I can’t decide if I hate that more or less than what I’ve seen: client-side blocking of DNS resolution and driving all queries through Cisco Umbrella or friends.

I guess they both suck pretty hard.

interesting, i heard that some employers did set the default route to go through their vpn, havent had that experience myself either though.

it was always only the 10.0.0.0/8 and some /24 ranges from 192.168.0.0/16 at my current job

liberty mutual, the largest insurance provider, is in the process of moving from default route on the vpn to no vpn at all and zero trust networks for their apps.