The Internet is the largest computer network in the history of humanity. While prior to this we had networks spanning entire universities and even individual organizations spread across the country, nothing matches the scope of the Internet as we know it today – a globalized network throughout the world. This connectivity comes at a price. The potential loss of privacy and anonymity over the Internet has led many people to become wary about the services they use online. Just imagine how much work and effort companies put into securing their internal corporate networks. They would be horrified if the entire world had access to it!
It's a truism in networking that the only way to 100% keep yourself secure on a computer system is to physically isolate it from all others. But this approach sacrifices almost all of the tremendous benefits we gain over the Internet. What we need is a way to create our own private network that overlays the Internet. A "Virtual Private Network as it were. And that is exactly what VPN stands for.
A Virtual Private Network is an island of security in the inherently insecure Internet. It has many applications and benefits – both for businesses as well as regular users like you and me. In simple terms, a VPN allows you to securely connect to a remote server somewhere else in the world and allows you to browse the Internet through that computer. This by itself doesn't seem like much of a benefit. But in the rest of the article, we'll see what kind of advantages it provides.
So why would you want to connect to another computer and use the Internet from there instead of accessing it from your own home?
1. Bypassing Censorship
The most obvious reason to come to mind is to avoid censorship restrictions. The standard example is to imagine that you're researching some historical event while sitting in China, and which the Chinese government doesn't want you to know about. This makes it extremely difficult for you to get comprehensive and accurate information about your research topic because most of the best sites dealing with it are closed off to you.
Using a VPN, you could make a secure connection to another computer somewhere else in the world that has unfettered access to the Internet. This allows you to browse and do your research as if you were sitting at the remote server yourself – essentially freeing you from the restraints imposed either by your ISP or by the government.
Of course censorship can be a problem not just in countries, but in organizations such as colleges and corporations as well. VPNs allow you to rid yourself of these restrictions.
2. Security and Encryption
Not only does a VPN let you access the Internet from another computer, it allows you to do so securely. Normally when you browse the Internet, your activities are easily monitored by anyone with the appropriate hardware and permissions. This includes your network administrator, your ISP, the government, or anyone who takes the effort to intercept your line. A VPN, in addition to connecting you to a remote server, will also encrypt all communications between you and that server using state-of-the-art encryption techniques. This means that no one can monitor your activities – not even those who have direct access to your physical network like your ISP.
This is a huge benefit to organizations that wish to communicate securely – like corporations for example who need to be able to devise marketing strategies without the danger of their competitors finding out about them. Or when discussing some highly sensitive political information. Or even when sending confidential copyrighted works to someone else.
The benefits of secure encryption between you and the remote server provided by the VPN network are immense.
3. Privacy and Anonymity
So far, we've only looked at snooping activities on the connection between you and the remote server. But the VPN also hides your IP address from the very services you want to connect to! Under normal circumstances, doing a Google search will tell Google what your IP address is, where you are, who your ISP is, and all kinds of other information. Doing the same search using a VPN through a distant server only gives Google the IP address of THAT particular server!
In effect, you are completely anonymized while using the public Internet through a VPN. Unless you voluntarily provide your personal information like signing into your account for example, there is no way that an Internet service will know anything about you. And most VPN providers take great care not to keep any logs of which IP addresses are connecting to which services. So if you want true privacy and anonymity, nothing can compare to a good VPN service.
Using VPNs on Devices
VPNs can be set up on almost all devices that connect to the Internet. Here are a few examples:
Desktop/Laptop PCs and Macs
These require you to either install the VPN software on your computer, or use the inbuilt settings to configure the VPN. Once connected to the provider, all your Internet activity will be routed through the remote server. A few people have tried to make browser plug-ins for VPNs so that only your browsing activity will go through the virtual private network, but these are unreliable and inherently insecure.
Mobile Devices – Android and iOS
Like PCs and Desktops, you can install apps on your Android or iOS device to connect your phone to a VPN network. However, there are also built-in methods for configuring your mobile phone with a VPN. The exact method you use will depend on the exact service you're using.
Personally, I would prefer to use a separate app whenever available because both Android and iOS can introduce modifications in later operating systems that can change the way I configure my VPN network. I would prefer to have a consistent interface provided directly by the VPN company. However if you have a corporate VPN network, you need to follow their instructions pretty thoroughly as they tend to lock your mobile phone down to make it as secure as possible.
If you manage to connect your router itself to the VPN service, that automatically takes care of every single device connected to it. It's a great solution if you want everyone accessing your router to be automatically secure without having to manually install a VPN service on each and every phone and laptop.
However, not many routers have inbuilt support for VPN networks that allow you to connect to a remote server through them. As a result, the most popular way to connect the router to a remote VPN network is to flash custom firmware for a particular router model. Three firmwares are the most well known. DD-WRT, Tomato, and Open WRT. Of course, this is a very "hacky" kind of solution and definitely not for everyone. It's easy for things to go wrong!
Finally, connecting your router to a VPN service can have its problems if you ever need to switch it off. You'll need to go into your router settings to make the changes. This is in contrast to connecting with a PC or a mobile phone where you can just turn off the program or app. A router is a more "permanent" kind of solution that might not be right for everyone.
If you need to access your gaming network via a Playstation or an Xbox through a VPN, you're out of luck. To my knowledge, neither device supports inherent VPN connectivity. The only way to get them to work with it is by connecting them to a VPN enabled router.
As a typical VPN user, you mostly won't need to bother about protocols. However, it might help to know about the different types so you can choose between VPN service providers and not make a mistake by selecting one that is insecure. So here are the basic VPN protocols that are well known.
This is one of the most well-known open-source VPN protocols. The benefit is that it's extremely secure. The downside is that it can be a bit complicated to set up properly. If you're looking for a VPN provider that offers OpenVPN, make sure that they make it easy to use via their own third-party applications. Otherwise you'll find yourself messing around with certificates and keys and all kinds of other configuration headaches that you're better off not dealing with.
These are actually two protocols bundled into one. The first - L2TP - is a tunneling protocol that allows you to access endpoints that the local network might not. The second is IPsec which provides the security and encryption part of the equation. Together, the two of them work pretty tightly to create a secure Internet environment.
However, there might be some indications that the NSA has made some progress on cracking IPsec encryption, though no one knows for sure.
Shot for "Point to Point Tunneling Protocol" and was developed by Microsoft almost 20 years ago. Due to its ease and speed, it's become a standard for communications - especially those that still use dial up.
Unfortunately, some vulnerabilities were discovered that rendered the encryption breakable within a couple of days. Despite patches, PPTP is no longer recommended VPN protocol.
Like PPTP, SSTP was also developed by Microsoft and is a far more secure option compared to PPTP. Even though it's generally believed to be as secure as OpenVPN – the gold standard for VPN security – the fact that it's owned and developed by Microsoft makes it impossible to verify it from the inside. Also, it's really built only for Microsoft environments and despite ongoing efforts, works erratically on Linux and takes work to use it on a mac.
Hopefully, the knowledge of the security protocols will enable you to make a more informed choice when selecting between different VPN providers. Go for OpenVPN whenever possible since its open-source nature makes it extremely resilient as a result of constant verification and improvements.