Home / Definitions / VPN (Virtual Private Network)

VPN (Virtual Private Network)

Kaiti Norton
Last Updated February 13, 2024 3:17 am
VPN icon.
Source: wanicon for flaticon.com 

What is a VPN?

A virtual private network is an intermediary that encrypts a device’s Internet data through a secure server.

It might be used for remote employees accessing a company’s potentially sensitive information, or individual users who want to maintain internet privacy. A VPN also helps to increase your security against cyber attacks.

Information transmitted via VPN tunnels cannot be accessed by Internet service providers (ISPs), government entities, or malicious hackers because the system requires a multi-step authentication process to verify that the end user is secured to the website. It therefore adds significantly to your data security as you use the internet.

Why use a VPN ?

There are a multitude of reasons you might opt to use a virtual private network.

VPN ensures data privacy

One of the principal reasons for using a virtual private network is privacy. Everything you do online is visible to your internet service provider, who logs this data and can potentially show it to other parties in future. And if you’re unlucky enough to be hacked, cybercriminals can spy on your internet activity remotely.

By encrypting your activity via an encryption tunnel, a VPN makes sure your browsing activity stays private at all times.

Digital security

Enhanced digital security is another huge advantage of using a VPN. Every connected device has an IP address, and this piece of data can potentially be used to deploy cyber assaults such as DDoS attacks.

A VPN service routes your connection through a totally different server. This means the IP address that appears online when you browse will be that of the VPN, not your own. This protects you from cyber threats.

Access geo-blocked content

That’s not the only thing your IP address can be used for. Major content streaming services like Netflix, Hulu, Spotify, and Youtube will restrict content depending on geographical location. Some customers use a VPN to circumvent the restricted content (a tactic called geo-spoofing ).

Since the network automatically hides your IP address (and therefore yoour geographis location) you’ll be able to access restricted content.

Similarly, VPN connections can be used to access restricted by censorship. If you’re living in China, Iran, Cuba, the United Arab Emirates or Russia, you might be banned from particular sites. You can use a virtual private network to evade detection. This means you can circumvent the censorship to access and publish the content you want, while protecting your anonymity.

How does a VPN work?

A virtual private network is a middle man that sits between your computer and the server (website) you’re using.

Communication between your device and the internet is not private. Your internet service provider, for example, can see all of your activity. This is because your connection is not encrypted – anyone with access to your network can see what you’re doing. Another issue is that your IP address will also be visible. Anyone who has this piece of information can potentially track your location or even deploy a cyber attack on your device.

Encryption tunnel

A VPN solves both of these issues. First, it encrypts all of your internet traffic, meaning that nobody can see your device’s browsing activity.

The VPN creates what’s known as an “encryption tunnel”. You can think of this as a tunnel directly between your device and the target server. Traffic can pass through this tunnel, but nobody outside can access it. Thus your data is hidden. This uses state of the art encryption that’s impossible to penetrate, even for your internet service provider.

IP masking

Furthermore, a VPN routes your web communication via one of its own servers. Instead of your own public IP address showing up, it will be the IP address of whichever server your VPN service used. Since VPN server networks are normally distributed across the globe, the IP address shown for you will show your location as somewhere totally diffrent. Meanwhile, your true IP address will be masked.

So in effect, your VPN sets up a completely private connection. None of your personal data will be visible, and you can browse the internet as normal.

Common Types of VPNs

One of the most common types of VPNs is a virtual private dial-up network (VPDN). A VPDN is a user-to-LAN connection, where remote users need to connect to the company LAN. Here the company will have a service provider set-up a NAS (network access server) and provide the remote users with the software needed to reach the NAS from their desktop computer or laptop. For a VPDN, the secure and encrypted connection between the company’s network and remote users is provided by the third-party service provider.

Another type of VPN is commonly called a site-to-site VPN. Here the company would invest in dedicated hardware to connect multiple sites to their LAN though a public network, usually the Internet. Site-to-site VPNs are either intranet or extranet-based.

Intranet

A network based on TCP/IP protocols (an intranet) belonging to an organization, usually a corporation, accessible only by the organization’s members, employees or others with authorization. Secure intranets are now the fastest-growing segment of the Internet because they are much less expensive to build and manage than private networks based on proprietary protocols.

Extranet

An extranet refers to an intranet that is partially accessible to authorized outsiders. Whereas an intranet resides behind a firewall and is accessible only to people who are members of the same company or organization, an extranet provides various levels of accessibility to outsiders. You can access an extranet only if you have a valid username and password, and your identity determines which parts of the extranet you can view. Extranets are becoming a popular means for business partners to exchange information.

