VPN protocols are a set of standard specifications for establishing a secure tunnel using encryption, verification and security for data transmission between a device (or endpoint) and another device (or endpoint). For VPNs to be most effective, protocol standards are necessary to build secure ways to transmit data over the public internet which is otherwise open and not secure for sending data.
Think of VPN sessions as tunnels, or encrypted connections that connect to a company’s private, secured network. They are used to transmit sensitive data across an unsecured “underlay” network and protect that information from malicious actors. By using VPN tunnels it allows you to transmit data so that it is not directly viewable because it is sent through an encrypted virtual tunnel which makes the data unreadable.
Since the VPN standard calls for adding encryption and transmission protocols, they can impact the overall bandwidth available to transfer data. This additional encryption overhead increases the packet size and reduces the amount of data that can be transmitted over the equivalent network transport without a VPN. While there are newer technologies that limit the impact to the network, typically a VPN cuts the available bandwidth about 20%.
To put it differently, sometimes speed and capacity outweigh the need for security. It is worth remembering that not all data transmitted over a network is sensitive or in need of being secured over a VPN.