Which VPN protocols should you use?

James Murray
James Murray  |  January 3, 2019

VPN (virtual private network) protocols can appear complex at first glance.

There are dozens of acronyms and technical pieces of information to take in, and the reasons for choosing one protocol over another can seem endless.

However, VPN protocols are actually quite straightforward and as simple as sending something in the post. All you need to do is tailor the size and security of the parcel to your mail.

In the hopes of making this subject a bit more palatable and easier to digest, we’re going to stick with the postal analogy. Hopefully it will help you to differentiate protocols and know which one to use when performing certain tasks.

Why should you use different VPN protocols?

As we said, VPN protocols are a bit like packaging. For example, you wouldn't choose to post something valuable in a flimsy envelope or send something unimportant via recorded delivery – the same goes for your data.

Many protocols offer exceptional security while others simply offer speed. To get the most out of your VPN, it can be a good idea to switch between protocols to suit the data you’re sending back and forth.

For instance, if you’re at home binge-watching TV shows on Netflix, it won’t do you any harm to select a VPN protocol with fewer security measures to speed up your internet connection. This way, you can spend more time engrossed in your favorite TV show, rather than waiting for it to buffer.

The opposite applies when you’re doing things online that present a risk to your data, like shopping and banking on an unsecured network.

If you’re unsure about which VPN protocols are the metaphorical envelope and which are the courier, here is a breakdown of each protocol and their pros and cons.

PPTP

PPTP stands for point-to-point tunneling protocol and is a relatively antiquated method of VPN encryption. It was designed by Gurdeep Singh-Pall in 1996 for Microsoft and is still quite popular today, despite known vulnerabilities that have been around for over a decade.

PPTP is relatively fast because it requires so little computing overhead. But where it’s so easily attacked, it’s comparable to posting a letter first class in an unsealed envelope.

Pros

  • This protocol is integrated into several operating systems, including Windows, Linux, and macOS, and it’s supported by most modern devices.
  • Due to its low level of encryption, PPTP is one of the fastest protocols.

 

Cons

  • Security and anonymity may be compromised by the low level of encryption.
  • PPTP can be blocked by firewalls.

L2TP/IPSec

L2TP (layer two tunneling protocol) is similar to PPTP, but with the added security of double encapsulation and IPsec (internet protocol security) encryption.

This means it’s slower than PPTP, but a bit safer, sort of like sending a letter second class, but in a sealed envelope.

Pros

  • IPsec encryption uses a 256-bit key, which encrypts your data to military standards.
  • L2TP runs on mobile operating systems, as well as Windows XP and macOS 10.3 or later.
  • This protocol prevents data from being altered between sender and receiver, meaning it can prevent man-in-the-middle attacks.

Cons

  • The added encryption takes up a lot of computing power and means your connection is slower.
  • L2TP is notoriously difficult to configure.

SSTP

SSTP stands for secure socket tunneling protocol and is a protocol developed by Microsoft. Primarily intended for remote access, it generally struggles with site-to-site VPN access.

This protocol is a bit like trying to send a packet through a courier that only delivers to certain areas.

Pros

  • SSTP is one of the most secure protocols, supporting a wide range of cryptographic algorithms.
  • SSTP is completely integrated into Windows and very easy to use.

Cons

  • Although SSTP is supported on other operating systems, it doesn’t work as well as it does on Windows. A lot of existing VPNs don't offer it either.
  • As the software is not open source – it hasn’t been independently audited.

OpenVPN

OpenVPN is one of the most popular VPN protocols out there and takes the coveted position of private courier on our list of metaphorical postal options.

OpenVPN uses multiple strategies to keep communications safe, including OpenSSL, HMAC authentication and shared keys. With both TCP and UDP protocols, it’s also highly configurable and, therefore, very difficult for internet service providers to block.

Pros

  • This protocol is highly configurable and supported by the vast majority of VPNs.
  • OpenVPN comprises a number of modern security measures to keep your data safe.
  • Using an OpenVPN protocol can help you to bypass firewalls.

Cons

  • OpenVPN can be hard to configure if you don’t know what you’re doing.
  • If configured incorrectly, you could completely undermine the otherwise impressive security offered.

Conclusion

VPNs, though they keep you safe, are infamous data guzzlers that can really slow you down online – causing a whole host of problems. But tailoring your VPN protocol to your internet activity can help you to make the most of your broadband and avoid buffing-related breakdowns.

Moving between protocols can also help you to protect your data when doing things online that require a bit more security.

Understanding different VPN protocols can be difficult when you first get started, but with our handy postal analogy, we hope it looks a bit more manageable.

If in doubt, your VPN provider will usually have set the most secure protocol as your default and can offer more guidance on how and when to switch to other options.

James Murray
Author

James Murray

James Murray is a professional copywriter and researcher. He has written for a number of well-known brands in the past few years, and his professional work covers topics from cyber security and consumer technology to the science of sleep.