What is SSTP VPN and why should you know about it
What is SSTP VPN? How does it compare to other VPN protocols? Is it the best protocol available? Is it the safest? Should I use SSTP? Does it offer good speeds? These are all questions you’re probably asking yourself if you are trying to decide which VPN protocol to use.
We all wish we had an expert opinion to listen to so that we could always make the best decision. With so many options out there, which VPN protocol is considered the best? I’m not here to tell you that I have the perfect answer.
But I will try to provide some information on the subject so that you can at least be more informed on this topic once you’ve finished reading it. So, having said this, it’s about time we started looking into some details regarding what SSTP VPN is.
Table of contents
- 1 What is the SSTP VPN protocol?
- 2 SSTP technical details
- 2.1 How does SSTP work?
- 2.2 SSL/TLS
- 3 SSTP speed, security, setup process and compatibility
- 3.1 What browsing speed does SSTP offer?
- 3.2 How secure is the SSTP protocol?
- 3.3 How compatible is the SSTP protocol across various operating systems?
- 3.4 SSTP setup process
- 4 SSTP versus other VPN protocols
- 4.1 SSTP vs OpenVPN
- 4.2 SSTP vs IKEv2/IPSec
- 4.3 SSTP vs L2TP/IPSec
- 4.4 SSTP vs PPTP
- 4.5 SSTP vs SoftEther
- 6 Conclusion
What is the SSTP VPN protocol?
The Secure Socket Tunneling Protocol (STTP) is a tunneling protocol which is oftentimes used for Virtual Private Connections (VPN). It was originally launched by Microsoft on the Windows Vista operating system.
The protocol enables the establishment of a SSTP tunnel using the SSL/TLS protocol. As with most VPN protocols, a connection first needs to be established between the client device and the VPN server. This is done through TCP port 443. Upon establishing this connection, the handshake operation takes place.
SSTP technical details
Now that we have a relative idea about the answer to the question “What is SSTP VPN?”, let’s take a look at the processes behind it that make it work.
How does SSTP work?
SSTP was made as an improvement to the older point-to-point protocol which didn’t offer the SSL/TLS transmission option. SSL refers to the Secure Socket Layer Protocol, which is used for securely transmitting information over the network. SSTP allows users to access networks using HTTPS.
In order to better understand the protocol, let’s examine another protocol implemented into SSTP, namely, the SSL/TLS security protocol.
The SSL protocol has been upgraded to the transport layer security (TLS), and is applied through port 443 using the transmission control protocol (TCP). SSL/TLS does offer security features such as key negotiation, encryption, and can also check the data packets’ integrity.
The SSL protocol was last updated in 1996, while still under Netscape development. Afterward, ownership was changed and it was renamed TLS. Afterward, the protocol underwent further updates, the last one having been released in 2018. Strangely enough, this security protocol is still widely known as SSL. However, in many cases, although it is mentioned as SSL, actually the TLS protocol is used.
Hopefully, this is the case with SSTP as well. It is actually a little confusing because some sources state that the SSTP protocol uses SSL 3.0, whereas others claim it uses the SSL/TLS protocol.
SSL/TLS provides authentication through what is known as the handshake. Some protocols used for the authentication stage are EAP (extensible authentication protocol) and MS-CHAP (Microsoft’s own version of the challenge-handshake authentication protocol). Furthermore, SSL/TLS leaves a kind of “stamp” or sign on the information it sends in order to guarantee the integrity of the data.
During the SSL/TLS phase, the SSTP server has to be authenticated, whereas client authentication is optional at this point. However, client authentication is obligatory during the PPP phase.
SSTP speed, security, setup process and compatibility
Perhaps for some readers who are well-documented, or perhaps for IT specialists, the above section may have proved to be of great interest. For most of us, however, it’s probably rather difficult to process and understand. Therefore, let’s take a look at some of the more graspable information regarding more approachable aspects.
What browsing speed does SSTP offer?
Obviously, speed is one of the most important factors for VPN users, after security. For most users, if a VPN is frustratingly slow, they will often decide to opt for a different protocol.
The SSTP protocol seems to offer decent speeds for good computers with good connections. This means that you would need to have a good central processing unit (CPU), as well as a good bandwidth.
If you don’t check these requirements, you might find yourself confronted with frustrating internet speeds and laggy connections. This is in part due to the strong SSL/TLS encryption.
That being said, SSTP may not be the best option for low-specification devices if you are looking for a lightning-fast internet connection.
How secure is the SSTP protocol?
It seems that the SSTP may be among the more secure protocols. Boasting the AES 256-bit encryption offered by the TLS security protocol, in this aspect SSTP seems to come up to the security level offered by OpenVPN, perhaps the most appreciated VPN protocol available.
While the specifications are promising, the SSTP protocol does prove to be lacking in at least one aspect. Having been produced solely by Microsoft, it doesn’t have the open-source character available with other protocols. Moreover, Microsoft has been known for not being especially careful with user information.
How compatible is the SSTP protocol across various operating systems?
As previously mentioned, the secure socket tunneling protocol was designed by Microsoft and launched for its Windows Vista operating system. It went on to be implemented on Windows 7, 8, and 10. Thus, it is generally built into the Windows operating devices. However, what about the other major OSs?
