The use of Virtual Private Networks – or VPN for short – has received a new boost with the Corona crisis: Home office employees should ideally access the company network in an encrypted and secure form. In today’s post, we’ll go into how VPN works and types and explain the benefits but also the downsides. We also give tips on choosing a suitable VPN provider. Read on and find out what makes a good Virtual Private Network!
Virtual Private Network: What Is A VPN?
The abbreviation VPN stands for “Virtual Private Network”; in German: virtual private network. Such a closed and logical network is not built up by hardware but exclusively virtually. VPNs are mainly used for secure data connections. All types of virtual private networks have in common that a protected network connection is established using public networks. Users must authenticate themselves for the encrypted connections of a VPN.
Different Types of VPN
Virtual Private Networks are divided into different types:
- SSL VPN: SSL VPN is based on the SSL or TLS standards – hence the name. SSL VPN can be a valuable alternative to IPsec as a remote access VPN. Without tunneling, SSL VPN can be used for extranet or remote access applications; this type of VPN is less suitable for networking locations. SSL VPN solutions are usually implemented using hardware boxes; an HTML5-capable browser is also required. Access from the home office to the company network is protected via SSL VPN with a username and password.
- Site-to-Site VPN: Site-to-site VPNs are private networks designed to obfuscate private intranets and allow users of those networks to access resources securely. This type of virtual private network is beneficial when a company with multiple locations has its local networks connected to the vast area network (WAN). This form is also helpful if files are to be sent between two separate intranets without users accessing the other from one intranet. Complex implementation and less flexibility than SSL VPNs make site-to-site VPNs more usable in large enterprises. They are suitable for securing communication within and between departments.
- Client-to-Server VPN: To be able to use Client-to-Server VPN, a VPN client must be installed on the computer. Once this is done, home office or remote employees can dial into the company network via a secure connection. Afterwards, acting is just as possible as if the employee were sitting directly in the office. Users do not connect via their internet service provider (ISP) but via the VPN provider. This brings a clear advantage: a shortening of the tunnel phase. The VPN automatically encrypts data before it is made available to users.
- End-to-end VPN: End-to-end VPNs are used to connect two clients. One client is inside, and the other is outside of a network. For example, users can gain direct access to a server in the network. VPN software is required for both clients to establish the VPN tunnel. However, the connection is not shown directly but instead takes a detour via a gateway that the clients have to connect to. The gateway takes care of the interconnection of the two established connections and the direct communication between them.
- Mobile VPN: Mobile VPNs provide uninterrupted connections for mobile devices such as smartphones and tablets. This makes it possible to exchange data between wireless and wired networks.
Characteristics of Good VPNs
Finding a good VPN solution helps to be clear about what you want from a VPN solution. Of course, the virtual private network itself should be protected against compromise. Other properties include:
- Encrypt IP address: Hiding IP addresses from ISP and other third parties is one of the main tasks of VPN; this property is therefore indispensable.
- Protocol encryption: Another core function of VPNs is the avoidance of traces on the Internet such as search history, cookies or Internet history. Encrypting cookies, for example, prevents confidential information from being intercepted by third parties.
- 2FA: Strong VPN solutions check every authentication – for example, through two or multi-factor authentication. This makes it very difficult for unwanted third parties to access your secure connection.
- Kill Switch: Logically, interruptions to the VPN connection also interrupt the secure connection. Good VPNs detect any downtime and terminate pre-selected programs. In this way, you reduce the chance of data loss.
The Advantages of Virtual Private Networks
VPN connections disguise data traffic on the Internet and protect against unauthorized external access. Even in public networks, activities on the Internet are efficiently hidden thanks to Virtual Private Networks. VPN users also conceal their whereabouts. Since the location data from the VPN server can come from other countries, the user’s location cannot be determined.
In some countries, web content is blocked or not approved for access anywhere. This may be the case, for example, when websites contain content that can only be accessed from certain parts of the world. VPN location spoofing can prevent this: users can switch to servers in other countries so that the location can be “changed”.
Quite a few company employees work outside of the internal company network, but access to information must still be ensured. However, this must be done over a secure connection. VPN connections are the method of choice here: Risks are reduced with an encrypted connection to private servers.
A further advantage is the cost savings that can result from doing without physical leased lines. VPN solutions impress with high availability thanks to good network coverage and user-friendliness. Most Virtual Private Network solutions can be deployed without much effort.
Virtual Private Network: Risks and Disadvantages
Like everything in life, the VPN medal also has two sides: There are also disadvantages and risks when using a virtual private network. For example, the VPN solution may reduce Internet speed. Whether this happens depends not least on how far apart the server and client are from each other and what type of encryption is used. Therefore, it is essential to find out about the quality of the connection before deciding for or against a VPN solution. There are some configuration tricks with which the speed can be increased again:
- Change log settings. The UDP internet protocol provides faster internet connections, but there may be loss instability.
- Change server location. Choose a location closer to the server to increase speed again.
- They are wired instead of wireless. Wired connections often provide faster links than wireless alternatives.
The Virtual Private Network aims to protect the privacy of users – depending on the provider. However, the opposite can also be achieved. Choosing the wrong VPN provider does not necessarily improve data protection – free offers, in particular, should be viewed critically. Sufficient information in advance is necessary here: Research the technology behind the VPN solution and the developer; read test reports and experiences of users and only then decide for or against a resolution. As a rule, risks do not exist with the VPN process itself but with the provider, which is why a detailed pre-selection is also crucial.
As mentioned, free plans aren’t an option – and this can lead to another downside: you have to pay fees for your VPN solution. Also, get an overview of the costs. Compare them to the performance and the test results or user ratings, and only decide once you have all the necessary information.
One of the most significant risks with VPNs is that service providers do not hide the IP address. In such cases, one speaks of IP address leaks. Servers and devices with which users communicate can use the IP address to find out that users are the source of the data traffic. On the other hand, if the VPN solution reliably conceals the IP address, the VPN service provider is understood as the source of the data traffic and the user’s identity is protected.
Many VPN service providers offer their DNS servers. This makes sense because it allows DNS queries via encrypted tunnels; outside the tunnel, the queries could be intercepted and logged. However, DNS leaks allow external DNS server providers (usually ISPs) to view and track online activity.
Virtual Private Network: Choose a Trusted VPN Service
The Virtual Private Network can help increase privacy and data protection – however, it is of utmost importance to be critical when choosing providers. Please keep in mind that VPN providers may be able to see your internet traffic. Remember, if your VPN provider is compromised, so is your organization. Therefore, the first step must be to choose a trustworthy VPN provider.
VPN solutions are no longer only available for stationary but also for mobile devices so that mobile data traffic can also be kept anonymous. It is also important to remember that a VPN is only one part of the security tools in a company: With a VPN, you only protect and anonymize data traffic on the Internet. Your VPN connection does not protect against hackers or ransomware, so additional building blocks are indispensable for your security.