Balancing robust security with optimal network performance can be a constant struggle. Traditional VPNs encrypt all traffic, potentially impacting performance for applications that don't require strict security measures. Additionally, full VPN tunnels can create obstacles when accessing local network resources like printers.
Exium SASE introduces the powerful Traffic Steering Applications feature, also known as split tunnelling. This functionality allows you to define which applications and traffic utilize the secure, encrypted VPN tunnel, while routing non-critical traffic directly over the internet.
Exium SASE leverages a multi-layered approach to facilitate split tunneling. You can define application rules based on:
No |
Key Features and Benefits of Traffic Steering Applications |
---|---|
1 |
Selective Traffic Routing
|
2 |
Network Efficiency
|
3 |
Flexibility and Customization
|
4 |
Access to Local Network Devices
|
Exium SASE's Traffic Steering Applications feature represents a powerful solution for organizations seeking to balance network security with performance and flexibility. By selectively routing traffic through encrypted VPN tunnels, organizations can prioritize critical business applications while maintaining efficient access to non-business related resources. With enhanced security measures and granular control over traffic routing, Exium SASE enables organizations to optimize network efficiency and productivity without compromising on security.
Exium enables workspace admins with multiple options to configure Traffic Steering Applications. Traffic Steering Applications are defined in the central admin console and applied in the Exium Cloud CyberMesh platform as shown in the below architecture diagram.
You can define Traffic Steering Applications as Include or Exclude Lists as shown in the Table below:
Traffic Steering |
Definition |
---|---|
Policy Definition | Applies to all users in the workspace or in the organization |
Policy Enforcement |
√ |
Include List Support |
Include Lists are included in tunnel |
Exclude List Support |
Exclude Lists are included in tunnel |
You can define Traffic Steering Applications as include list, which will be included in tunnels of all users in the workspace. To create Traffic Steering Applications, follow the below steps
On Create Policy form, follow below steps
Traffic Steering Applications gets applied to all users in workspace. All users in workspace will be able to access the specific service on plain internet as defined in this policy.
You can define Traffic Steering Applications as exclude list, which will be excluded in tunnels of all users in the workspace. To create Traffic Steering Applications, follow the below steps
On Create Policy form, follow below steps
Traffic Steering Applications gets applied to that user. User will be able to access the specific service on plain internet as defined in this policy.
When traffic steering mode is set to conditional access or tunnel all traffic, the page displays internet facing public IP. For some applications like M365, this public IP needs to be whitelisted.
To learn more about implementing SASE for your organization and explore tailored solutions that meet your unique requirements, contact Exium at partners@exium.net for a consultation or demonstration. If you are ready to get started, check out our testing and onboarding process.