P2P VPN (peer-to-peer)

A P2P VPN is a virtual private network with servers that are optimized to work with peer-to-peer networks. This means you can engage with the large bandwidth required by a P2P network without the risk that your VPN will cut off or throttle., leaving your IP address exposed.

VPN protocol types

There are several types of network protocols used with VPNs. Most VPN providers will list which protocol(s) they offer, so consumers can determine which benefits are most important. Here is an overview of the most common protocol types:

Point-to-Point Tunneling Protocol (PPTP)

Layer 2 Tunneling Protocol (L2TP)

Internet Protocol Security (IPSec)

Secure Socket Tunneling Protocol (SSTP)

  • SSTP was developed by Microsoft for Windows Vista

  • More secure than PPTP

  • Often compared to OpenVPN because it uses SSL 3.0

Transport Security Layer (TLS) & Secure Socket Layer (SSL)

  • TLS or SSL is used by all sites that start with https://

  • SSL 3.0 is the predecessor of TLS, but is still widely deployed

OpenVPN

  • Open source VPN, based on TLS and SSL protocols

  • Most common protocol used by VPN services

  • Requires third-party software

  • Faster than L2TP

  • Difficult to block, but has potential to slow down connection speeds

Internet Key Exchange version 2 (IKEv2)

  • IKEv2 is used with IPSec for mobile devices

  • Developed by Microsoft and Cisco

  • Has no known vulnerabilities

  • Uses a Diffie-Hellman key exchange

WireGuard

  • WireGuard was developed in 2017 by Jason Donenfeld for Linux (deployment has since been expanded to include Windows, macOS, iOS, Android, and BSD)

  • Intended to be faster, simpler, and more performant than OpenVPN

  • Still under development

Common VPN features

Some of the most significant features of VPN tools are what inevitably set them apart from one another depending on what a user values most. A few differentiators include logging policies, security, connection speed, server location, data caps, and customer service.

Logging 

While several VPN vendors advertise no-logging policies, this typically only applies to traffic logs that would keep a record of browsing history, downloads, etc. VPN providers will often keep connection logs, which are used to record metadata about when the VPN is used, the duration of use, how much bandwidth is used, etc. and will sometimes sell this information to advertisers under the guise of innovation.

Security and speed

Perhaps the most fundamental feature of any VPN is security if a connection s security is compromised, the VPN is rendered useless. At the same time, VPN users should expect connection speeds to be slightly slower than non-VPN connections, but the value of VPN encryption is diminished if it significantly impacts the connection speed. Factors that impact connection speed include the protocol(s) used, server capacity, bandwidth availability, and network traffic among others.

Server location

Generally, a VPN user s connection speed will be faster the closer they are to the VPN server; however, connection speeds can also be impacted by how much geographic area one server is expected to cover and the relative traffic it will receive. Additionally, the country where the server is physically located can have implications for the vendor s approach to privacy as well as its ability to deliver on security promises. VPN providers based in countries like China and Russia are at higher risk for security issues because of their laws surrounding data privacy and surveillance. Similarly, nations in the 5 Eyes, 9 Eyes, and 14 Eyes Alliances (namely U.S., U.K., Canada, and Australia among others) pose challenges for VPN providers in their jurisdiction because of the intelligence-sharing nature of those agreements.

Simultaneous connections

Chances are you’re using multiple Internet-accessing devices at once – think phones, tablets and laptops. So it makes sense that your VPN provider should accommodate multiple secure connections.

The number of simultaneous device connections varies by vendor, and this is a factor worth considering.

Split tunneling

An emerging trend in VPN tunneling is to divert some traffic to the VPN server while allowing other traffic to continue directly through the ISP server. This is particularly useful in cases where latency can cause more trouble than the extra security is worth, such as online gaming.

Data caps

Some VPN services – particularly the free ones – limit your data allocation. This can be a big limitation, particularly if you engage in high bandwidth activity such as gaming or streaming. It’s therefore critical to consider the data allowance of your VPN, relative to your digital activity.

Support

The mark of an effective VPN is that its user forgets it s there. Ideally, VPNs should maintain seamless connectivity, but it s important to have an agile customer service team ready to address any issues or questions that might arise. The best VPN vendors offer 24/7 support through multiple channels, including phone, email, and live chat.