A VPN protocol is the system that establishes the secure connection between your device and the VPN’s server. This is done first by verifying the authenticity of the user’s device and the VPN server, and then generating an encryption key that can be used by both.
This system allows data to be encrypted, sent between the device and the server, and then decrypted safely. No matter how good a VPN provider is, it can’t provide genuine security if it doesn’t use a strong protocol.
Internet Key Exchange version 2 (IKEv2) is a tunneling protocol based on IPsec, which allows for secure VPN communication between VPN devices. It defines the negotiation and authentication process for IPsec security associations (SAs).
IKEv2 generates encryption keys to ensure safe data flow between your device and the VPN server you’re connected to.
NordVPN and other VPN providers refer to this winning combination as IKEv2/IPSec or IKEv2 VPN.
The IKEv2 protocol is faster and more stable than OpenVPN, and it offers a ground-breaking auto-reconnect feature that improves both security and ease of use. This means that it will automatically resume your VPN’s connection, even when your device switches from one internet source to another.
For the technically minded, IKEv2/IPsec uses the AES-256-GCM cypher for encryption, coupled with SHA2-384 for integrity. This is combined with perfect forward secrecy (PFS), using 3072-bit Diffie Hellmann keys.
IKEv2/IPSec is one in a long line of protocols, each building and expanding upon the strengths of predecessors. Where other VPN protocols like Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP/IPsec) struggled to balance both speed and security, their successor, OpenVPN, excelled on both fronts.
OpenVPN is one of the best VPN protocols now available, which is why it plays an integral role in NordVPN applications. However, there are some points on which IKEv2/IPSec surpasses even OpenVPN. This is largely thanks to its three defining features:
IKEv2 and IPSec both work best when combined and are not usefully comparable. In fact, IPSec’s authentication suite already uses IKEv2 within its own collection of protocols.
IPSec is a popular system for a reason: it’s secure and reliable, and its operations are invisible to third-parties. Likewise, IKEv2 is a great basis for stability, rapid data-flow, and connection hopping.
Seeing the strength of this privacy partnership, NordVPN uses IKEv2 VPN protocol to provide the best of both features, so users can enjoy a safer, more streamlined experience.