Cybersecurity and Infrastructure Security Agency (CISA) — Guide to Securing Remote Access Software 3.13 3.13.7 System and Communications Protection
This document offers extensive guidance on remote access risk including split tunneling scenarios.
SEARCH RESULTS
National Security Agency (NSA) / Cybersecurity and Infrastructure Security Agency (CISA) — Selecting and Hardening Remote Access VPN Solutions 3.13 3.13.7 System and Communications Protection
A focused advisory on VPN use and configuration best practices, which directly supports the split tunneling control.
NIST SP 800-46 Rev 2: Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security 3.1.14 3.10 3.10.6 3.13 3.13.7 System and Communications Protection
This NIST special publication provides information on security considerations for several types of remote access solutions.
NIST SP 800-77 Rev 1: Guide to IPSec VPNs 3.1 3.1.13 3.1.20 3.13 3.13.7 csc12 csc7 csc9 System and Communications Protection
This NIST Special Publication offers recommendations for designing, configuring, and managing IPSec VPN solutions.
Peak InfoSec – 3.13.7 and Split Tunneling 3.13 3.13.7 System and Communications Protection
In this “As the CMMC Churns” they take a look at the keywords (e.g., remote devices, simultaneous, non-remote connections, et al) and describe how the requirement, when implemented operates as intended.
SANS – Remote Access Policy 3.1 3.1.12 3.1.13 3.13 3.13.7 System and Communications Protection
This sample policy provided by SANS can be customized and used to address remote access.