Virtual Private Networks (VPN) use sophisticated encryption techniques to keep their communications protected, generally referred to as VPN protocols. Early on telecommunication carriers allowed VPN-style remote connectivity through dial-up modems or leased lines utilizing Asynchronous Transfer Mode (ATM) or Frame Relay. These “true” VPNs gave way to IP and IP/Multiprotocol Label Switching (MPLS) Networks that significantly reduced cost and increased bandwidth.
To assure the privacy of the communication transmitted, most VPNs only allow authenticated remote assess. They provide security by using tunneling protocols and strong encryption. The most wide-spread protocols currently in use are:
PPTP was the first VPN protocol that supported Microsoft Dial-up Networking, using a control channel over Transmission Control Protocol (TCP) and a Generic Routing Encapsulation (GRE) tunnel operating to encapsulate Point-to-Point Protocol (PPP) packets. It was originally developed by a vendor consortium formed by Microsoft, Ascend Communications and 3Com and others and it is widely considered cryptographically broken hence not regarded as safe. It operates in the Transport Layer of the Internet Protocol Suite and protects all traffic across an IP network without requiring applications specifically designed to use it. (http://en.wikipedia.org/wiki/PPTP)
Layer 2 Tunneling Protocol is a tunneling protocol used to support VPNs. It does not provide confidentiality or encryption. Therefore it is usually combined with IPsec to add encryption and secure a network connection. (http://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol)
Internet Protocol Security (IPsec) was originally developed by the Internet Engineering Task Force for IPv6. This standard-based protocol is widely used with IPv4 and Layer 2 Tunneling Protocol (L2TP). IPsec authenticates and encrypts each packet of a communication session and can be used to secure host-host, network-network and network-host data flows. It operates on the Internet Layer of the Internet Protocol Suite and therefore protects all traffic across an IP network without the need to specifically design an application to to use it. (https://en.wikipedia.org/wiki/IPsec)
Originally written by James Yonan, OpenVPN is an open source software application published under the GNU General Public License. OpenVPN makes extensive use of the OpenSSL library, as well as SSL and TLS and is capable of transversing Network Address Translators (NATs) and firewalls. OpenVPN allows peers several ways to authenticate each other using, certificates, pre-shared secret keys, or username/password.
OpenVPN uses the OpenSSL library to encrypt both the data as well as the control channel and can run over User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) transports, or even a single TCP/UDP port. The use of common network protocols makes it a great choice in areas where ISPs block specific VPN protocols. OpenVPN is considered safe and currently the preferred method to establish a VPN connection. (http://en.wikipedia.org/wiki/Open_VPN)
Your privacy needs determine the level of security you need, unfortunately there is no such thing as 100% secure, unless, of course, you don’t plan on connecting to any network.
Virtual Private Networks offer an inexpensive way to secure all of your Internet traffic. Which protocols to use depends on your VPN provider and the capabilities of the device you are using. Today the preferred method to secure your Internet connection is OpenVPN followed by L2TP/IPsec and lastly PPTP, as the least secure option.
PImage Credit: mason bryant