What is a VPN?
VPN (Virtual Private Network) enables the establishment of a secure Internet connection. This is privacy-oriented Internet security software that disguises users’ IP addresses and encrypts online data traffic. No one who intercepts the encrypted data will be able to read it.
When you establish a VPN connection, you connect to a remote server of your VPN provider. You will be assigned a different IP address that matches the server’s local location. This changes your online identity because it appears to third parties as if your actual location is completely different.
How does a VPN work?
If your data is transmitted unencrypted, it can be viewed by anyone who has access to the network. For example from your internet provider. A VPN creates a private “tunnel” between your device and the internet. This protects your data using encryption.
The VPN server acts as an intermediary between your device and the target site. The target page responds to the VPN server’s request and sends the data back to the VPN server. There is no direct data exchange between you and the target page.
In order to connect to the VPN server, you need to install an application on your computer or mobile device. This application creates a virtual adapter on your device.
VPN connection simply explained:
- A VPN program encrypts Internet traffic on your device (before it is sent). Encryption keeps your data private.
- The encrypted data is sent to the VPN server.
- The VPN server decrypts the data and sends your request to the target site. The landing page only sees the IP address of the VPN server, so your IP address remains private. The IP address contains information such as the geographic location of your computer,
- Once the VPN server receives a response from the target site, it encrypts the data and sends it back to your device.
- The VPN program on your device decrypts the received data.
What types of VPN are there?
- The remote access VPN or SSL VPN is often used by companies so that employees can access the protected company network and all its resources from anywhere if they have Internet access. Users can easily connect to an SSL VPN using any web browser.
- The site-to-site VPN is mainly used in large corporations. This gives users at specific locations access to the networks of other locations. In this way, all locations are networked with one another, so that all relevant parties can access the group’s own information and resources in a very secure manner.
- The majority of personal VPNs are personal VPNs . They are similar to SSL VPNs, but you’re not connecting to an already protected network like your corporate network. Instead, you connect to your VPN provider’s server.
What VPN protocols are there?
There are various ways in which your end device connects to your provider’s VPN server. Various encryption protocols are used here, which have been developed for different requirements and determine the speed and performance of the connection. There are many different VPN protocols, of which we will now introduce you to the most common:
- PPTP: was developed by Microsoft in the mid-1990s. However, as technology progressed, PPTP’s encryption was quickly cracked. Although PPTP is still used in some applications, most providers are now using faster and more secure protocols.
- L2TP/IPSec: The Layer 2 Tunnel Protocol is the successor to the PPTP protocol. The protocol does not have any encryption and is therefore often used together with the IPsec encryption protocol. Once implemented, L2TP/IPsec is extremely secure. So far no security gaps are known.
- IKEv2/IPsec: IKEv2 (Internet Key Exchange Version 2) is a widely used VPN tunneling protocol. Similar to L2TP, IKEv2 is often used in conjunction with the IPsec encryption protocol.
- OpenVPN: is currently the most popular protocol because it combines high encryption standards with excellent performance. Since this is an open source solution, the source code can be viewed by anyone. OpenVPN supports clients on numerous operating systems including Android, all BSDs, Linux, Mac OS X, iOS, Solaris, Windows 2000 and newer.
- WireGuard: is one of the newest VPN protocols. It was developed with a focus on speed and security. It features a compact code base limited to ~4k lines of code. WireGuard uses advanced encryption algorithms but is still under development and should therefore be used with caution.
- Catapult Hydra: is a proprietary VPN technology developed by VPN provider Hotspot Shield. Catapult Hydra is designed to speed up data transfer between the VPN client and the server while maintaining a high level of security and encryption. Catapult Hydra uses a novel method of data compression that reduces the size of data packets before they are sent through the VPN tunnel. As a result, less bandwidth is required and the transmission speed is increased. Catapult Hydra’s security is guaranteed by strong 256-bit AES encryption. The protocol is not open source. Audits by external security consulting firms are not yet available.
