If you are looking to find a VPN provider, you need to choose one with the protocol that is best suited to your needs. While some are clunky and outdated, others are safe and secure. In fact, some providers allow you to choose between different protocols.
Below are listed some of the more well-known VPN protocols. We included those that work and are highly recommended, as well as those that don’t live up to their promises.
OpenVPN is highly configurable and very popular. Using open-source technology like SSL v3/TLS v1 and OpenSSL library protocols for encryption, it can be designed to allow a server to work with TCP port 443. Doing this makes the OpenSSL transfers of data virtually identical to HTTPS traffic across a secure website. In other words, a complete block becomes very unlikely.
Additionally, OpenVPN can be set to use AES encryption, rather than the less effective Blowfish encryption. Using Open VPN will require you to install a third-party application, such as a desktop or a mobile app. That's because it isn’t included in most mobile or desktop operating systems. Unlike some other VPN protocols, no one has hacked or otherwise compromised the integrity of OpenVPN, including the NSA. Because of this extra assurance of security, OpenVPN is a great choice.
Being owened by Microsoft, it makes it a good choice for Windows. First released in Vista Service Pack 1, Secure Socket Tunneling Protocol is fully integrated into Windows operating system. That is the only advantage SSTP has over OpenVPN. SSTP is supported on some other operating systems as well, but not as extensively. Unlike OpenVPN, SSTP is a proprietary protocol, though, which means it doesn't go through as many independent audits.
SSTP uses SSL v3 encryption, allowing it to get around firewalls, as OpenVPN does. And it's configurable to use AES encryption as well. SSTP is definitely not the worst choice, it's similar to OpenVPN, although with much fewer security tests done. It's a good choice for Windows users and it's more secure than IPsec or L2TP.
Layer 2 Tunnel Protocol is integrated into desktop and mobile operating systems, making it very easy to access and set up. It doesn’t encrypt on its own and it's usually used side by side with IPsec encryption. Because all data must first be converted into L2TP and then encrypted with IPsec, this VPN protocol runs slower than the others on this list. Using UDP port 500, L2TP cannot be cloaked on another port, making it harder to dodge firewalls and far easier to block.
Although IPsec encryption is reported to be safe, some users are apprehensive that NSA has undermined its security, but there is no solid proof of this. Because of this concern, users usually choose OpenVPN or SSTP over L2TP.
Point-to-Point Tunneling Protocol may be readily available on many platforms and very easy to access and set up. But it's important to keep in mind that it has many issues regarding true security. It is very probable that intelligence agencies, like NSA, have been decrypting PPTP. The truth is that it's far easier to compromise than other protocols. These connections are very vulnerable to hackers, governmental oversight, and other types of virtual attacks.
PPTP has been through several evolutions since its release for Windows 95, but it is no longer the standard for VPN protocol. In fact, most professionals will urge users to stay away from PPTP. The ease of access and widespread availability is not worth when security is not present.
OpenVPN is a good choice all around, and well worth installing a third party application for its use. For Windows users, SSTP is also a good choice as far as security, stability, and ease of set-up goes. L2TP is the third choice on this list due to its slower speeds originated by the two-step encryption process. The last choice, PPTP, is only a good choice if the VPN is limited to PPTP, and should otherwise be avoided.