Secure Socket Tunneling Protocol (SSTP)

The secure socket tunneling protocol (SSTP) is a VPN protocol where communications between two points use the transport layer security (TLS) to secure traffic and bypass standard network firewalls.

As software or hardware, virtual private networks (VPN) provide a private channel over public networks, like the internet, for direct connection to a host network. Tunneling protocols are the most common method for establishing a VPN connection. SSTP is an example of a tunneling protocol and built off of previous generations like L2TP to offer more robust encryption and connectivity. 

Read our Guide to Virtual Private Networks (VPN) for the Webopedia deep dive into everything VPNs and the top 18 vendors.

Note: While both share an acronym, the simple symmetric transport protocol (also SSTP) refers to communication between programs in a network and is unrelated to the VPN protocol referenced in this article.

SSTP vs. Other Tunneling Protocols

All internet communication runs through protocols that set the terms for transferring data. In computer networking, the protocols that enable data transfers between networks are called tunneling protocols. Tunneling protocols repackage data transferred over the internet that both secure the transfer and bypass standard network roadblocks. The other commonly used tunneling protocols today are PPTP, L2TP, OpenVPN, and IKEv2. Both L2TP and IKEv2 are capable of using IPSec encryption modes. 

How SSTP Came To Be

SSTP was first developed in 2007 by Microsoft for their Windows Vista OS. Before this, the Point-to-Point Tunneling Protocol (PPTP) from Microsoft and the Layer 2 Forwarding (L2F) from Cisco led to the combined capabilities of Layer 2 Tunnelling Protocol (L2TP). While proficient site-to-site VPNs of their time, these tunneling protocols could not bypass specific web proxies, firewalls, and network routers

By comparison, SSTP offers 256-bit AES for encryption, more notable security features, and faster speeds. Today, SSTP is a popular choice over its predecessors but is only compatible with Windows and some Linux distros. Other popular alternatives include IKEv2 and OpenVPN.

How is SSTP used?

Individuals and organizations deploy SSTP VPNs to secure data and online communications between users and a private network. The secure socket tunneling protocol is an example of a remote access VPN and gives client machines the ability to work in a distant, private network of their own.

How Does SSTP Work?

SSTP provides a tunnel where two parties––a VPN client and a VPN server––can communicate on an encrypted channel. With an SSTP server hosting the VPN, users can establish a secure connection online over HTTPS with TCP port 443. The tunnel serves as a medium for traffic over the TLS channel––a significant appeal of the secure socket tunneling method. TLS is the next generation of the Secure Sockets Layer (SSL) and serves as the security layer for HTTPS over the internet.

This point-to-point protocol (PPP) allows clients to surf the web without leaving a recognizable trace. Like other VPNs, the SSTP scrambles communications, so that client data is indiscernible to malicious actors online or the client’s internet service provider (ISP).

Security features of SSTP 

Relative to other tunneling protocols, SSTP offers robust security features akin to OpenVPN with SSL 3.0 and 256-bit encryption. The SSTP’s control packets contain messages that limit packet parameters, thus avoiding the possibility of a man-in-the-middle attack. The most notable SSTP features for defending data include:

  • Encryption convolutes data and prevents unintended or unauthorized access
  • Integrity checking compares the state of data regularly and verifies the legitimacy
  • Key negotiation facilitates the agreements between communicating parties

Interested in learning more about how VPNs work and use tunneling to secure users? Read VPN Security Risks: Best Practices for 2021.

Sam Ingalls
Sam Ingalls
Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, TechRepublic, ServerWatch, Webopedia, and Channel Insider.

Related Articles

Digital Advertising

What is Digital Advertising? Digital advertising is marketing to a target audience through digital platforms, including social media, email, search engines, mobile apps, affiliate programs,...

E-Commerce

E-commerce, or electronic commerce, is online-conducted business, including marketing, sales, and fulfillment. Consumers and businesses place and track orders at least partially through the...

Multi-factor Authentication (MFA)

Multi-factor authentication (MFA) is an electronic authentication process that provides extra layers of security to an application or service against various cyber attacks. Also...

RSA SecurID

RSA SecurID is multi-factor authentication (MFA) technology used to protect network resources, such as applications and websites. Its purpose is to mitigate risk and...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...