VPN Protocols. What are they? Which one’s best for me?

VPN Protocols. What are they? Which one’s best for me?

At the heart of every VPN are one or more software protocols used to encrypt data and keep it secure. There are at least a dozen VPN protocols for VPN providers to chose from, each with its own advantages and disadvantages. Many VPN providers offer more than one protocol.

For anyone not of a technical bent, the jargon surrounding protocols can be baffling. The good news is that for the majority of users the protocols are not an issue: they are all secure. It's just that some are more secure than other. And if you're not confident about making the right choice, then you can always pick a VPN provider who offers an automatic mode to find the best protocol for you.

However, if you want to be absolutely certain the protocol you use is the best for your needs, read on. Here we offer a brief, layman's guide to some of the more popular protocols.

The main thing to bear in mind about VPN protocols is that when it comes to security and speed there is usually a trade-off. More of one means less of the other.


The initials stand for Point-to-Point Tunnel Protocol. This was the first VPN protocol to hit the market and it is perhaps beginning to show its age. It supports 40 bit, 56 bit and 128 bit encryption (more bits = more encryption). Despite being one of the simplest protocols on the market, it is secure enough for most purposes, which goes some way towards explaining why it is still popular. The plus side of its simplicity is its speed. Because it spends less time than other protocols encrypting data, it tends to be faster.


The Layer 2 Tunnel Protocol employs 256 bit encryption which crudely speaking means it does at least twice as much encrypting and decrypting as PPTP. (Or to look at it another way, it has another later of security.) This of course makes it slower than PPTP but also much more secure.


Because STTP - Secure Socket Tunneling Protocol - was developed and designed by Microsoft who are renowned for producing software with built-in vulnerabilities, this protocol is neither universally loved nor trusted. Which is perhaps a tad unfair as SSTP does its job very well. It has a high encryption rate and is notoriously hard to block.

SSTP protocol uses military grade 2048 bit SSL/TLS certificates for authentication and 256 bit SSL key for encryption, which in layman's language makes it a heavyweight in terms of security and encryption.

As you might expect from a Microsoft product, SSTP was designed and built with Windows in mind. It currently on runs on Windows 7 and above.


OpenVPN is an open-source protocol, which means nobody owns it and it is being continuously developed and enhanced by a group of enthusiasts on a non-profit basis. It is built around SSL, a widely used security protocol used – among other things – for online credit card transactions. It has the ability to use 256 bit encryption, though some VPN providers use less encryption in order to gain more speed.

Leave a Comment