Types of VPN

Paul's picture

Types of VPN are perhaps best classified by the level of security offered by the connection. Creating an analogy to paper documents, you may choose to keep your bank statements in a lockable filing cabinet in your home, whereas the deeds of your house would be better secured in a safety deposit box at your bank. In the same way your decision on which VPN technology to use will depend to a large extent on the level of security you feel that your data warrants.


Some types of VPN require the installation of software on the client whereas others operate through a web browser. Microsoft Windows comes with client software for PPTP and L2TP/IPSec preinstalled and PPTP is popular because of its ease of use, though it is not regarded as being as secure as L2TP/IPSec.


We can compare the various security levels available and the applicability of each by comparing a network connection to the postal service. Data is sent around networks in small ‘packets'. A VPN ‘packet' consists of a header (the equivalent of the address used by the postal service) and the data (the contents of the message). Sending a picture postcard to friends or relatives from a vacation offers very little security for the information it contains but it is still an accepted way of communicating provided the information is not confidential. You would not consider sending the PIN of your cash-point card through the postal service on a postcard, so neither should you send sensitive data over a VPN connection with poor security.


A more secure way of transmitting information through the postal service is to enclose it in an envelope. In this way, the sensitive information cannot be readily seen. However, the addresses of the sender and receiver on the envelope can be seen and could be used for fraudulent activities.


If an envelope contained addresses in bar code format which could be read only by the Postal Service we would have succeeded in securing both the routing information and the data in the envelope.


Finally, if the sender and the receiver agreed to communicate using a code known only to the two of them, this would add a further level of security.


So it is with VPN technologies, with the various systems providing various levels of security for the data (the contents of the ‘envelope') and the header (the ‘address' information).