I've heard rumors that some service providers can see unencrypted VPN traffic of their customers. Is this true?
There are many definitions of "virtual private network," and not all VPNs use end-to-end encryption. For example:
VPNs based on Multi-Protocol Label Switching (MPLS) carve virtual switched paths out of the provider's network to carry customer traffic between edge routers. MPLS does not provide data encryption, but can be used in conjunction with IPsec when encryption is required.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
VPNs based on the Layer Two Tunneling Protocol (L2TP) relay dial-up (PPP) sessions terminated by an ISP's Network Access Server to an L2TP Gateway at the customer's network. L2TP does not provide data encryption, but is commonly used over IPsec transport mode to provide confidentiality (for example, within Windows XP/2000).
Network-based IPsec VPN services often use a carrier-class VPN switch at the provider's point of presence (POP) to initiate and terminate VPN tunnels across the provider's backbone. The "tail circuit" between the customer's premises and the provider's POP (for example, a dedicated T1 link or a Frame Relay PVC) may or may not be encrypted.
If you require end-to-end confidentiality from your VPN service -- that is, encryption from customer premises to customer premises, without any point in the middle at which your data is cleartext -- then it's important to explicitly look for a secure VPN service that provides this. For example, most managed IPsec VPN services can deliver end-to-end encryption. But whether or not they actually do encrypt end-to-end is determined by the VPN's security policy configuration.
Dig Deeper on Managing Virtualization
Understanding the functions of a wireless access point vs. wireless router will help you deploy the right device for the right circumstance.continue reading
Learn the difference between a site-to-site VPN and a remote-access VPN, as well as the protocols used for each one.continue reading
Need to send an email, check your flight's status or get ready for a presentation? You can do it all on your smartwatch, thanks to a slew of Apple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.