Some information regarding VPNs and security.
Virtual Private Networks, or VPNs for short, are secure in that the traffic between one's device and the internet is encrypted, thereby preventing access by unauthorized entities.
Different types of VPN encryption include:
- > PPTP or Point-to-Point Tunneling Protocol: Originally designed by the Microsoft Corporation. This was the original VPN encryption protocol type but has since become obsolete as it is no longer considered very secure at all.
- > L2TP/IPSec: Layer 2 Tunneling Protocol in conjunction with the IPSec protocol offer a type of VPN encryption which is more secure than PPTP, yet some do question its security strength. This is due to the way that L2TP handles its establishment of sessions with pre-shared keys. However, that mentioned, L2TP doesn't offer any encryption itself, and that's where IPSec comes in. Many implementations of L2TP are poorly executed and data is encapsulated twice, often resulting in slower VPN connections, however when properly implemented the ability of the L2TP/IPSec VPN encryption type to utilize multi-threading makes it potentially faster than some other encryption protocol types, which do not support the abililty to do this.
- > IKEv2/IPSec: With IKEv2, or Internet Key Exchange, identity validation is done by security certificates and Diffie-Helman encryption is utilized to protect and secure key exchange. This type of encryption is considered both fast and secure.
- > OpenVPN: Very secure encryption type that is open source, has the ability to bypass firewalls, and is highly configurable. A third-party software application is necessary to utilize this type of VPN encryption method. With this type of encryption, data is encrypted and the traffic is also encrypted. Also, note that OpenVPN can be configured to run in either TCP, transmission control protocol, or UDP, user datagram protocol, modes. Choose UDP for media streaming and gaming type activity online for optimal network performance. This is due to UDP being a "stateless" protocol as there is no delivery confirmation for transmitted packets. When data integrity is an issue, choose the TCP option as this protocol does confirm as to whether or not sent packets are actually received by the location. A good example of the type of internet activity in which data integrity is important would be when there is a need to transfer website pages.
It is important to note that there are many different levels of encryption ciphers and hash authentication strengths that can be utilized and implemented by various VPN setups, all of which are factors that could potentially increase or decrease the security of any given type of encryption.
--> Plainly speaking, for most of us, L2TP/IPSec, IKEv2/IPSec, or OpenVPN encryption types will prove secure enough, with IKEv2/IPSec and OpenVPN encryption types proving to be exceptionally secure for everyone.
It is possible for your data to be compromised in a L2TP/IPSec encryption type communication transfer, but this would require someone in the middle, so to speak, impersonating your VPN server, which takes time, resources, and technical prowess which most people, let's face it, are not important enough to warrant such extreme measures just to spy on their data. However, if you're president of the United States of America or some other high-ranking public official, maybe someone would go to such a length to eavesdrop on your data communication, and then, IKEv2 or OpenVPN are highly suggested.
WARNING:-->In regards to PPTP, even though easily implemented and widely available, just plain avoid it. It's too easily compromised in these modern times.