Whether you’ve decided to set up your own VPN or you’re thinking of going with an existing provider, you’ll need to consider which protocol is right for your day-to-day requirements.
The type of protocol you decide on depends on factors like the level of security you need, the type of system and/or devices you use, and whether you’re a business or personal user.
Many VPN providers offer multiple protocols, so we’ve listed some of the different types available – and the pros and cons of using them – to help you decide on the one that’s right for you.

PPTP
PPTP (Point-to-Point Tunneling) is most typically used on aged systems and outdated devices, as it’s been available since circa Windows 95. It comes with easy installation and is available on Mac and Linux, as well as Windows.
Due to its good speeds, PPTP is the choice for many businesses and personal users, but it comes with a major flaw: security. It has several security vulnerabilities, and while it may operate faster than other protocols, and it comes built into many different platforms, it’s likely exposed to snooping from hackers; as well as the NSA.
Really, PPTP should only be used for high-speed, low-risk browsing – for activities like geo-spoofing for streaming services.
Pros | Cons |
|
|
As L2TP (Layer 2 Tunnel Protocol) comes without any encryption, it needs to be applied with an IPsec encryption. While this might not be ideal for the download-and-go user, the level of encryption is good for corporates. Once the IPsec is implemented, it becomes a highly secure connection.
It comes built in to modern systems and mobile devices, similar to PPTP. But as it uses multiple ports, it can be somewhat difficult to set up with a router. If the device you use supports the OpenVPN protocol, there’s not much need to use L2TP. While slightly slower than PPTP, it overcomes many of the security vulnerabilities PPTP has, and is much more secure. But it doesn’t offer the level of security OpenVPN does, nor the speed.
More security is necessary for businesses or personal users, like P2P sharers, so anyone with the ability to configure the IPsec encryption would benefit from this protocol.
Pros | Cons |
|
|
OpenVPN
OpenVPN is a solid choice for anyone using a Site-to-Site or a Remote-Access VPN. By using a custom security protocol, based on SSL and TLS protocols, it provides users with a robust solution to cyber security.
OpenVPN is a very flexible protocol. While it runs most optimally on a UDP port, it can actually be configured to run on any port. That’s what makes it so difficult for services such as Google to block them.
Out of them all, OpenVPN definitely provides the best level of security. While the level of security that it offers comes at a cost with speed, it’s still faster than most of the other protocols. Though it’s considered that some protocols are at risk of being compromised by the NSA, OpenVPN is assumed to be immune due to its use of key exchanges.
Pros | Cons |
|
|
SSTP
SSTP (Secure Socket Tunneling Protocol) first came on the scene in the Windows Vista Service Pack 1. It’s often considered more reliable than OpenVPN if you’re a Windows user, as it comes integrated in the system; whereas OpenVPN doesn’t.
By transporting traffic through an SSL/TLS (Secure Sockets Layer/Transport Layer Security) channel, the SSTP protocol provides reliable security along with quality encryption and key negotiation. Doing this also allows the protocol to bypass almost all firewall and proxy servers.
As user access is restricted with this protocol, it’s ideal for service providers such as online retailers. This owes largely to the fact that it can configure to an AES encryption which ensures a highly secure connection.
Pros | Cons |
|
|
IKEv2
Co-created by Microsoft and Cisco, IKEv2 (Internet Key Exchange Version 2) is an IPsec-based tunneling protocol. It comes pre-installed into many of the later additions of Windows, and offers open-source implementations for platforms like Linux.
It’s one of the few protocols that support mobile platforms like Blackberry. And while it exists on much less platforms than IPsec, it’s considered a fair contender when it comes to both reliable performance and security.
Pros | Cons |
|
|