We all know that VPNs are a great way to protect our privacy/anonymity online. What a virtual private network does is it encrypts your data and it changes your IP address, so that you can benefit from a secure connection every time you are online, even if you are using a public WiFi. Of course there are other benefits in using a VPN as well, such as the ability to unlock geo-blocked content and use streaming services such as Netflix from anywhere in the world. But in this article we are just going to focus on the types of protocols used by VPNs.
Every time you hear about VPNs, the term ‘protocol’ always pops in, too.
A lot of users are confused when they have to choose a good VPN for their needs, because choosing the right provider is just half of the job. The other consists in deciding what type of VPN protocol they should use.
So what are VPN protocols?
We’ve already established that VPNs work by encrypting your Internet data so that others can’t have access to it. This way you and your identity stay protected and safe from potential malware. A VPN protocol is the technology used by the VPN provider in order to encrypt that data. There are several VPN protocols available nowadays, each of them with its advantages and disadvantages. Not all protocols focus on the same aspects: some of them insist on aspects such as security/privacy, other focus on speed.
The main 5 protocols you are going to hear about most are: OpenVPN, PPTP, L2TP/IPSec, SSTP and IKEv2/IPsec. We are going to explain each of them to you below.
OpenVPN is an open source protocol and it has become the industry standard when it comes to VPN protocols. It is among the most secure types of protocols and also the most versatile. It works on basically every operating system, from Windows and macOS, to Linux, iOS, Android, Blackberry, Windows Phone, on routers and more. In terms of encryption, OpenVPN uses either 128-bit or 256-bit encryption. Its only weak point used to be its speed, as it wasn’t the fastest protocol, but in recent years even that aspect has improved considerably.
PPTP stands for point-to-point tunneling protocol. It is among the first protocols to be developed and used, since 1995. However, nowadays it is quite outdated in terms of security and also speed, although speed-wise, you can obtain some fast results using it, precisely because it doesn’t have so many security tools. But the fact that it doesn’t have built-in encryption makes it a poor choice compared to newer, more complex protocols.
L2TP stands for layer 2 tunnel protocol and it is the successor of the PPTP. By itself, L2TP also lacks encryption technology, meaning it’s not very secure, which is why it is usually coupled with the IPsec protocol (Internet Protocol Security), which uses a very strong encryption. Together with the IPsec, L2TP becomes very secure, if not impenetrable. It is also easy to set up. On the downside, this type of protocol can be blocked quite easily (due to the fact that it uses a small number of ports) which means your VPN can stop working.
SSTP stands for secure socket tunneling protocol and it is a Microsoft-developed protocol. That means it works with any operating system developed by Microsoft. If you want to use it on macOS/iOS or Android, you have to use third-party clients, but if you have a Microsoft device, it is definitely a good option to consider. SSTP uses 256-bit SSL keys for encryption and it is overall a very secure protocol. It is also difficult to block, as supposed to the aforementioned L2TP.
The IKEv2 protocol (Internet Key Exchange version 2) is also developed by Microsoft in collaboration with Cisco. It is among the newest protocols to be released. In itself it is a tunneling protocol, which is why it is also bundled with IPSec for security reasons. However, it is not the most secure protocol in the lineup.
One of the main strengths of the IKEv2 protocol is its mobile friendliness. It works great on mobile devices, offering an impressive security, it has support for iOS and Blackberry, but if you want to use it with Android, you have to use third-party clients. Another advantage of the IKEv2 is its speed. IKEv2 is among, if not the fastest protocol out there. On the downside, it is vulnerable to blocking and it is a bit difficult to implement.