Most computer users have probably heard the term VPN at one time or another. Perhaps you wondered what a VPN is and why you would want to use one. Maybe you have heard that a VPN can help combat internet censorship and keep your data more secure when you want to access the Internet. You might be using a VPN now but not fully understand how it works.

In this article, we are going to tell you everything you need to know about VPNs. We’ll cover how they work, why you might want to use one, and the dangers that can present themselves if you don’t connect to the Internet via a VPN. This is especially important for those of you who make use of public Wi-Fi.

This is part of an extensive series of guides about cybersecurity.

What is a VPN?

The acronym VPN stands for Virtual Private Network. A VPN has both a simple working explanation and a slightly more complex technical definition. From the perspective of a user, a VPN is a method of ensuring the security and privacy of their online activity. You can browse websites without worrying about being tracked by third parties.

When you use a VPN, IP addresses are hidden from everyone by the VPN provider (or your server that you created as a VPN node). Your computer’s IP address is its public identifier. You are essentially anonymous from everyone but the aforementioned parties and can therefore maintain a high degree of privacy – however, note that you can still be tracked if the VPN provider keeps track of your records.

When using a VPN, your data may also encrypted so it cannot be compromised by malicious users who may have access to the communication network, depending on the VPN you choose. Encrypting your Internet traffic makes it unusable to anyone without the encryption key. In this way, the VPN offers enhanced security when data is transferred over an Internet connection.

The technology behind a VPN is fairly straightforward. A secure point-to-point connection is established between a remote client and a VPN server. The IP addresses of the client computers are masked and replaced with IP addresses provided by the VPN server. The data to be transferred and the original IP header is encapsulated and encrypted.

A new IP header is added that allows access to the desired public network so the data can be transferred. Using the services of a VPN provider protects the identity of the client machine by hiding its IP address from the Internet and encrypting the information to safeguard it from unauthorized access. Let’s dig further into the details of how a VPN works.

VPN Components

Three components are required to establish a VPN. They work together to provide a virtual private network over which your data can flow safely and securely.

VPN Client

A VPN client is a computer or device that uses a VPN, or virtual private network, to obtain Internet access. In addition to desktop and laptop computers, devices such as smartphones and tablets that can access the Internet can benefit from a VPN connection. There are three basic types of VPN clients available.

  • Standalone VPN clients require software to be installed on both endpoints of the connection. Using a commercial VPN product involves downloading and installing the client code on the device that connects to the VPN provider. Most consumer VPN solutions involve standalone clients on each customer’s machine.
  • Most modern operating systems have built-in VPN clients that enable connectivity to be established with a remote VPN server if it uses the same VPN protocol. This type of VPN is commonly found in a corporate environment, as it is not easily configured by end-users.
  • Open source VPNs are also available for a wide variety of operating systems. The advantages of an open-source solution are that it is free and the code can be modified to meet specific requirements.

VPN Server

A VPN server accepts connections from VPN clients and is responsible for transforming the data packets sent from the clients into a form that can be distributed on the Internet or a local private network. Replies generated from the connected network are sent to the VPN server which in turn sends them back to the client or endpoint.

VPN servers can be physical or virtual machines that run specialized software to accomplish their tasks. The software handles communication between the server and its clients. It also performs encryption and decryption of transferred data packets. An important component of a VPN server’s software is the VPN protocol used to construct a secure tunnel through which information is transferred.

VPN Protocols

VPN protocols are also referred to as tunneling protocols. The tunneling analogy comes from the way the VPN protects your data when you connect to the Internet. You can visualize the protection as a tunnel wrapped around your data that keeps it safe and away from prying eyes. The tunnel is formed by the masking of IP addresses and the encryption of transmitted data.

The tunnel is only as strong as the VPN protocol that is used to construct it. There are many different VPN protocols in use that offer different levels of functionality. Here is an overview of some of the most used tunneling protocols to set up a VPN.

