What is VPN or virtual private network? A VPN or virtual private network provides a secure layer through which your communication with the internet is safeguarded against the rest of the world. Apart from providing a secure channel, it also allows users to overcome issues related to the lack of accessibility to the internet content due to geo restrictions. It also allows employees of companies to access the internal files and resources lying on the local intranet from a remote location through internet connection without the worries of data theft.
Today, a vast portion of our day to day life revolves around the internet. Whether it is a connection through a wireless or a wired data network, a significant amount of our data gets transmitted on the internet. In this scenario, a lot of questions can ponder over us.
What if this data is compromised? What if someone has the keys to this door? A Virtual Private Network is one of the ways through which all these security and privacy-related issues could be resolved with ease.
There are different types of VPN available in the market, each with a different set of functionalities depending upon your requirements. Moving ahead in the article we will know what is VPN, it types, different protocols in use, etc.
What is VPN?
A VPN is an extension of a private Network over a public network such as the internet. Whenever you connect to a virtual private network, the VPN creates an encrypted tunnel between your system and the remote server. The VPN providing company operates this remote server.
After that, all the internet activity that is performed by you, i.e., the internet traffic, is diverted through this tunnel, which results in protection of your data. Your internet service provider (ISP) and those who are snooping around would end up seeing the IP address of the VPN Server.
The data that reaches the VPN server, after passing through the tunnel, would exit into the public internet. This way no one can intercept the data in between you and the VPN Server. This ensures that a user’s identity is protected at all costs.
Why do we need it? Example scenarios of VPN connection
Each digital communication system, such as a tablet, computer, laptop or a smartphone, has a unique private IP address of its own. Private IP address builds up the internal network or private network through the router.
The router has both public and private IP address. The public IP address is provided by the Internet Service Provider (ISP) for establishing the connection with the internet.
Whenever you wish to visit a website, your request is routed through router’s public IP address. So, the ISP not only knows about it but also able to trace the location from where you might be operating.
This means that the ISP has access to information related to every browsing activity that takes place when any user connects to the internet.
Besides, when you connect to an unsecured or untrusted public WiFi hotspot, you never know if someone is snooping around or not? Chances will be high for such people to gain access to your IP address, private data lying on your smartphone, tablet or laptop. They can know what you are doing on the internet.
However, if you are connected to the internet via a virtual private network, then the ISP or eavesdroppers cannot see your internet activity since your connection is encrypted. At most, they would know the IP address of the virtual private network server which does not belong to you.
One of the other problems that a VPN can solve is related to the opening of geo-restricted websites in a few countries. Several sites are restricted in some countries due to the policies decided by the government of those countries.
For instance, I cannot see several USA based Hollywood movies website in countries outside the USA. A VPN allows people of such countries to access these blocked websites by tunneling their data, i.e., their internet traffic through a country where they are not restricted.
Thus, a VPN might allow you to stream your favorite sports channel in countries where they are restricted, or it can even help you in downloading legal torrent files if the ISP is intentionally slowing it down.
What are the different types of VPN?
Remote Access VPN
A remote access VPN aims to establish a secure connection between the user and a remote computer network. One of the best examples of the application of a remote access virtual private network is when a company employee wants to access company files when he/she is outstation or at home.
There is a VPN software or a VPN client that resides on the employee’s device such as a laptop or any smart device. The employee first logs into it by providing the necessary credentials. The VPN Client then sets up the encryption tunnel through VPN Gateway which is present on the company’s server.
After the connection is established between the two parties, the employee is free to access the internal files and resources without any threat of data theft or any security worries.
Site to Site VPN
Site to Site virtual private network is used to establish connections between two networks. It is also known as a router to router virtual private network. It allows offices of the same company, located in different locations or regions, to connect with each other over the Internet.
In other words, they extend a company’s network which allows offices from other regions to access its network for files and resources.
Typically, a device such as a router or a PIX firewall acts as a VPN Gateway for encapsulating and encrypting all the data that will pass through. Then it sends the data through a tunnel to its fellow VPN Gateway, which is present at the target location.
The VPN Gateway present at the target location would decrypt the data and then feed it to its private network.
There are two ways to utilize the Site to Site VPN’s based on requirements. One is the intranet-based site to site VPN. When one or more offices connect to the private network of a Company, i.e., at its headquarters, the intranet will join the Local Area Network (LAN) of the office to the single Wide Area Network (WAN) of the Company.
Secondly, an extranet site to site VPN can also be used. This is required when data exchange happens between two companies where each of them has their separate intranet.
What are the different VPN protocols?
As mentioned above, the VPN creates an encrypted tunnel to shield a user’s activity on the internet. The form in which the encryption takes place however differs. It depends on different protocols which always have different characteristics and functionality.
