A Comprehensive Guide on VPN SSTP

In today’s work-from-anywhere environment, security is a major concern. A report by Malwarebytes showed that 20% of organizations had a breach because of a remote worker. To counter these threats, you need to use several tools to create custom security infrastructure that suits your company’s needs. For instance, you can use a Virtual Private Network (VPN), which creates a secure tunnel for transmitting sensitive data. VPNs use many protocols, and one of the more popular ones is Secure Socket Tunneling Protocol (SSTP). Microsoft introduced it when Windows Vista rolled out, and people still use it extensively.

In this article, I’ll educate you on SSTP, how it works, its advantages and disadvantages, and how to connect to it. Lastly, I’ll show you how you can choose a suitable service provider that best suits your business. 

Let’s start with a definition of VPN SSTP!

What Is VPN SSTP?

A VPN SSTP or SSTP is a secure protocol VPNs use to transmit data. Microsoft decided to replace its PPTP and L2TP/IPSec protocols with SSTP, as the latter is much more secure and highly stable. Today, SSTP is commonly used for transporting Point-to-Point Protocol (PPP) traffic on native Windows environments. 

Now, let’s dive into how it works so you can better understand how it could benefit your organization.

How Does SSTP Work?

Essentially, a VPN SSTP transports the Layer-2 frames over an HTTPS connection. This, in turn, translates to improved security as it’s mostly based on user authentication and not on a device’s security.

Typically, a VPN requires a server and a client. They communicate with each other to securely send and receive data. The server and the client must agree on a common protocol to ensure seamless communication. 

SSTP creates an encrypted tunnel using the AES-256 cipher. Specifically, it creates this tunnel between a VPN client and a VPN server to protect data from unauthorized interception. It’s more secure than protocols such as PPTP because it uses:

• SSL/TLS secure handshakes
• Port 443
• Encrypted transfers

In a VPN SSTP, a client connects to a server through port 443, the standard port for encrypted HTTPS connections. The server then requests user authentication to confirm the connection. 

Upon receiving the confirmation, both devices will connect securely. Additionally, SSL/TLS secure handshakes also establish secret keys between the client and the server, which helps prevent external interception.

Now that you know how a VPN SSTP works, let’s move to its advantages and disadvantages.

Advantages and Disadvantages of SSTP

SSTP is a secure protocol, but much like any other protocol, it has advantages and disadvantages. Let’s begin with the advantages.

Advantages of SSTP

Here are the advantages of using SSTP:

• Uses SSL 3.0 to encrypt data, which promotes how secure it is
• Is very fast, provided you have sufficient bandwidth
• Integrates into the Windows operating system
• Bypasses firewalls with ease
• Provides a workaround for geo-blocked content

Disadvantages of SSTP

The following list shows the disadvantages of using SSTP:

• Isn’t fully compatible with older versions of Windows (earlier than Windows Vista), Linux, and macOS, which limits its features and performance
• Has limited compatibility with web proxies
• Is slower than protocols like IPSec/IKEv2 because of additional encryption overheads
• Suffers from TCP-related problems like packet loss
• Is susceptible to POODLE attacks that exploit a vulnerability in SSL 3.0

Overall, you have advantages and disadvantages of VPN SSTP. It’s a good choice if you’re using a Windows environment, as it has compatibility issues with other operating systems. Also, the speeds may not be top-notch, but SSTP is undoubtedly one of the most secure protocols available today. 

If you decide to go with a VPN SSTP, here are the steps to connect to it.

How to Connect to SSTP

The exact configuration could vary based on the VPN service provider you choose, but here are the general steps to connect to VPN SSTP.

First-Time Connection

When you’re connecting to SSTP for the first time on Windows Vista, Windows 7, or Windows 8, here are the 6 steps you should follow:

1. Right-click on your network icon in your desktop tray and choose “Open Network and Sharing Center”
2. Click on “Setup a New Connection or Network”
3. Select “Connect to a Workplace”
4. Choose “Use my Internet connection (VPN)”
5. Enter your internet address when prompted. This address is the hostname for an SSTP connection. If you don’t have it, reach out to your network admin
6. Enter your username and password in the next window and click on the “Create” button at the bottom. For convenience, you can ask the device to remember your credentials 

If you’re using Windows 10 follow these 2 steps:

1. Click on “VPN” on the left-hand pane in the Network and Sharing Center
2. Click on the “+” button on the right and follow the wizard

This should create a secure VPN connection. Note that it might take a while to connect the first time.

