I have purchased an SA2500 IVE 6.5 .
When clients are connected witch NC, internet browsing are also routed through the NC.
The option selected is: Allow access to local subnet.
When I am choosing the Enable Split Tunneling option and allowing access to the work resources and subnet, it works fine but users can also run local P2P applications while conneced to work,
Is it possible to disable that or alternately to exculed all http/ftp traffic from passing through the NC?
In the Network Connect Split Tunneling Policies I tried to exclude tcp://*:80,21 but got invalid resource error message.
You could enforce it with a HostChecker policy, so that if they launch uTorrent, they get disconnected. The problem would be maintaining the list of banned applications.
Besides, with flash and java, your SSLVPN connection is still exposed.
Its the classi trade-off between ease-of-use, bandwidth utilization and security...