Virtual Private Network (VPN)
Learning Center | Glossary | Virtual Private Network (VPN)
What is a VPN?
A VPN or Virtual Private Network creates a private, encrypted connection over the public, shared or private network. It provides data protection and privacy by using dedicated connections, traffic encryption or secure, virtual tunneling.
Common VPN Use Cases
- Enable remote workers to connect to corporate networks or cloud resources securely
- Securely connect multiple locations (e.g., offices)
- Provide secure communications over the Internet or public WiFi
- Evade censorship
- Change or conceal originating IP address
- Protect intellectual property and meet regulatory requirements
VPNs are commonly used by organizations adopting AWS, Azure and Google clouds for the following types of connections:
- Site-to-Cloud VPNs
- Remote User-to-cloud VPNs
- Peering between Virtual Private Clouds or Azure VNETs
There are a number of VPN protocols used to define how the service handles data transmission. VPN protocols provide different capabilities, levels of security, performance and platform support. The most common VPN protocols are:
- SSL VPN uses the Secure Sockets Layer protocol or the Transport Layer Security (TLS) protocol, which stems from the browser implementation to provide remote-access VPN capability.
- PPTP (Point-to-Point Tunneling Protocol) is an old VPN protocol that was first released with Windows 95. While it is one of the least secure protocols, PPTP is easy to configure, is already built into most platforms and has a low level of encryption that makes it very fast.
- L2TP/IPsec (Layer 2 Tunneling Protocol/Internet Protocol Security) combines two protocols to create a tunnel and provide security. L2TP/IPsec is more secure than PPTP, but connections are slow and it is not as efficient as other solutions, like OpenVPN.
- SSTP (Secure Socket Tunneling Protocol) is a Microsoft-built protocol that is integrated into Windows. There is support for other systems, but SSTP is optimized for Windows. The benefits of SSTP include its ability to bypass most firewalls, a high level of security and ease of use.
- IKEve/IPsec (Internet Key Exchange, Version 2/Internet Protocol Security) combines a key exchange protocol with encryption to implement a VPN connection. IKEv2 was jointly developed by Microsoft and Cisco. Because IKEv2 is just a tunneling protocol that provides a secure key exchange session, it is frequently paired with IPsec for encryption and authentication. IKEv2 is commonly used in mobile VPN solutions, because it can quickly reconnect if Internet connections are lost or during a network switch, such as from WiFi to mobile data.
- Open VPN – OpenVPN is an open source VPN protocol based on OpenSSL and TLS. It is one of the most popular VPN protocols because it offers a very high level of security, compatibility with multiple encryption methods, the ability to bypass most firewalls and it is available on almost every platform. Additionally, OpenVPN can run on a single UDP or TCP port, which makes it extremely flexible.