Automatic Selection
Ease of use is one of our cornerstones. PureVPN apps can choose the VPN protocol best suited for your connection. All you have to do is connect and we take care of the rest for you.
Internet Protocol Security, aka IPSec, is a framework of open standards. It is developed by the Internet Engineering Task Force (IETF) and provides cryptographically-based security to network traffic. It also enables data origin authentication, confidentiality, integrity and anti-replay. Offering support for both IPv4 and IPv6, IPSec is deployed when it comes to the implementation of a VPN. The terms 'IPSec VPN' or 'VPN over IPSec' refer to the process of creating connections via IPSec protocol. It is a common method for creating a virtual, encrypted link over the unsecured Internet. Unlike its counterpart (SSL), IPSec is relatively complicated to configure as it requires third-party client software and cannot be implemented via the web browser. Furthermore, it is commonly used for secure remote access between offices in multiple locations.
IPSec provides protection against replay attacks. It assigns a unique sequence number to each packet. If it detects a packet with a duplicate sequence number, it is replayed and dropped.
The Hash Message Authentication Code (HMAC) verifies that the packets are not changed.
PFS in an IPSec VPN service enhances the security of your VPN connection. It does so by ensuring a unique session key for each negotiation.
IPSec works below the transport layer, so it is transparent to users and applications. So, you do not need to make any changes to software when implementing it on your router or firewall.
Re-keying at set intervals bids farewell to manual reconfiguration of secret keys. It also ensures protection against most interception and impersonation attacks.
Packets are encrypted by the sender before transmission. As a result, sensitive data will only reach its intended recipient.
IPSec (IKEv2 & L2TP) vs SSL (OpenVPN & SSTP)
The following is an in-depth comparison between SSL and IPSec so that you can choose the best one for your needs.
IPSec | SSL | |
---|---|---|
Performance | Operates via a piece of software on the client, so it may take a while longer to negotiate connections. | Operates via web browsers, making it slightly faster when it comes to negotiating a connection. |
Security | Supports replay protection and network-level authentication as well as data integrity and confidentiality. | Uses SSL or TLS for encryption as well as public keys, private keys, and digital certificates for authentication. |
Ease of Use | The implementation and configuration process is typically lengthy. | Deployable using virtually any modern day web browser. |
Firewall Traversal | Relatively easy to block by firewalls. | Suitable for bypassing firewalls as it uses port 443 – the default port for secure HTTPS traffic. |
Control | Broad access to the internal network or applications, which can lead to security concerns. | More granular access control, but requires more management. |
Data Authentication | Internet Key Exchange (IKE) | Key exchange algorithms like Elliptic Curve Cryptography (ECC) and RSA. |
Protect Against Attacks | Since it provides remote access to the entire network, the attack surface is wide. | Limited attack surface as it enables remote access to specific applications and systems. |
Conclusion | Ideal as a site-to-site VPN. | Preferred for granular remote access. |
PureVPN offers support for all major VPN protocols and platforms.
Ease of use is one of our cornerstones. PureVPN apps can choose the VPN protocol best suited for your connection. All you have to do is connect and we take care of the rest for you.
You have the option of using a different protocol for your VPN connection. You should take a look at our VPN comparison chart for a better understanding of what each brings to the table. Still uncertain? Try these VPN protocols in the following order:
31-Day Money Back Guarantee