Types of VPN and FAQs

Welcome to the last part of the VPN Trust Initiative’s three-part explainer on virtual private networks, how they work, and what they’re used for. We’ll besploring the various types of VPN you will encounter, as well as answer some frequently-asked questions. This is Part 3; you may also be interested in Part 2 (Benefits of VPNs) and Part 2 (Benefits of VPNs). This series is delivered by the VPN Trust Initiative (VTI) is a consortium of leading VPN providers focused on improving digital safety for consumers by building understanding, strengthening trust, and mitigating risk for VPN users.

Types of VPN

Remote access VPNs allow the user to connect to a remote network securely. It helps simulate the level of security you’d have by connecting to that network from a safe location. Since work-from-home has become more common, this VPN type has seen a huge rise in popularity as it allows employees to establish a secure connection to a remote work network.

Site-to-site VPNs connect intranets to networks. This is useful for large companies with offices all over the world. While the office intranets are spread out all over the place, the site-to-site VPN connects them into a single, seamless network that employees can use without having to configure and connect to other networks.

Personal VPNs are meant for individual users. Instead of connecting to a different network, it connects users to a VPN server in a secure, encrypted manner. The benefit of this is that when a user accesses a website or service with a personal VPN, said website or service thinks they’re connecting from the VPN server, not their home network. 

VPN Protocols

OpenVPN is an open-source VPN protocol. It’s fast, secure, and compatible with many routers. Because it is open-sourced, its code has been thoroughly examined by cybersecurity experts worldwide. It’s a trusted workhorse but tends to perform worse than IKEV2 and WireGuard.

WireGuard® is a relatively new protocol built to surpass OpenVPN and IPSec in power use and performance with only 4,000 lines of code. As it stands, WireGuard is the fastest VPN protocol available today.

IKEv2/IPsec was developed by Microsoft and Cisco. Its Mobility and Multi-homing Protocol makes it well-suited for mobile devices.

Secure Socket Tunneling Protocol (SSTP), also by Microsoft, isn’t just for that company’s devices. While good for browsing the Internet, its code is in a walled garden, so you don’t know if or when Microsoft is sharing your data, or if any backdoors are maintained.

Layer 2 tunneling protocol (L2TP) simply creates a connection between you and a VPN server, without providing any encryption or authentication.

Point-to-Point Tunneling Protocol (PPTP) was designed for dial-up traffic back in 1999.  It’s fast because it has the bare minimum encryption standards; and has been cracked already by the NSA (and surely others). This one is too old for us to recommend.

FAQs

What is a VPN server?
A VPN server is just a standard internet server configured with VPN software. Your traffic is first routed through the server before it reaches the internet. This allows the VPN to hide your actual IP address and keep your data protected from snoopers.

What is an IP address?
An Internet Protocol (IP) address is a digital label used to achieve communication between networks. It’s used to identify you and your location in the network. A VPN hides your IP address, which prevents websites from gathering information about you. 

What is encryption? 
VPNs use encryption to encode and secure your data. The VPN client and server generate a key when you connect to a VPN. The key is used to encode and decode your data every time it travels through an encrypted tunnel. No third parties have the key, so your data looks like gibberish if they try to intercept your connection.

The security of the encryption depends on the cipher that’s used. The AES 256-bit cipher is considered the best encryption algorithm and is used by the US government, the NSA, and reliable VPN service providers.

What does a VPN hide? 

• IP address
• Location
• Browsing habits
• Internet traffic
• Targeted ads (minimal)

What does a VPN NOT hide?

• Email you use to register
• Credit card information used for purchases
• Googling when signed in to your Google account
• Information you put on social media

Does a VPN make you fully anonymous?
No, a VPN does not make you totally anonymous. In fact, there is no way you can be fully anonymous on the web. What you can do is significantly enhance your online privacy with a VPN. While it doesn’t hide all the traces of your internet use, it encrypts your data, hides your IP, and protects you from trackers.

How secure is a VPN? 

• A VPN is very secure if it uses the best encryption & connection protocols.
• Most security measures are made to be too tedious to crack. For example, an encrypted session could take trillions of years to decode (depending on the computer used).
• Even if someone managed to crack the encryption, many VPN providers have implemented something called Perfect Forward Secrecy (PFS). This means that a VPN client generates a new key every 7 minutes or so. This keeps your private data out of bad actors’ reach.

Congratulations—you’ve reached the end of our three-part series on VPNs!

About the VTI and i2Coalition

The VTI is an initiative of the i2Coalition, the leading voice for web hosting companies, data centers, domain registrars and registries, cloud infrastructure providers, managed services providers, and related tech. The mission of the i2Coalition is to keep the Internet open as an engine for growth and innovation. We work with Internet infrastructure providers to advocate for sensible policies, design and reinforce best practices, help create industry standards, and build awareness of how the Internet works.

If you are part of the Internet infrastructure industry, we invite you to join us.