Not all VPNs were created equal. Depending on its VPN protocol, it can have different speeds, capabilities, or even security and privacy vulnerabilities. We’ll review the main VPN protocols so you can choose the best one for you.
What are VPN protocols?
VPN protocols determine exactly how data is routed through a connection. These protocols have different specifications based on the benefits and desired circumstances; for example, some VPN protocols prioritize data throughput speed while others focus on masking or encrypting data packets for privacy and security.
Let’s take a look at the most common VPN protocols.
OpenVPN is an open-source VPN protocol. This means users can scrutinize its source code for vulnerabilities, or use it in other projects. OpenVPN has become one of the most important VPN protocols. As well as being open-source, OpenVPN is also one of the most secure protocols. OpenVPN allows users to protect their data using essentially unbreakable AES-256 bit key encryption (amongst others), with 2048-bit RSA authentication, and a 160-bit SHA1 hash algorithm.
In addition to providing strong encryption, OpenVPN is also available to almost every platform: Windows, macOS, Linux, Android, iOS, routers, and more. Even Windows Phone and Blackberry can utilize it, meaning you can set up a VPN on all your devices with it. It’s also the protocol of choice among popular and easy-to-use VPN services like CyberGhost.
The OpenVPN protocol has faced criticism in the past due to low speeds. However, recent implementations have resulted in some boosts, and the focus on security and privacy is well worth considering.
VPN protocol: L2TP/IPSec
Layer 2 Tunnel Protocol is the VPN protocol, and it’s usually paired with IPSec for security. L2TP was developed by Cisco and Microsoft in the 90s. It is used for accessing the internet through a VPN when security and privacy are concerns.
There’s some debate out there about whether it’s faster than OpenVPN or not. The average user probably won’t notice a difference in speed between the two. L2TP/IPSec is slower than PPTP.
L2TP/IPSec has no known major vulnerabilities. Some experts have voiced concerns that the protocol might have been weakened or compromised by the NSA, though. The NSA helped develop IPSec.
L2TP/IPSec support is built-in to most modern computers and mobile devices today. The setup process is similar, but the port that L2TP uses is easily blocked by firewalls. If you need to get around these firewalls, you’ll need to forward the port, which requires a more complicated configuration.
Secure Socket Tunneling Protocol is another popular VPN protocol. SSTP comes with one notable benefit: it has been fully integrated with every Microsoft operating system since Windows Vista Service Pack 1. This means you can use SSTP with Winlogon, or for increased security, a smart chip. Furthermore, many VPN providers have specific integrated Windows SSTP instructions available. You can find these on your VPN provider’s website.
SSTP uses 2048-bit SSL/TLS certificates for authentication and 256-bit SSL keys for encryption. Overall, SSTP is quite secure. SSTP is essentially a Microsoft-developed proprietary protocol. This means nobody can fully audit the underlying code. However, most still consider SSTP secure.
Finally, SSTP has native support for Windows, Linux, and BSD systems. Android, macOS, and iOS have support via third-party clients.
VPN protocol: IKEv2
IKEv2 stands for Internet Key Exchange volume 2, which was developed by Microsoft and Cisco and is paired with IPSec for encryption and authentication. Its main use is for mobile devices, either on 3G or 4G LTE, since it’s good at reconnecting whenever a connection is dropped.
A dropped connection typically occurs when a user drives through a tunnel and temporarily loses surface, or when they switch from the mobile connection to WiFi.
This means that when you switch from a WiFi connection to a data plan connection on your smartphone or move between hotspots, the VPN connection will remain stable throughout the process without any drops.
Point-to-Point Tunneling Protocol is one of the oldest VPN protocols. It is still in use in some places, but the majority of services have long upgraded to faster and more secure protocols.
PPTP was introduced way back in 1995. It was actually integrated with Windows 95, designed to work with dial-up connections. At the time, it was extremely useful. But the VPN technology has progressed, and PPTP is no longer secure. Governments and criminals cracked PPTP encryption long ago, making any data sent using the protocol insecure.
However, it isn’t quite dead… yet. You see, some people find PPTP gives the best connection speeds, precisely due to the lack of security features (when compared to modern protocols). As such, it still sees use for users simply wanting to watch Netflix from a different location.
When choosing a VPN provider, take special note of the VPN protocols that are within its list of features. While it may suit your needs to choose a provider that offers a low-security protocol, like PPTP, chances are you’ll need something that offers more security.
Of course, there’s no right or wrong choice of protocol, just make sure you pick a provider with protocols that meet all of your expectations.