IPsec vs SSL vs VPN

More companies have opted to use the remote-work model in recent years, especially during the COVID-19 pandemic. Organizations worldwide increasingly embraced remote work because of its flexibility and increased productivity, without forgetting it can save a lot of costs – such as costs of buying or renting facilities.

To work, employees need to have access to their enterprise resources. The internet is available to offer this; however, remote access introduces various security threats, as employees need to access sensitive data over untrusted internet connections.

To secure remote connections, organizations utilize the Virtual Private Network (VPN). A VPN allows users to connect to their organization network and access its resources as if he/she was in the office. VPN establishes an encrypted tunnel between two locations (commonly, a user endpoint device and remote server) via the internet. VPN is not used merely to secure online connections in an enterprise environment. For instance, individuals increasingly use them to anonymize their online identity, as it can effectively conceal internet users' devices' IP addresses when surfing online.

This article sheds light on the key differences between the three popular internet users commonly hear when reading about the best methods to secure internet connection between computer networks located in different physical locations.

What is a VPN?

A Virtual Private Network is a security service that allows secure connections between two locations online. In 1996, the concept of VPN technology was first introduced when Microsoft corporation developed the peer-to-peer tunneling protocol, or PPTP, to scramble data exchanged between an internet user and a remote server. As the internet advanced quickly, VPN technology became the de-facto standard for securing connections across the internet.

The VPN is a collective term used to describe many security protocols used to connect remotely to a private network over the internet. Examples of VPN protocols include:

• PPTP - Point to Point Tunneling Protocol
• L2TP/IPSec - Layer 2 Tunneling Protocol over Internet Protocol Security
• OpenVPN
• SSTP (commonly used by Windows-based devices)

In its early days, business corporations used VPN extensively; however, the need for digital privacy increased after the internet's proliferation worldwide. As a result, VPN services are now widely used by internet users to protect their online privacy, conceal their actual IP address, and circumvent internet censorship in less free countries (see Figure 1).

There are mainly two types of VPN, IPsec and SSL VPN.

IPsec (Internet protocol security)

IPsec is a suite of security protocols and encryption algorithms used to secure communications across IP networks. IPsec was primarily created to address the lack of security in IPv4. For instance, traffic sent over IPv4 can be intercepted or altered. IPsec uses different cryptographic services to secure data exchange over the internet. IPsec is used to secure online connectivity in different connection scenarios, such as host to host, gateway to host, or gateway to gateway. In this context, a security gateway is an intermediate network device like a switch, a firewall, or a router that supports IPsec.

There is no standard software to use IPsec, as different providers can have different implementations for it. However, it offers robust end-to-end encryption, and its traffic is fully encrypted and authenticated. IPsec is the preferred protocol used by VPN providers, as it uses the network layer (third layer) of the OSI model, composed of the following three protocols: Security Association (SA), Authentication Header (AH), and Encapsulating Security Protocol (ESP). Client software (commonly purchased from a third-party provider) should be installed on the user's devices to access the VPN network to use IPsec. Once installed, the IPsec VPN client will offer complete security for all applications running on the user device, which is the significant difference between IPsec VPN and the SSL VPN.

IPsec uses one of the following two modes of operation: tunnel mode and transport mode.

• The IPsec tunnel mode is commonly used to connect two networks across the internet, and it is more secure than the transport mode.
• The IPsec transport mode is used to connect two workstations or to connect a workstation and a gateway.

Government agencies and big enterprises mainly use IPsec to secure their sensitive resources from remote locations. When accessing a private network over IPsec, users can navigate all network resources as if they were in the office.

SSL

Secure Sockets Layer (SSL) is a relatively new implementation (compared with IPsec) that is increasingly gaining attention as a method of VPN service without installing client software. SSL was replaced by the modern Transport Layer Security (TLS) in 2015. However, many people still refer to it as SSL. SSL is commonly used to encrypt HTTP (the secure connection between a user and a web server (see Figure 2)) and SMTP traffic. SSL works on the application layer of the OSI model.

When using SSL for VPN, it does not require installing client software on an end-user device, as one can implement it directly in the user web browser—all popular web browsers (e.g., Chrome and Firefox) support SSL. However, keep in mind, in contrast with IPsec, SSL only protects the web browser traffic. For other applications running on end-user devices, such as email clients and IM chat applications, traffic is not encrypted.

Summary

VPN allows organizations and individual users to securely exchange data across the internet without exposing transmitted data to unauthorized third parties. This explains vital variations between the two security protocols: IPsec and SSL, and describes how users can use each one as part of their VPN service.