The security of VPN mostly relies on authentication and encryption. The best tunneling protocol must be in use for achieving good results and maintaining better security. The latest type of VPN introduces SSL, which only supported in web servers and browsers. The purpose of SSL is to reduce the complexity of IPsec. IPsec is the best tunnel for encryption because it is in use in different ways like smart cards, keys and certificates. Traffic monitoring is best possible from end-to-end of the tunnel. All client PCs must remain up to date with security updates. In addition, end users should be in picture about what exercises are viable to perform and the client can use what sort of programs. A VPN protects both ends in such a way that server and clients with proper antivirus installed and windows apprise security features. If client machine is malicious, that could create a loophole, for avoiding this real-time monitoring done. Mostly loophole occurs in VPN due to security updates viruses or worms. Earlier types of VPN not providing enough protection like PPTP and L2TP, later on IPsec encryption introduced which secure traffic.