I have used a few VPN solutions over the years. Most are hard to set up, slow to connect and/or rather ill-behaved (replacing system drivers, disrupting each other etc).
One solution I have never used earlier is the one built into Windows. This is mostly because the infrastructure guys always refuse to use it because they claim it's 'not secure'.
Now I have finally had the chance to use it (on Windows 7), and wow, it's a breeze! Easy to set up, well-behaved, it connects almost instantly, automatically authenticates with my logged-in credentials, and integrates excellently with the UI. I have to say, unless it really isn't secure, I'll be happy if I never have to use another VPN product ever again.
I gather the Windows VPN used to rely on PPTP, which is not considered secure. But in Windows 7/2008, it supports L2TP/IPSec, SSTP and IKEv2, and authenticates with EAP or CHAP/CHAPv2. That seems pretty up-to-date to me.
But I'm just a lowly developer. Can someone in the know give me the lowdown on this?
Best Answer
Like all things security, it depends on how you configure it.
It can be setup to be very secure. At one point in time (Circa Win98) it had problems. Since then MS has fixed it (Circa 1999). There's a cryptanalysis of it available here; bottom line, user passwords are the weakest link (as it should be).
Some of the user password issue can be mitigated by using client authentication certificates. If you already have a good PKI infrastructure, you probably already automatically issue client (computers) certificates. PPTP can use these to prove that the computer should be allowed to try a username and password pair. Certificates aren't required however, and PPTP will still be as secure as your passwords.
MS provides articles on how to setup PPTP (Including EAP/TLS) as well as L2TP (L2TP does require Certs/PKI). Both of these are for Win2003, but they're plenty enough to get an idea of what's required; and there are documents around for 2008. As noted in the comments, any variation of PAP and CHAP are insecure (because they can be brute forced with trivial resources).
If your IT is telling you that PPTP is insecure they either haven't kept up with the issues (since <1999) or they're using "insecure" as a cop-out for some other reason.