Transmission Control Protocol (TCP) is one of the main protocols in TCP/IP (Internet protocol) networks. TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and also guarantees that packets will be delivered in the same order in which they were sent. TCP is referred to as a “reliable” protocol.
Secure Sockets Layer (SSL) is a protocol that supplies secure data communication through data encryption and decryption. SSL enables communications privacy over networks. SSL tunneling refers to the ability of a server to allow a client to establish a tunnel through the server directly to the Web server with the requested HTTPS object. Whenever a client browser requests an HTTPS object through the Server, SSL tunneling is used. SSL tunneling, since it requires a reliable connection, occurs over TCP.
Transport Layer Security (TLS) is the IETF standard version of SSLv3 with security improvements and corrections. TLS is a protocol that guarantees privacy and data integrity between client/server applications communicating over the Internet. The TLS protocol is made up of two layers: the TLS Record Protocol and the TLS handshake protocol.
The TLS record protocol is layered on top of a reliable transport protocol, such as TCP. The TLS record protocol ensures that the connection is private by using symmetric data encryption and it ensures that the connection is reliable. The TLS record protocol also is used for encapsulation of higher-level protocols, such as the TLS handshake protocol.
The TLS handshake protocol allows authentication between the server and client and the negotiation of an encryption algorithm and cryptographic keys before the application protocol transmits or receives any data.
User Datagram Protocol (UDP) is a connectionless protocol that, like TCP, runs on top of IP networks. Unlike TCP/IP, UDP/IP provides very few error recovery services, offering instead a direct way to send and receive datagrams over an IP network. UDP is therefore referred to as an “unreliable” protocol. UDP is used primarily for broadcasting messages over a network.
Datagram TLS (DTLS) is a protocol based on TLS that is capable of securing datagram transport (UDP for instance). DTLS is well suited for securing applications that are delay sensitive (and hence use datagram transport), tunneling applications (Virtual Private Networks or VPNs), and applications that tend to run out of file descriptors or socket buffers.
HyperText Transfer Protocol (HTTP) is the underlying protocol used by the World Wide Web. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. For example, when a user enters a URL in a browser, this sends an HTTP command to the Web server directing the web server to fetch and transmit the requested Web page.
Secure HTTP (HTTPS) is an extension to HTTP that supports various encryption and authentication measures to keep all transactions secure from end to end. HTTPS can comprise HTTP over TLS or TCP.
Virtual Private Network (VPN) is a network that is constructed using public systems such as the Internet but uses security mechanisms to ensure privacy and that only authorized users are allowed access.
SSL VPNs permit access to corporate resources securely. One of the advantages of SSL VPNs is the ability to connect from almost anywhere, including through firewalls and proxies. This is because SSL VPNs use the same protocols that are used for World Wide Web (WWW) access, and are able to use that infrastructure (e.g., proxies and firewalls) to its advantage.
Voice over Internet Protocol (VOIP) is a technology that allows persons to send and receive voice, fax and data information over a combination of a phone network and a digital communications network. In a VOIP environment voice signals are processed for transport over a packet network. The VOIP environment includes a pair of gateways, one at each end of the packet network. The gateways perform the compression and packetizing necessary to accomplish VOIP. The voice signal is received by a first gateway, where the voice signal is then compressed and packetized. The packets are sent out on the packet network. The packets are received by the second gateway from the packet network. The second gateway converts the packets back into a voice signal.
Traditionally systems which are used for providing VOIP functions, video, file transfers, real-time and non-real time data transfer typically use a single protocol. A system may use SSL over TCP to connect between a source and destination device and to transmit data between the devices. Other conventional systems providing the same functions may use DTLS over UDP.