  • PPTP – Point to Point Tunneling Protocol is one of the oldest protocols still in use by VPNs. It is an easy protocol to configure and only requires a username, password, and server address to establish a connection. PPTP furnishes fast connection speeds but provides a low level of encryption, making it unsuitable if you need reliable data security. Atlantic.Net does not recommend using PPTP as it is at end-of-life due to numerous security vulnerabilities.
  • SSTP – Secure Socket Tunneling Protocol is a Windows-based protocol that transports data using Secure Sockets Layer (SSL). It is more secure than PPTP, but is limited to use with Windows machines. The fact that it does not use fixed ports makes it harder to stop SSTP connections with firewalls.
  • L2TP/IPSec – Layer 2 Tunneling Protocol (L2TP) is used together with Internet Protocol Security (IPSec) to create a more secure connection than PPTP. The protocols provide two layers of encryption for additional protection. Strong AES-256 bit encryption is used, but fixed ports make it easier to block connections using this protocol. It is also slower than some other VPN protocols due to the double data encapsulation it performs.
  • OpenVPN – This open-source VPN protocol also uses strong AES-256 bit encryption to protect data transmission. It can be complicated to configure, but once in place, OpenVPN can keep data safe, establish fast connections, and avoid detection from firewalls. Due to the interest of the security community, the tool is always being reviewed for potential vulnerabilities.

The choice of VPN protocol can have a substantial impact on your online activity. In some cases, you may have to balance connection speed with encryption strength. Protocols that use fixed ports can be detected by firewalls, which may limit the functionality of the VPN and affect your ability to reach sites that offer products such as streaming services. Your specific needs should be considered when selecting a VPN provider and it’s worth looking at which VPN protocol they use.

Types of VPNs

A virtual private network can be implemented in multiple ways. A key characteristic is that both endpoints in the connection need to use the same VPN protocol.

  • In a remote client implementation, a public network is used to connect to a private local network. The remote users have a VPN client installed that can connect to a VPN gateway on the local network. An example of this type of implementation is a business VPN that allows workers to access sensitive corporate information remotely.
  • A site-to-site VPN enables a private network connection to be established between two sites without the need for software to be installed on all clients. Each site is connected to a VPN server which handles all clients on its end and acts as the endpoint for communication from the second site. End-users need to be connected to the VPN gateway so local network traffic can be sent through an encrypted tunnel to the alternate site.
  • In a client-to-provider virtual private network implementation, the user needs VPN client software installed and configured to enable a connection to a VPN provider’s servers. The connection establishes a secure tunnel to the service provider. The provider receives data packets which it then encapsulates and forwards to the Internet. The VPN connection is only between the client and the server. It does not extend to the destination website. This type of VPN is very common for addressing privacy concerns and can create a secure connection when using public WiFi which is notoriously unsecured.

Each kind of VPN implementation has its uses in certain scenarios. Most individuals who are using a VPN to protect their browsing activity will use the client-to-provider method. All it requires is the installation of client software which is used to create a secure VPN connection to the provider. Remote client and site-to-site VPNs require a greater level of configuration and administration.

What Are the Benefits of a VPN?

Many advantages come with using a VPN to connect to the Internet. Some of them straddle the line between legitimate and illegitimate forms of online activity. In some cases, the use of a VPN may be morally acceptable by society yet prohibited by a government or corporation. Here are some of the benefits of using a VPN service to provide a secure and private Internet connection.

  • Using a VPN conceals your private information from websites and applications that track your online movement. The encryption capabilities of the chosen VPN will enable you to conduct secure communications and transactions over the Internet even when connected to WiFi hotspots, say, at your local coffee shop. This can be a very important factor in nations with repressive regimes that limit the ability of their citizens to freely communicate among themselves without fear of reprisal. In such cases, a secure VPN may be the only way to safely discuss sensitive subjects.
  • Access to blocked websites is another common reason for connecting to a VPN. Geoblocking is the practice of restricting access to specific websites based on the location of the potential client computer. Websites may be geoblocked based on the part of the world in which you live. A computer’s location is determined by its IP address, and by using a VPN, the IP is modified, making it impossible to tell the origin of a request to access the Internet. This fact allows you to gain access to sites that are geoblocked in your area with the help of a VPN service.
  • Corporate VPNs are commonly used to provide workers access to sensitive data from their home office or any other remote location. This will usually be in the form of a remote client implementation where the user will not be able to access the requested resources if they are not connecting through the VPN. Using a corporate encryption standard ensures the safety of enterprise data assets and can be instrumental in preventing a data breach.

