VPN Articles and News

What is SSTP Protocol?

Friday, May 16th, 2014

SSTP (Secure Socket Tunneling Protocol, also known as Microsoft’s SSL VPN) is a tunneling protocol that makes it possible to transmit PPTP or L2TP traffic through SSL channels. Unlike other VPN protocols that have been around for more than a decade, the SSTP protocol was conceptualized and developed quite recently which could be the reason for its low popularity. In this article, we will learn more about the protocol and discuss the pros and cons of using it.

History – SSTP was proposed by Microsoft in 2007 as a way to transfer Point-to-Point Protocol (PPP) data through Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS) connections. The need for such a tunneling mechanism was felt since it is relevantly easy to block PPTP and L2TP based VPN traffic just by blocking access to specific ports used by these two protocols. Unlike other VPN protocols, the SSTP protocol does not support site-to-site tunnels, it was designed to allow only remote client access.

System Support – Unlike other VPN protocols, SSTP is not compatible with a vast majority of Operating Systems or mobile devices. The protocol works only with Microsoft Windows (Vista SP1 and later), BSD, Linux, Mikrotik RouterOS and SoftEther VPN Server. Most VPN providers that provide a SSTP based VPN service only offer support for Windows based computers.

Encryption – SSTP is considered as extremely secure since it encrypts traffic with 256 bit SSL keys and authenticates users with 2048 bit SSL/TLS certificates. It is also possible to use the SSTP protocol with Windows logon and smart card authentication, Windows VPN client and remote access policies. If you wish to protect your online sessions from all kinds of snooping and surveillance then using a SSTP VPN would indeed be a good choice.

Configuration – The configuration process for a SSTP based VPN is very similar to configuring a PPTP or L2TP based VPN service. It is also possible to make use of the Network Connection Wizard to configure the service and you just need to input username, password and VPN server’s URL (or IP address) to complete the configuration process.

Speed – SSTP suffers from certain performance limitations that are common for IP-over-TCP tunnels. If your VPN company does not offer sufficient bandwidth then you could experience significant lags and delays due to the way the SSTP protocol works. It definitely makes sense to use this protocol if your VPN provider has servers connected to Gigabit+ nodes and offers fast speeds and unrestricted bandwidth to all subscribers.

Port – SSTP routes traffic over TCP port 443 through the SSL protocol. Since the protocol relies on secure SSL channels on transport data, it can bypass most firewalls and proxy servers making it extremely difficult for ISPs and network administrators to block SSTP traffic.

Stability – SSTP does not have any stability issues. The protocol is considered more stable than the L2TP protocol and offers same level of stability as the PPTP protocol.

Security Issues – There are no major security vulnerabilities associated with the SSTP protocol.

Conclusion – SSTP is an extremely secure VPN protocol that makes it possible to transmit your traffic through secure channels. However, the protocol suffers from certain performance issues and is not yet available for non-Windows systems. On the whole, it can be used at locations where PPTP or L2TP VPN traffic is routinely blocked by the ISPs.

May 16, 2014

Leave a Reply

Your email address will not be published. Required fields are marked *

9 + 4 =