InstaSafe | Why does the ISA Solution make use of UDP instead of TCP to tunnel data traffic?

Why does the ISA Solution make use of UDP instead of TCP to tunnel data traffic?

Question

Why does the ISA Solution make use of UDP instead of TCP to tunnel data traffic?

Answer

The InstaSafe Secure Access (ISA) Solution makes use of a TLS Tunnel for the transmission of application data traffic. UDP Ports are more suitable for the TLS Tunnel primarily because it offers increased security against DDOS and other attacks. TCP ports are less secure since they are subjective to TCP flooding and similar attacks. 

Making use of a TCP port essentially means that the implementation would use TCP over TCP (where the carrier TLS connection and the application traffic are both based on a TCP connection). This can degrade the performance and lead to low throughput in case of a congested or a flaky internet connection.

Due to these reasons, the ISA Solution predominantly makes use of UDP ports. Any Custom UDP Port (outbound) could be used in order to establish connections from the data centers and the end-points to the ISA Controller.

Most traditional SSL VPN solutions use TCP 443. However, the ISA Solution makes use of TLS and not SSL.

If you are an Admin of the organization's ISA Account and have any queries in this regard, contact InstaSafe Support

    • Related Articles

    • ISA App Log File

      The ISA App, once successfully installed and configured, generates Connection Logs that could be extremely helpful in troubleshooting issues that may crop up. Depending on the device OS, the Log File location is as follows: Locating the ISA App Log ...
    • MacOS ISA App Connection Error "This computer is not approved for use with InstaSafe Secure Access"

      This Article highlights the steps to be taken in case users are unable to connect the ISA App on macOS and the error message received is "This computer is not approved for use with InstaSafe Secure Access" Issue The ISA App on MacOS doesn't connect ...
    • InstaSafe Secure Access Architecture

      Product Overview InstaSafe Secure Access (ISA) is an innovative enterprise remote access software solution based on software defined perimeter delivered as a service. It provides enterprises a simplified setup to secure and manage application access. ...
    • Which Protocols and Technology is the ISA Solution based on? What kind of Encryption is utilized?

      The InstaSafe Secure Access (ISA) Solution is based on the OpenVPN protocol. The traffic tunneling is established using Datagram Transport Layer Security (DTLS), X509 PKI (InstaSafe CA server) is used for digitally signing certificates and session ...
    • Why are Administrator Privileges required to install the ISA App?

      Question Why does the InstaSafe Secure Access (ISA) App require Administrator Privileges to install on Windows and Mac devices? Typical SSL VPN Clients do not require Admin privileges to install. Moreover, since most end-users usually don't have ...