It seems that the SSTP VPN protocol can be made to work on other devices such as Linux and Mac. However, it is not available on all smartphone operating systems, particularly iOS. Obviously, this considerably limits the access to this protocol across various devices.
Moreover, because it is solely designed by Microsoft, and is not an open-source application, it has a lower chance of being configured and implemented for these other operating systems.
In conclusion, the SSTP is one of the more incompatible protocols for users, especially those who don’t own a device that functions using a modern Windows operating system.
SSTP setup process
For devices that have this VPN protocol built into them, the setup process is relatively simple, and only requires a few arrangements in the network settings. For other devices, however, it might be more complicated. What’s more, it seems that some devices have no option or possibility of setting up this particular VPN protocol.
SSTP versus other VPN protocols
Ok, so we’ve now got a relatively good idea of what SSTP has to offer. But to get an even clearer picture of the pros and cons of this protocol, it would definitely be of help to compare this protocol to the other major VPN protocols available.
SSTP vs OpenVPN
Right from the start, let me say that there are a lot of positive aspects with regards to this protocol. SSTP uses the AES 256-bit encryption. But so does OpenVPN.
However, OpenVPN has a very big advantage with regards to security, namely that it is an open-sourced protocol. This basically means that if any programmer finds a new improvement which can be added to this protocol, it can be implemented. Thus, you could see things like this: OpenVPN has people working on it all the time, as opposed to the Microsoft-owned SSTP protocol.
Another major win for the OpenVPN protocol is its availability across devices, being available to most major operating systems such as Windows, Mac, Linux, iOS and Android. As previously stated, SSTP does suffer somewhat regarding its compatibility features.
It is possible that SSTP would be more convenient for Windows users, as it is readily available on their devices, however nowadays, if you have a VPN subscription, most of the respectable VPN providers should offer OpenVPN as an option.
Having said these things, it would be fair to conclude that OpenVPN is a clear winner between these two protocols.
SSTP vs IKEv2/IPSEC
Once again using AES 256-bit encryption, IKEv2 offers the same encryption standard as the SSTP protocol. However, a major difference would be that the security protocol used in the case of IKEv2 is IPSec, whereas SSTP uses SSL/TLS.
With regards to speed, IKEv2 is probably superior. This may be in part due to the fact that it sends the packets over a UDP port, instead of a TCP port, as is the case for SSTP.
What’s more, the IKEv2/IPSec protocol supports the MOBIKE feature, which basically ensures a continuous VPN connection even when changing networks on a device.
In terms of compatibility, it is not the strong point for either one of these two protocols. While IKEv2 does have open-source implementations, it seems to offer less support for devices using other operating systems than Windows and Blackberry.
SSTP vs L2TP/IPSec
In terms of speed, SSTP is a clear winner, since L2TP/IPSec is not the fastest protocol out there. Due to its double encapsulation process, the browsing speeds offered by the L2TP VPN protocol can sometimes leave much to be desired.
As previously mentioned, SSTP does require a good CPU and bandwidth, but is also the safer of the two.
Copatibility-wise, however, L2TP has the edge, since it does offer a much wider range, being easily accessible on operating systems such as Windows, Mac, Linux, iOS, and Android.
SSTP vs PPTP
While both were created by Microsoft, SSTP has a slight disadvantage of being developed solely by Microsoft. Despite that, SSTP is a better candidate in terms of security because it offers 256-bit encryption.
In terms of speed however, SSPT takes a back seat when compared to PPTP. The stronger encryption makes SSTP slower. When it comes to compatibility, PPTP comes on top once again because it is natively integrated into many platforms.
SSTP vs SoftEther
SSTP and SoftEther both seem to offer a decent level of security when it comes to high encryption and supported ciphers, but SoftEther is simply more trustworthy because it’s open-source and because it isn’t owned by a company that’s been known to collaborate with the NSA. Speed-wise, there’s a chance that SoftEther is faster than SSTP since it was programmed with fast throughput in mind.
While it's true that SoftEther may be more difficult or inconvenient to configure than SSTP. After all, SSTP is built into the Windows platform, so it can be easily configured with just a few clicks. In addition, if you use a third-party VPN service that provides SoftEther connections, you still need to download and install SoftEther software on your device.
To sum up, SoftEther is the better alternative in this comparison for the obvious reasons - security and speed.
To sum things up, it would be fair to say that, while SSTP seems to be a fairly decent VPN protocol, having been produced solely by Microsoft, its security is not completely reassuring.
Moreover, since it’s not available on iOS devices, it doesn’t excel in terms of compatibility either. There seem to be better options available for VPN protocols, such as OpenVPN.
Should you decide to use it however, the good news is that HideIPVPN does offer this protocol as an option for its users.
Not only that, but our user-friendly VPN client has been optimized for most devices out there, which means that regardless of your choice of device and operating system, you should be able to use HideIPVPN for a secure and rather anonymous browsing experience.
Even though we are more focused on quality than anything else, we did find a way to provide our services at low costs for your conv enience. And on top of that, our support team is always available should you encounter any kind of issue.
With our AES-256 encryption, there’s not much else you can wish for in terms of security. And when it comes to speed, by using top-quality servers strategically located all around the world for the best performance, we are proud to say that we provide some of the best VPN speeds available at the moment.
Why don’t you try out our services and see for yourself?