Some operating systems come with IPSec VPN clients already installed. Mac OS X has the ability to connect to Cisco and other IPSec VPN devices already present, for instance. Windows systems generally rely on third-party VPN software to provide this service. Many mobile devices also have support for generic IPSec connectivity.
PPTP (Point-to-point tunneling protocol) VPNs have been around since Microsoft first implemented the protocol in Windows 95. However, it has fallen out of favor in recent times because of security issues with the protocol itself. Some VPN devices still support PPTP connections, as do all Windows versions since Windows 95. Mac OS X and some smartphones also support PPTP connectivity.
While PPTP may still be around and your VPN termination device may support the protocol, it's better to look to either IPSec or SSL VPNs (see below), since they're more secure.
SSL (Secure Sockets Layer) VPNs came into fashion because they're generally known as "clientless" VPNs. This means that the remote computer doesn't need to have a client preinstalled to connect to the corporate network. In most cases, an SSL VPN tunnel is created when a remote user opens a Web browser and connects to a predefined URL, such as https://vpn.mycompany.com. Note that if you do not have DNS service from your provider, this URL may simply be an IP address.
The remote user is then prompted for a username and password. Once authenticated, the user may be taken to a Web page that has an icon to connect to the VPN. Clicking on the icon will download a small applet from the SSL VPN device that runs on the user's computer and acts as the VPN client. This means that users don't need to preinstall the client as they do with IPSec VPNs, and they won't need to redownload the applet when they access the SSL VPN in the future.
In some cases, this client is persistent, and can be run without connecting to the SSL VPN URL, but other implementations may require the browser to function.
This form of VPN permits full network connectivity, as IPSec does, but it may be easier to deploy to remote users since you don't need a "fat" IPSec client or IPSec connection information. On the other hand, it also lacks the secondary authentication present in IPSec, which may be a concern.
Comparing VPN Options