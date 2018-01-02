Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / What is OpenVPN? A Closer Look
What Is OpenVPN? A Closer Look at the VPN Encryption Protocol
What Is OpenVPN? A Closer Look at the VPN Encryption Protocol
By Jonas DeMuro Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JANUARY
02
2018
Once in the realm of the tech elite, VPN software has increasingly been used by the tech masses. This trend has most recently been driven by ISPs selling browsing histories in the U.S. -- and therefore, in effect, the user’s privacy -- to the highest bidder to facilitate targeted advertising.

With access to robust VPN platforms, users can more closely guard their online privacy, and access other benefits like a better level of security when using public Wi-Fi.

The main pillars of a VPN are security and privacy, and these services use an encrypted tunnel to transmit your data online, with many benefits therein as we’ve previously discussed. When configuring a VPN, there are several choices for encryption protocols which can be used, and among these, one of the more popular options is currently OpenVPN.

The OpenVPN project was founded by James Yonan, and was initially released back in 2002. Yonan had a background in software development for the original IBM PC, as well as financial trading. He is still involved with the project, and serves as the co-founder of the company, as well as the CTO of OpenVPN Technologies.

One of the reasons OpenVPN is popular is the fact that it supports all the major operating systems, including the expected desktop platforms of Windows, macOS and Linux, as well as the mobile platforms of Android and iOS. It also supports the less common platforms of FreeBSD, QNX, Solaris, Maemo, and Windows Mobile.

The whole point of a VPN security protocol is to provide a high level of security, and OpenVPN excels at this. It features up to 256-bit encryption via OpenSSL, a widely deployed software library to secure communications across networks. OpenSSL supports conventional encryption in Static Key Mode via pre-shared keys (PSK), and also public key security via client and server certificates. OpenVPN features not only state of the art security, but it’s also highly adaptable via third-party software.

In fact, there are commercial OpenVPN providers that take the OpenVPN protocol, and turn it into a VPN client for their users. An example of this is PrivateTunnel, a branded VPN that comes directly from the folks at OpenVPN, including James Yonan, who is also a founder of PrivateTunnel (and its CTO).

At the other end of the spectrum, there are also vendor-neutral OpenVPN clients, such as SecurePoint SSL VPN Client, and OpenVPN MI GUI, both of which are available as free software, although only the former is open source.

TCP and UDP

When used for the transmission of data, OpenVPN can utilize two different protocols: TCP and UDP. The Transmission Control Protocol (TCP) is the more commonly used affair, and is designed for high reliability, as it includes error correction, and is known as a 'stateful' protocol. Each time a packet gets sent with TCP, the sender awaits confirmation before sending the next packet, but this transmission overhead slows the connection down.

This frequently translates into higher latencies, generally speaking, although this is variable and dependent on server and client locations.

An alternative protocol that OpenVPN can also employ is UDP, or User Datagram Protocol. Here the communication between the computer and server is much faster, but at the expense of reliability. The data is just sent without waiting for any confirmation, and no data gets retransmitted if it is not received, which is why this is known as a ‘stateless’ protocol.

With a lighter transmission overhead, latency is improved, and it makes sense that UDP gets used for more latency sensitive applications such as video streaming and online gaming.

Bypass Benefits

A common use for any VPN is to bypass a firewall, whether at an office or in a restrictive foreign country, with the most commonly cited example of the latter being China with its 'Great Firewall.'

Of all the VPN encryption protocols, OpenVPN is considered to have a strong suit here, as it can help to circumvent the Deep Packet Inspection (DPI) that these countries use. DPI is a monitoring technology that inspects the traffic passing through it in real-time, but OpenVPN can be adapted to cloak traffic (although the process is somewhat involved).

Unlike other VPN encryption protocols, another strength of OpenVPN is that it is open source. Other mainstream protocols are owned by major internet giants, including PPTP and SSTP which are from Microsoft, and L2TP which is from Cisco.

OpenVPN benefits from having open source code that is freely available for modification and development, and community support to facilitate this. The entire source code for the latest version of OpenVPN, 2.4.4 (as well as older versions), was released in September 2017 and is available for download. Users are also encouraged to file bug reports so developers can continue to improve the source code, and produce regular updates.

© 2018 T-break Tech under contract with NewsEdge/Acquire Media. All rights reserved.
Tell Us What You Think
Comment:

Name:

Ricardo:
Posted: 2018-01-02 @ 5:00pm PT
Doesn't just about every VPN use OpenVPN these days? Curious to see which providers (if any) still don't.

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY
1. Report: Fancy Bear Targeting Senate
2. Spectre & Meltdown: What We Know
3. Intel CEO's Stock Sales Probed?
4. Security Meltdown: You Need To Know
5. Ransomware Hit the Big Time in 2017

NETWORK SECURITY SPOTLIGHT
Trend Micro Says Fancy Bear Hackers Are Targeting U.S. Senate
The Russian government-aligned hackers who penetrated the Democratic Party spent the past months laying the groundwork for an espionage campaign against the Senate, a report says.

ENTERPRISE HARDWARE SPOTLIGHT
Another Security Flaw Hits macOS High Sierra
Another password bug has been uncovered in macOS High Sierra, and while it's not nearly as serious as the one that cropped up late last year, it's still highly embarrassing for Apple.

ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.