidth, it’s best to use inverse split tunneling, add exceptions and encrypt the remainder of the traffic.
When Should You Use VPN Split Tunneling?
Split tunneling is a useful feature and can provide great utility in several cases.
Here are a few split tunneling use-cases:
When you’re doing something that doesn’t require much security, split tunneling will help you get things done faster. For instance, say you’re sending over sensitive information for work, and while it uploads, you’d like to sit back with some chips and watch Netflix. You may use split tunneling so you can use the unsecured tunnel to stream Netflix in HD even as your sensitive data continues to pass through an encrypted tunnel.
When you want to access geo-blocked content without slowing any of your other online activities down. If you’re in China, the great firewall could keep you from accessing a lot of websites. Even if you’re elsewhere in the world, you could use a VPN to access content libraries of other countries on any streaming platform. For instance, some shows are only available on Netflix U.S., but you could access them from anywhere using a VPN. You could use split-tunneling to access geo-blocked content while still getting good connection speeds for other activities.
Accessing network devices can sometimes be a problem if you’re connected to a VPN. If you have a Workgroup set up or want to interact with other devices on your local network, you’d need to disconnect from the VPN. Split tunneling can help you access these devices without having to disconnect from the VPN.
Set up inverse split tunneling if you have a list of apps that you believe don’t require much security. It’s a one-time setup that takes a few minutes. You’ll continue to get good connection speeds on select apps while protecting any other data transmitted from your system.
Is Split Tunneling Safe?
Nothing is inherently unsafe about split tunneling, provided you know what you’re doing. Some claim that split tunneling can compromise the overall security that a VPN offers, but this is a baseless argument.
While any traffic that goes through a VPN tunnel is always safe, the mishaps with split tunneling are often attributable to erroneous setups. For instance, if split tunneling hasn’t been set up correctly, it could open doors for cybercriminals to gain access to your information.
The Tunnel Dilemma
It doesn’t have to be like Sophie’s choice. Understand that split tunneling is a tool that helps you get the best of both worlds. It allows you to transmit sensitive data through an encrypted tunnel while allowing the rest of the data to be transmitted directly over the internet.
Ideally, use inverse split tunneling and don’t fall victim to misinformed advisors on the internet who claim that split tunneling weakens a VPNs overall security. All data transmitted through the encrypted tunnel is safe — provided you don’t sign up with a shady VPN service provider.