VPN Protocols

vpn protocols

When we talk about a VPN (Virtual Private Network), we generally refer to a secure Internet connection enabled by tunneling technologies. A VPN entails a secure tunnel through which data traffic from a computer is transmitted over a public network such as the Internet. Tunneling technologies and authentication protocols determine the level of encryption used to secure the VPN tunnel, and therefore also determine the level of security provided by the VPN service.

There are more than four VPN protocols, including PPTP (Point-to-Point Tunneling Protocol), L2TP (Layer Two Tunneling Protocol), IPSec (Internet Protocol Security), OpenVPN, SSTP (Secure Socket Tunneling Protocol), and SSL VPN (Secure Sockets Layer VPN). Some are easy to deploy while others require more complex resources. Likewise, some provide higher levels of security while others provide basic Internet security.

PPTP – This is the most widely implemented VPN protocol for the reason that it is natively supported on devices running Windows (2000, XP, and server 2003) and Mac OS X. It’s also supported on the mobile platforms iOS and Android. It uses Point-to-Point authentication and MPPE (Microsoft Point-to-Point Encryption) to encrypt data traffic. PPTP is a fairly secure technology when used the password-based authentication method of MS-CHAP v2. It provides data confidentiality and it is ideal for personal VPN on mobile devices that require basic online security.

L2TP – On its own, L2TP doesn’t provide any encryption and instead relies on IPSec encryption, hence L2TP/IPSec. The L2TP/IPSec combination provides significantly higher levels of security as it employs certificate-based identity authentication to initiate IPSec connections. While it provides solid security, it requires third-party software (and sometimes hardware) to be installed, in addition to IPSec client software. In addition to data confidentiality, L2TP goes a notch higher to provide data integrity, meaning that there’s zero chance that your data will be modified during transmission.

The downside to this is that it slightly reduces performance due to the overhead required to provide the extra layer of security.

SSTP – SSTP is a highly secure VPN protocol. It was partly created to correct the flaws in the PPTP and Layer 2 Tunneling Protocol. With SSTP, you can easily beat web proxies and firewalls because there is no port blocking. This feature makes SSTP the ideal protocol for VPN users who want to bypass Internet censoring in restrictive countries.

SSL – SSL technology is not as popular as PPTP, but it has been steadily growing over the years. The biggest benefit of SSL is that it is very easy to deploy: no custom VPN software is required. Instead, SSL uses the Web browser as the VPN client software. For this reason, SSL VPN is sometimes referred to as a ‘clientless’ solution.

OpenVPN – OpenVPN is among the most popular VPN technologies deployed currently. It is very robust and provides a level of versatility that is hard to match. Many VPN providers offer OpenVPN as the default encryption protocol.

OpenVPN uses authentication, certification, and all encryption in the OpenSSL library to create secure IP tunnels over one TCP/UDP port. OpenVPN is relatively easy to deploy, hence its popularity.