Does a VPN secure the client itself? I know that VPNs protect data traveling from client to the VPN gateway, but do they protect the client machine itself? If we use a VPN without split tunneling, can anyone else intrude or talk to my client?

    Requires Free Membership to View

VPN tunnels ONLY protect data in transit between the VPN tunnel endpoints, in this case your client and gateway. VPNs tunnels do NOT prevent your client machine from being accessed by any other user on the same network.

With split tunneling, your VPN client is only able to send outgoing data through the VPN tunnel. This does offer some protection against intrusion -- for example, if an intruder tries to connect to a service running on your client, your client's responses will be forwarded over the VPN tunnel to the VPN gateway instead of being returned "in the clear" to the intruder. But what ultimately happens to those responses depends on the VPN gateway's configuration -- if the VPN gateway is configured to relay non-private traffic to the Internet, then the responses might be received by the intruder anyway.

Some VPN clients can be configured to drop incoming packets received outside a defined VPN tunnel. In this case, your client machine may ignore packets arriving from any source other than your VPN gateway WHEN THE TUNNEL IS ACTIVE. Many VPN clients go beyond this by integrating personal firewall software that blocks incoming connections received at any time. Some VPN clients have even been integrated with "scan on connect" features that check your client for infection before other traffic can flow through the VPN tunnel. In short, exactly what level of protection you have depends on your VPN client -- VPN tunnels per se don't protect your client machine, but related endpoint security measures and correctly-configured rules can detect and prevent client-side intrusion.

This was first published in July 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: