The secure socket tunneling protocol (SSTP) is a VPN protocol where communications between two points use the transport layer security (TLS) to secure traffic and bypass standard network firewalls.
As software or hardware, virtual private networks (VPN) provide a private channel over public networks, like the internet, for direct connection to a host network. Tunneling protocols are the most common method for establishing a VPN connection. SSTP is an example of a tunneling protocol and built off of previous generations like L2TP to offer more robust encryption and connectivity.
Read our Guide to Virtual Private Networks (VPN) for the Webopedia deep dive into everything VPNs and the top 18 vendors.
Note: While both share an acronym, the simple symmetric transport protocol (also SSTP) refers to communication between programs in a network and is unrelated to the VPN protocol referenced in this article.
In this definition...
SSTP vs. Other Tunneling Protocols
All internet communication runs through protocols that set the terms for transferring data. In computer networking, the protocols that enable data transfers between networks are called tunneling protocols. Tunneling protocols repackage data transferred over the internet that both secure the transfer and bypass standard network roadblocks. The other commonly used tunneling protocols today are PPTP, L2TP, OpenVPN, and IKEv2. Both L2TP and IKEv2 are capable of using IPSec encryption modes.
How SSTP Came To Be
SSTP was first developed in 2007 by Microsoft for their Windows Vista OS. Before this, the Point-to-Point Tunneling Protocol (PPTP) from Microsoft and the Layer 2 Forwarding (L2F) from Cisco led to the combined capabilities of Layer 2 Tunnelling Protocol (L2TP). While proficient site-to-site VPNs of their time, these tunneling protocols could not bypass specific web proxies, firewalls, and network routers.
By comparison, SSTP offers 256-bit AES for encryption, more notable security features, and faster speeds. Today, SSTP is a popular choice over its predecessors but is only compatible with Windows and some Linux distros. Other popular alternatives include IKEv2 and OpenVPN.
How is SSTP used?
Individuals and organizations deploy SSTP VPNs to secure data and online communications between users and a private network. The secure socket tunneling protocol is an example of a remote access VPN and gives client machines the ability to work in a distant, private network of their own.
How Does SSTP Work?
SSTP provides a tunnel where two parties––a VPN client and a VPN server––can communicate on an encrypted channel. With an SSTP server hosting the VPN, users can establish a secure connection online over HTTPS with TCP port 443. The tunnel serves as a medium for traffic over the TLS channel––a significant appeal of the secure socket tunneling method. TLS is the next generation of the Secure Sockets Layer (SSL) and serves as the security layer for HTTPS over the internet.
This point-to-point protocol (PPP) allows clients to surf the web without leaving a recognizable trace. Like other VPNs, the SSTP scrambles communications, so that client data is indiscernible to malicious actors online or the client’s internet service provider (ISP).
Security features of SSTP
Relative to other tunneling protocols, SSTP offers robust security features akin to OpenVPN with SSL 3.0 and 256-bit encryption. The SSTP’s control packets contain messages that limit packet parameters, thus avoiding the possibility of a man-in-the-middle attack. The most notable SSTP features for defending data include:
- Encryption convolutes data and prevents unintended or unauthorized access
- Integrity checking compares the state of data regularly and verifies the legitimacy
- Key negotiation facilitates the agreements between communicating parties
Interested in learning more about how VPNs work and use tunneling to secure users? Read VPN Security Risks: Best Practices for 2021.