Subsequent Connections

After the first connection, your subsequent connections are easier and quicker. All you have to do is click the network icon on the bottom tray of your device and connect to the saved VPN connection. It’s that simple!

Earlier, I said that the exact steps could depend on your VPN SSTP provider. Continuing that conversation, let’s talk about how you can go about choosing such a provider. 

How to Choose an SSTP Provider

Before choosing an SSTP provider, ask yourself what you’ll use a VPN for. Your answer is important because you’ll find different features from different providers. For example, if you want to use VPN to access geo-blocked Netflix content, you can choose a VPN SSTP service providing this feature.

Besides action-oriented aspects, here are more things to consider when choosing a VPN SSTP provider for your organization:

• Opt for a service that has a “no-logs” policy, as it keeps you away from surveillance and prying eyes
• Look for reliable customer service, preferably a provider with 24/7 availability
• Go for a service that has servers in countries whose content you want to access
• Keep an eye out on privacy, as some governments have overarching control over every company operating in its territory
• Make sure your VPN SSTP costs are reasonable and add value to your organization
• Consider VPNs with free trials, so you can test-drive them before committing your money
• Ensure your VPN SSTP has an intuitive interface to make it easy for all employees to use
• Go for a service that offers simultaneous device connections for greater flexibility; this might be irrelevant if your workers connect only from one device at a time 

The above considerations are broad guidelines for choosing a suitable VPN SSTP provider. Start with a list of must-have features followed by a set of good-to-have features. The VPN SSTP service you choose must check all your must-have features and as many good-to-have features as possible. 

Before we end, here’s a quick recap.

The Bottom Line

To conclude, a VPN is essential for your employees to securely connect to your organization’s network. However, VPNs run on many protocols, and one of them is SSTP. This is a secure protocol with good speed that makes it better than several older protocols.

Some of the advantages of using SSTP include using SSL 3.0 to encrypt data and its integration with Windows operating systems. That said, it does have its disadvantages, such as its limited functioning on Linux and macOS systems. Overall, it’s worth test-driving it to see if it suits your business.

This article also discussed the necessary steps to implement SSTP in your business. Feel free to refer to them should you need a quick refresher in the future.

Lastly, I discussed the things to consider when choosing an SSTP service provider. Before choosing a provider, consider your business’s needs and requirements first. I hope this article provided you with the necessary tools to use VPN SSTP.

Do you have more questions about SSTP? Check out the FAQ and Resources sections below!

FAQ

What kinds of devices can run SSTP?

SSTP runs well on Windows devices (Windows Vista and later) and to a limited extent on macOS and Linux. But it doesn’t support web proxies. That said, SSTP is highly secure and reasonably fast. It can also bypass firewalls with ease.

How secure is SSTP?

SSTP is highly secure as it uses the AES-256 encryption cipher. Also, it connects to port 443, which masks data packets automatically. More importantly, port 443 makes it difficult to detect the packets and can protect your data from external interception and cyberattacks such as man-in-the-middle (MITM) attacks. 

Is PPTP better than SSTP or vice versa?

The Point-to-Point Protocol (PPTP) is older than SSTP and supports many operating systems such as macOS and Android. Also, the General Public License (GPL) licensed PPTP, and it has received plenty of optimization over the years. In this sense, it’s faster than SSTP. However, it’s easy for Internet Service Providers (ISPs) to identify and block PPTP traffic as it uses the insecure port 1723. In comparison, SSTP is newer, more secure, and runs primarily on Windows devices. 

Can SSTP bypass a firewall?

Yes, an SSTP can bypass a firewall. This is because it uses port 443, the same port used by HTTPS. This is why a VPN SSTP is a good choice for accessing geo-blocked content. It can even get past censorship.

Is SSTP fast?

Yes, SSTP is faster when compared to older protocols. However, OpenVPN is faster and newer than SSTP. SSTP doesn’t offer top speeds because it has to encrypt data. More importantly, the SSTP speed depends on the available bandwidth and processor capabilities.

Resources

TechGenix: Article on Business VPNs

Learn what business VPNs are.

TechGenix: Article on WARP vs VPN

Find out the differences between WARP and VPN.

TechGenix: Article on Double VPNs

Read about double VPNs and when you should use them.

TechGenix: Article on Tor vs VPN

Educate yourself on Tor vs VPN.

TechGenix: Article on VPN Protection

Learn about the kind of protection a VPN offers you.