What configuration is needed to exclude Google Maps traffic from the FortiSASE VPN tunnel?

To exclude Google Maps traffic from the FortiSASE VPN tunnel, configuring the Google Maps Fully Qualified Domain Name (FQDN) as a split tunneling destination is the appropriate approach. Split tunneling allows specific traffic – in this case, from Google Maps – to bypass the VPN tunnel, enabling direct access to the internet rather than routing through the VPN.

This is advantageous because it can enhance performance for services like Google Maps, which are heavily reliant on real-time data and may function better when not encapsulated within a VPN. By designating the FQDN for Google Maps as a split tunneling destination, you're indicating that traffic to that particular domain should not be encrypted and sent through the VPN, but rather should go directly to the internet.

The other options do not effectively achieve the same outcome. For instance, configuring an application filter or adding the Google Maps URL to a whitelist would not specifically manage the routing of traffic through the VPN tunnel. These methods might still end up routing the traffic through the VPN, as they generally pertain to permissions and traffic handling rather than routing decisions. Additionally, disabling the VPN for all Google services would be overly broad and potentially disrupt security and functionality for other necessary services. The precision of split tunneling is crucial