Hopefully this is the right forum for this discussion - if not my apologies
for further clogging your inbox.
Here it goes:
Would you consider use of JSAM/WSAM to selectively proxy and tunnel certain
applications a form of split tunneling? The traditional concept of split
tunnels looks at all traffic Layer 3 and above, versus JSAM/WSAM which
looks at application traffic at Layer 7.
The context for all of this is from a previous question I put out regarding
split tunneling policy on government networks.
Hopefully this is the right forum for this discussion - if not my apologies
for further clogging your inbox.
Here it goes:
Would you consider use of JSAM/WSAM to selectively proxy and tunnel certain
applications a form of split tunneling? The traditional concept of split
tunnels looks at all traffic Layer 3 and above, versus JSAM/WSAM which
looks at application traffic at Layer 7.
It's still Layer3, but it looks at the application name which sends the
traffic in order to selectively tunnel specific destination networks and
ports.
I wouldn't call it split tunneling, but it depends on how your security
policy classifies this kind of traffic.
It's also worth looking at what risks this may bring to your exposed
services as it check for process name, not necessarily for it to be valid
(you can always create an outlook.exe app that tries to crash the Exchange
CAS or something similar).