The purpose of encryption
Normally, data traffic on the Internet is not encrypted. For example, when you call up the URL of a website, the data first ends up on the server of your Internet Service Provider (ISP). If, on the other hand, you use a public WLAN, for example in a café or on the train, then the data traffic runs via the server of the hotspot provider. This comes with some risks:
Data theft
If you enjoy going online on freely accessible networks without a VPN, you make yourself an easier target for hackers. The consequences could be drastic: from identity theft to character assassination; from blackmail attempts to emptied accounts. On the other hand, if you use a VPN, all of your data traffic is encrypted, which makes you virtually invisible to attackers.
Tracking
In addition to cyber criminals, there are many other third parties interested in your data who take a very close look at your online activities. Everything you do online is recorded and analyzed in a variety of ways.
Your ISP collects and logs all your data and may sell it to corporations and the state. There is also always a risk that your data will be captured by hackers. Corporations like Google or Twitter make billions in sales with advertising. They collect and trade your data. They even create user profiles that reveal intimate details about you.
For example, the state collects biometric and movement data from its citizens, which has played an increasingly important role in the corona pandemic. Dictatorships such as China, North Korea or Turkey go several steps further and censor unwanted content without quarter.
With a VPN connection, your internet service provider can no longer determine what you are looking for on the web, which sites you visit and how often you visit it. You also protect yourself against tracking to a certain extent, since you are surfing the net with a foreign IP. It gives an incorrect location, which makes correct localization impossible.
Corporate networks
In the course of the corona pandemic, millions of people suddenly found themselves working from home from one day to the next. For security reasons, company networks can only be accessed via your own intranet. A VPN tunnel can be used to establish a secure connection to this intranet. The data is also encrypted during transfer, so that the risk of data leakage can be classified as low.
Bypass geo-blocking
Geo-blocking is also used to block websites for visitors from certain countries or to load the pages of an online shop in the visitor’s language. Some shops also offer their products cheaper in some countries than in others.
A VPN is the easiest solution to bypass these country blocks. If you’re outside the EU and want to stream like you’re at home, all you have to do is connect to a EU VPN server. On the other hand, choose a VPN server in the USA if you want to use US streaming offers. You can also avoid price discrimination in online shops with a foreign VPN server.
On which devices you can use VPN
Many VPN providers have solutions for a variety of Internet-enabled devices. In addition to the PC, there is VPN software and setup options for:
smart phone
laptops
tablets
Smart TVs
game consoles
streaming boxes
streaming sticks
Good VPN providers
There are currently more than 200 VPN services on the market. Unfortunately, most services – especially the free ones – have bugs, bugs, and other flaws that compromise security and privacy.
Important criteria for VPN selection:
- Logging Policies: Choose a VPN provider that keeps no or few logs
- Encryption methods and protocols: Find out what protocols the VPN provider offers.
- device compatibility
- Server and connection speed
- Trust / Security Audits : The VPN industry relies on reputation and trust. Although VPN providers often promise not to collect logs about their users, these promises are often not kept. Find out if independent safety reviews have already been conducted.
- Avoid Free VPN Access: Free VPNs may sound tempting, but even these providers need money to run the service. This revenue mostly comes from the sale of user data.
NordVPN
NordVPN is a suitable VPN provider for almost every user. With NordVPN, you get excellent security, excellent support, and access to 5000+ high-speed servers. NordVPN supports up to six devices simultaneously. All data is encrypted with 256-bit.
NordVPN has a strict no-logs policy. NordVPN is based in Panama, where companies are not required to log user data.
ExpressVPN
With over 3,000 servers in 160 locations in 94 countries, ExpressVPN is also one of the leading VPN providers. ExpressVPN offers intuitive apps for Mac, Windows, Linux, but also for iOS, Android and even BlackBerry.
ExpressVPN costs a lot of all of this, because the subscription is up to four times more expensive than the competition.
For more information on ExpressVPN, see our article ExpressVPN review 2023
Free VPN Services
We cannot recommend free VPN services. VPNs cost a lot of money to deploy and operate, starting from the network lines to the servers. This infrastructure has to be paid for somehow. If not through user fees, then for example through advertising or the resale of user data.
