Don't forget about point-to-point tunneling protocol VPNs

Clarifying issues surrounding this emerging security architecture

One of your fellow readers recently wrote in bemoaning that Secure Sockets Layer remote access was getting all sorts of attention, while Point-to-Point Tunneling Protocol VPNs never get any ink.

"Nobody ever mentions the free PPTP VPN client software that is already installed on the vast majority of all client platforms," he wrote. "This is and has been a standard component of Windows. The license has been paid for already. With Windows 2000 and XP, setting up a VPN is about as difficult as setting up a modem."

Well, he's right. If you've got a corresponding Windows server to support the clients, you can set up Internet-based corporate remote access with the equipment you've already bought for other reasons. And he's right that it has become a standard component of Windows clients since Windows 98.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

One of your fellow readers recently wrote in bemoaning that Secure Sockets Layer remote access was getting all sorts of attention, while Point-to-Point Tunneling Protocol VPNs never get any ink.

"Nobody ever mentions the free PPTP VPN client software that is already installed on the vast majority of all client platforms," he wrote. "This is and has been a standard component of Windows. The license has been paid for already. With Windows 2000 and XP, setting up a VPN is about as difficult as setting up a modem."

Well, he's right. If you've got a corresponding Windows server to support the clients, you can set up Internet-based corporate remote access with the equipment you've already bought for other reasons. And he's right that it has become a standard component of Windows clients since Windows 98.

These free VPN clients are also supported by VPN gateways made by Cisco, Enterasys Networks, Nortel and NetScreen. And in addition to supporting PPTP, the clients support a hybrid Layer 2 tunneling protocol (L2TP) and IPSec VPN, also for free.

PPTP is the original IP tunneling protocol created by Microsoft that suffered a black eye for flaws that have long-since been corrected. L2TP is a compromise protocol hammered out between PPTP and Cisco's initial tunneling protocol, Layer 2 Forwarding.

While the Microsoft software is part of its software packages, it is not necessarily as fully featured as products from vendors that specialize in the equipment. Microsoft is playing catch-up with features other vendors had years ago, such as the ability to work across firewalls to perform network address translation, and support public-key infrastructure.

So if you are looking into remote access over the Internet and your PCs and servers run on Windows platforms, you might have a free solution in your hands already. But check out other options anyway to compare features that the Microsoft lacks and that you may be willing to pay for.

Read more about security in Network World's Security section.

Tim Greene is senior editor at Network World.