Are you trying got understand the 3.13.7, “Split Tunneling” Security Requirement in NIST SP 800-171 Rev 2 (and draft Rev 3??
Like all of the requirements, there are nuances in the actual Security Requirement, “Prevent remote devices from simultaneously establishing non-remote connections with organizational systems and communicating via some other connection to resources in external networks (i.e., split tunneling).”
In this “As the CMMC Churns” we take a look at the keywords (e.g., remote devices, simultaneous, non-remote connections, et al) and describe how the requirement, when implemented operates as intended.
We will also discuss how a good firewall/VPN concentrator operates to securely implement “Disabled Split Tunneling” while minimizing latency impact to components of your system, not behind your firewall (e.g., Microsoft Teams).
A Whitepaper version of this is available at https://peakinfosec.com/information-security/compliance/dfards-and-nist-sp-800-171/split_tunneling/.
============================================================
Peak InfoSec Homepage: https://peakinfosec.com
As the CMMC Churns Episodes: https://peakinfosec.com/as-the-cmmc-churns/
Contact Peak InfoSec for Support: https://peakinfosec.com/contact/
Email: [email protected] ============================================================
Social Contact