Hey, CEO of Twingate here. Splitting traffic off the device is just one element of the product - we provide significantly more controls than a typical "split tunnel VPN." You can set up the traffic segregation to go to any arbitrary number of destinations which can be in one cloud VPC, VPCs across multiple clouds, on-prem, routed via a VPC-egress for IP-based restrictions, or classic bypass which just exits the device normally. The segregation happens automatically without the user having to manual switch network profiles to access different environments. Our app just sits in the background and your traffic gets to where it needs to go.
You can also apply granular controls over how each connection is routed based on security and access policies. These policies are tied to your identity (via your IDP - Okta, Gsuite, etc) for easy user mgmt. You're essentially able to setup identity-based access controls on any destination address whether it's a web app, database, ssh server, etc. Very flexible by design and we get a ton of folks in devops & infra using it.
On the network side, we also eliminate the need for a public VPN gateway so there's no public attack surface on your private network/resources. Our connectors sit behind your firewall and are deployed as an overlay to your existing network topology so you don't have to reconfigure all your existing segmentation.
Sum it all up and it's much more powerful than just a split-tunnel VPN. Check it out for yourself at www.twingate.com - it's free to get started :)
You can also apply granular controls over how each connection is routed based on security and access policies. These policies are tied to your identity (via your IDP - Okta, Gsuite, etc) for easy user mgmt. You're essentially able to setup identity-based access controls on any destination address whether it's a web app, database, ssh server, etc. Very flexible by design and we get a ton of folks in devops & infra using it.
On the network side, we also eliminate the need for a public VPN gateway so there's no public attack surface on your private network/resources. Our connectors sit behind your firewall and are deployed as an overlay to your existing network topology so you don't have to reconfigure all your existing segmentation.
Sum it all up and it's much more powerful than just a split-tunnel VPN. Check it out for yourself at www.twingate.com - it's free to get started :)