Disadvantages of Using a VPN

There are disadvantages that you should be aware of before using a VPN. In some cases, there can be serious consequences involved with using a VPN in the wrong places. Usually, the benefits or necessity of using a VPN will outweigh any disadvantages you may encounter. Here are some factors to consider when using a VPN to enable your Internet traffic.

  • The use of a VPN is illegal in some countries. You should understand the laws in the country or jurisdiction in which you will establish a VPN connection. This is where the concept of Internet freedom and the law clash with each other. Using a VPN may be the only way to obtain information in authoritarian regimes that tightly control Internet access, but it can be extremely dangerous to get caught. In this situation, using a VPN is a personal decision that should not be taken lightly.
  • Using a VPN may result in slower Internet speeds. This is due to the rerouting that is necessary to spoof IP addresses and the processing cycles required for the encryption and decryption of data packets.
  • Configuration of the VPN client may be required, and this may be beyond the level of computer expertise of the average user.
  • Tracking of online activity performed by the VPN provider may be a problem with some VPN services. Check out the privacy policies of your VPN provider before engaging in any activities that you wish to keep anonymous. Ensure that logs are not retained of user activity that may negate the benefits of masking IP addresses. Consider setting up your own VPN to avoid this.

When Should I Use a VPN?

Many situations that require some degree of privacy when users connect to the Internet can benefit from using a VPN service. Here are some examples of usage scenarios where the secure connection of a VPN is necessary or privacy concerning the websites you visit is desired.

In the business world, the use of a VPN is often mandatory for remote workers who need to access a corporate private network. This will most likely be in the form of a remote site VPN. Employees access their worksite by connecting to a VPN that is configured to enable the required level of access through an encrypted tunnel to protect enterprise data assets.

Internet censorship is a problem that manifests itself in many ways. The use of a VPN service provider can get around many of the restrictions that are placed on your web activity. A virtual private network spoofs IP addresses so your location cannot be determined when you open an Internet connection. This will allow you to subvert geoblocking and censorship strategies that are implemented in your locale.

Public WiFi is offered in many establishments as an enticement to customers. Unfortunately, the WiFi connection you are using in a hotel, airport, restaurant, or other facility is probably not secure. Hackers may have compromised the local network and have access to your unencrypted data. You should always use a VPN when accessing the internet from public WiFi, even if you are not transferring sensitive data.

Conclusion

The use of a VPN can address privacy and data security issues that accompany certain types of online activity. Maintaining an anonymous presence on the Internet will help reduce unwanted advertising and enable you to access sites that may be blocked by your ISP. Keeping your data encrypted is always a good idea to protect it from misuse by malicious individuals. In most cases, the advantages of a VPN make its use an easy decision.

If you are in the market for a VPS, Atlantic.Net offers VPS Hosting at eight international locations.

See Additional Guides on Key Cybersecurity Topics

Together with our content partners, we have authored in-depth guides on several other topics that can also be useful as you explore the world of cybersecurity.

UEBA

Authored by Exabeam

What Is TTPs?

Authored by Exabeam

XDR

Authored by Cynet

VPN Resources:

Atlantic.Net – VPN Connection Guide

How to Set Up WireGuard VPN on CentOS 8

How to Install and Configure strongSwan VPN on Ubuntu 18.04

Do I need a VPN?

Censorship Workarounds: VPN as a Service and Other VM Options

Censorship Workarounds: How to Set Up a VPN – Part 2


Read More About Remote Management and VPNs