Point-to-Point Tunneling Protocol (PPTP)

A Point-to-Point Tunneling Protocol (PTTP) is a networking standard that is used when connecting to a Virtual Private Network (VPN). VPNs are a way to create online privacy and anonymity by creating a private network from a public internet connection. This is often used by users who work remotely that need to connect to an office network securely.

Nowadays, PPTP is considered obsolete for use in VPN’s because of its many known security deficiencies. Nevertheless, PPTP is still in use in some networks.

The phrase Point to Point refers to the specific type of connection created by the protocol. It allows for one point (user’s device), to access another specific point (user’s office network), over the Internet. The “tunneling” part of the term refers to the way one protocol is encapsulated within another protocol. In PPTP, the point-to-point protocol (PPP) is wrapped inside the TCP/IP protocol, which provides the secured Internet connection. Even though the connection is created over the Internet, the PPTP connection creates a direct link between the two locations, allowing for a secure connection.

Source: TechTerms

Related Terms: Transmission Control Protocol (TCP), Two-Factor Autthentication, Virtual Private Network (VPN)

Related Readings: What Is A VPN Protocol And Which One Should You Use?


What does this mean for an SMB?

SMB’s that have remote workers who need to access onsite resources might want to setup a VPN for their employees. However, if you have an existing PPTP VPN in place, the time has come to replace it with a more robust and secure service for employees. Options for secure VPN’s include:
  1. Remote Desktop services which place employees on their workstation at work with and without (recommended) the ability to download files to their home workstation. This solution largely eliminates the potential for remote unsecured workstations from compromising your internal network.
  2. Purpose built IPSec VPN tunnels. These are for companies that require direct remote connections from Laptop users (company owned and secured) into internal networks for the files and applications that are ONLY available on the LAN of the company. These are becoming less common as so many companies migrate to Cloud services and solutions.

Finally, in all cases, it is critically important, yes this cannot be understated, critically important to pair all remote access into your environment and your data with Two-Factor authentication. Do not enable remote access without it.

Learn more about VPN technologies PPTP and L2TP with this video:

Secure your business with CyberHoot Today!!!

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.