There are many different aspects to security while using a VPN, such as how encryption would work, how the data traffic would be handled, what would be the most secure transmission path, and so on. We will be examining the different tunneling solutions available, starting with Generic Routing Encapsulation. As the article by Jahan, Rahman, and Saha (2017) continues to explain “The GRE was normally used as an encapsulation protocol wrapping higher-level protocols. Mainly this tunnel is used to carry IP packets or non-IP packets through the public IP network. This tunnel also can be used for the encapsulation with any OSI layer 3 protocol.” It’s a rather simple, but powerful tunneling technique that can send fast communication between the networks. However, it’s not as secure as others, as GRE doesn’t encrypt the data transferred, therefore it should only be used for time sensitive applications, such as using it for video meetings or streaming. Next would be Internet Protocol Security, or IPSec for short. Its more secure as protocols are put together in IPSec tunneling to provide a more stable IP layer packet. Unlike GRE, IPSec does actually have an encapsulation protocol, and an authentication protocol. The former of which, as discussed by more individuals in computer related sciences, Abdullah Alshalan, Sandeep Pisharody, and Dijiang Huang (2015), “provides data source authentication, data integrity, data confidentiality and anti-replay protection of IP packets by encapsulating the data to be protected between the ESP header and trailer” and the latter of which, further discussed by Alshalan, Pisharody, and Huang (2015) “Authentication Header (AH) supports data source authentication and data integrity, but does not offer any form of confidentiality.” It also has the Internet Key Exchange protocol, which is responsible for deciding the connection settings for IPsec and authenticating the two end points. IPSec is far better for security, as it provides solid encryption and authentication between the two receiving ends. There are many other kinds of tunneling techniques, so the last one we will be focusing on before we talk more in depth about privacy would be Point to Point Tunneling Protocol. PPTP is one of the remote access tunneling protocols, as it uses private tunneling to a network. Back to the article from Jahan, Rahman, and Saha (2017), “Firstly, the PPTP encapsulates packets inside PPP packets, then encapsulated with GRE and lastly wrapped in IP header.” Like IPSec, PPTP also has encryption and authentication, although it’s not as secure as IPSec. Ultimately, what protocol should be used for VPN’s depends on what is necessary for the time. For more time sensitive matters, like video meetings, streaming, phone calls, and so on, GRE would be best suited due to its sheer speed. For more confidential security when using applications like transferring files, emails, and so on, then IPSec and PPTP would be better for the job. At the end of the day however, there are many options for tunneling techniques, so it’s up the professionals to decide what would be best for the job. The topic of privacy easily goes hand and hand with security, as they should be considered the two top priorities for usage of the internet, and by extension, VPNs.
IT-Details 