What Are the Key VPN Security Technologies?

Cyber security padlock on white background
Getty Images/Peter Dazeley

Virtual private networks (VPNs) are generally considered to have very strong protection for data communications. What are the key VPN security technologies?

So-called secure VPNs provide both network authentication and encryption. Secure VPNs are most commonly implemented using IPsec or SSL.

Using IPsec for VPN Security

IPsec has been the traditional choice for implementing VPN security on corporate networks. Enterprise-class network appliances from companies like Cisco and Juniper implement the essential VPN server functions in hardware. Corresponding VPN client software is then used to log on to the network. IPsec operates at the layer 3 (the Network layer) of the OSI model.

Using SSL for VPN Security

SSL VPNs are an alternative to IPsec that rely on a Web browser instead of custom VPN clients to log on to the private network. By utilizing the SSL network protocols built into standard Web browsers and Web servers, SSL VPNs are intended to be cheaper to set up and maintain than IPsec VPNs. Additionally, SSL operates at a higher level than IPsec, giving administrators more options to control access to network resources. However, configuring SSL VPNs to interface with resources not normally accessed from a Web browser can be difficult.

Wi-Fi vs. VPN Security

Some organizations use an IPsec (or sometimes SSL) VPN to protect a Wi-Fi local area network. In fact, Wi-Fi security protocols like WPA2 and WPA-AES are designed to support the necessary authentication and encryption without the need for any VPN support.