Some of the different protocols that a VPN uses are as below –
OpenVPN utilizes open source technology. This implies that whenever a vulnerability is discovered in its practices, the user can alter the source code immediately. Also, it is one of the most secure VPN protocols. Moreover, it is available on almost every platform such as Windows, iOS, Linux, Android, etc.
IPsec or Internet Protocol Security secures the data communication over IP based networks. It can be used with other security protocols to tighten the security level. It operates in two modes which are transport mode and tunneling mode.
The transport mode secures through encrypting the message of the data packet. Whereas, tunneling mode encrypts the complete data packet.
L2TP (Layer 2 Tunneling Protocol)
Layer 2 Tunneling Protocol or L2TP is a tunneling protocol which usually works with another VPN protocol to result in a robust virtual private network connection.
The L2TP/IPSec is a hybrid protocol which combines the advantages of individual protocols. L2TP creates the tunnel and IPSec handles data security as it controls encryption, channel security, and data integrity checks.
Secure Sockets Layer or SSL VPN and TLS (Transport Layer Security)
Online retailers and service providers generally use SSL and TLS for their network security purposes. Here the user is restricted to access a specific application instead of the entire network through a browser which also behaves as a client.
Browsers are well integrated with SSL and TLS. Here the client or web browser forces the URL to HTTPS:// instead of https://. The SSL connection is marked by a handshake, where digital certificates are exchanged.
These digital certificates contain encryption keys, through which the session is authenticated, and a secure connection is created. The PPTP protocol is one of the oldest ones since it has been around a long time, since the time of Windows 95.
Being one of the older protocols, it doesn’t encrypt data. It helps to build a tunnel like that of L2TP and thus requires another encryption protocol to work alongside. However, it remains a robust protocol though not as reliable as the modern ones.
SSH (Secure Shell)
The SSH or secure shell protocol remarkably creates the encryption code as well as the VPN tunnel. The connection established by the SSH protocol transfers the data from a local port to the secured server.
The data thus travels back and forth through these ports making it inaccessible to any other internet service provider.
What to look for while selecting a VPN?
There are many factors to consider when you opt for a VPN. Some of these are related to the amount of security a virtual private network provides, its policies with regards to privacy, cost, speed, etc.
While selecting a VPN, it is vital to look at its privacy policies. This is essential for companies who are providing this service are not public or non-profit organizations.
So, they are here to make money and are most worried about issues which may crop up related to jurisdiction of the government of any country.
Therefore, it is imperative to know the base location of the company from where it is running virtual private network services. The company will be essentially answerable to the laws of the parent country on which it is based.
If the local laws mandate the company to pass on the user’s data at the time of an investigation, then even a virtual private network cannot protect your data.
Websites such as Netflix don’t particularly like virtual private networks. This is because, they have a business model where they come up with geographical based movies, TV series and shows.
So, Netflix USA would have a completely different line up from a Netflix Australia. In short, they hardly entertain any VPN services. So, if you are going to opt for a VPN solely to watch Netflix this season, then I would suggest you check everything before you pay upfront.
Since internet browsing via virtual private network hops through a lot of routes, it is very much possible that the overall process might slow a computer’s downloading and uploading speed. It is vital to keep this factor in mind while selecting a VPN.
Premium virtual private network services might go heavy on your budget. But if you are a small user, then you always have a choice between a Free VPN and a Subscription based VPN. A Free VPN offers excellent features but might log in security aspects. On top of it, most of the free VPN Clients keep a log of your activities.
The free virtual private network also displays contextual ads whenever the user is connected to the VPN. This is a small price that you might have to pay for using a free virtual private network.
Also, if you are looking for ways to stream some legal websites, then a free VPN service would be an ideal fit for your requirements. Although, I have never seen good VPN services on an open platform.
Proxy vs VPN
Proxy and VPN sit in between and make you connect to a remote web server while performing any internet activity. However, they differ in many ways. The proxy does the only job of hiding your device IP address. It might work in scenarios where you want to watch specific YouTube videos or watch movies online in some countries where they are restricted.
But still, the data is not fully encrypted since there is no encryption in place between your device and the remote server. Also, proxy works application wise. For example, you can configure proxy setting for your browser and BitTorrent client. There is no OS level encryption or protection.
In short, if you connect to an unsecured WiFi network then eavesdroppers can still watch your internet activity and might be snooping in.
On the other side, virtual private network not only hides your IP address but also encrypts your data transmission between your device and remote web server. VPN is applied on an operating system level. So, you can operate different applications on the internet without even thinking of any specific configurations.
Over to you
The internet has become one of the mainstays of our life. Therefore, it is imperative to ensure the actions that we perform on the internet is not subject to theft and data stealing. Using a VPN is a step in that direction.