Point-to-Point Tunneling Protocol (PPTP) is a VPN technology that was specified by a group of system vendors intended to promote easy VPN deployments. It exists in multiple implementations, which are vendor specific, such as Microsoft PPTP. The most commonly-used underlying mechanisms for authentication and encryption have been found highly vulnerable. Even after many attempts to fix issues in the PPTP security hole, it can be stated that the mechanisms for authentication and encryption used in PPTP still exhibit major vulnerabilities and are not state-of-the-art. I recommend not deploying PPTP as a VPN solution and argue to deprecate this protocol. The only somewhat safe way of deploying PPTP would be by using Transport Layer Security (TLS), which requires the implementation of an entire PKI infrastructure, which is why most people stay away from it. But even then, you run into similar security issues that plague SSL VPNs today.
The two only serious VPN technologies are Secure Sockets Layer (SSL) and Internet Protocol Security (IPsec ) VPN. SSL VPN is similar to PPTP in that it is easier to deploy than other VPN types. The strength of IPsec VPN is its transparency over the IP network layer, which works in both versions of IP: IPv4 and IPv6. But its key strength results from the fact that it is an IETF standard, a framework of open standards protocols that support state-of-the-art strong authentication, authorization and encryption schemes and can be implemented in various standards-based ways.
Email your VPN-related questions to email@example.com.
Dig Deeper on Branch office network design
Related Q&A from Rainer Enders
Administrators don't have to worry about interoperability; integrated mobile application and device management is the best approach. Continue Reading
Ensuring that the client software itself is up to date is just one of many reasons why it's critical to oversee VPN clients. Continue Reading
To ensure mobile device security, VPN expert Rainer Enders explains that it is crucial to monitor changed states and block software modifications. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.