[tony_h]

Hey CEO of Twingate here, not sure if this is your point, but the reality is that with remote work, most folks have to leave their VPN on to access their work. If their VPN is on, all their traffic is going to your corp network - zoom calls, youtube, netflix, etc. Of course, users can manually turn it on/off but a huge pain if you're having to constantly babysit it when WFH.

[parliament32]

I think you're misinformed about how most corp VPNs work. Usually a default route is not pushed -- only corp resource routes are. So traffic for corp resources goes over the VPN, while all other traffic goes out the default gateway (your connection) as usual. This is nothing fancy, it's how routing tables on every IP device ever have always worked.

[alsobrsp]

This is not always the case, split-tunneling is a standard config option. I setup my clients this way most of the time. Only, corporate assets get the client and they are checked for a/v and firewall on connection.