What Is a VPN, and How Does It Protect Me?
A Virtual Private Network (VPN) routes a device’s internet connection through a private service rather than the normal way through the user’s Internet Service Provider (ISP). Using a VPN creates a private, encrypted tunnel through which a user’s device can access the internet while hiding their personal information, location, and other data.¹ The user is essentially forwarding all their traffic through the VPN client and server to mask and protect their data.
As seen in the above infographic, without a VPN, you would just connect to your ISP and then to the internet with no additional protection. When using a VPN, it hides your online traffic and IP address while masking your virtual location, browsing history, downloads, and streaming activity. You stop ISPs, websites, restrictive governments, and cybercriminals from keeping an eye on you. Did you know that your ISP can even see your activities in private browsing mode (incognito mode)? Even though incognito mode doesn’t store your cookies, local data, and search history on your device, your ISP can still see your activity.² Even though there are some laws to protect against ISPs from selling your data, there is still a possibility that it’s happening.⁷
While a VPN is great for protecting many aspects of your online life, it doesn’t hide everything. Things that VPNs don’t hide are your account activity (if you’re still logged into say Google and use the search function), your identity on social media and other platforms, your search history from websites you visit (ISPs and third parties still cannot see this if you use a VPN), cookies that are already on your device (you would have to clear your internet cookies from your device beforehand to combat this), and threats online (such as malware or viruses).² It’s always advisable to have a good antivirus/antimalware software running on your computer even if you are using a VPN for an added layer of protection.
There are definitely pros and cons to using a VPN, so you will have to figure out what you value and see if a VPN is right for you.
Advantages
- Privacy
- Security
- Access to home content from abroad
- No more bandwidth throttling (from your ISP)
- Censorship bypass³
Disadvantages
- Slower connections
- Some VPNs are insecure
- Subscription costs
- VPNs are banned in certain countries
- Incompatible with certain devices
- Not protected from voluntary data collection³
I think it’s clear that the advantages naturally outweigh the disadvantages if you value your privacy, have enough money, and are savvy enough to traverse the internet safely. Just be sure that the VPN is reputable and the service is secure. You can test for DNS leaks via DNSLeakTest.com. Your IP address should show whatever country you have assigned the VPN to. You can do a Web Real-Time Communications (WebRTC) Leak Test to check to see if any activities like streaming, video chatting, or transferring files are leaking your data. There is also a link on the WebRTC Leak Test website to learn how to disable WebRTC if you do find leaks on your device. It is recommended to try these leak tests before you start your normal browsing activity while connected to your VPN.⁴
All VPN services use VPN protocols, but there are a few different varieties of them. Let’s look at some of them to get a better idea of what we are working with.
- Point-to-Point Tunneling Protocol (PPTP)
- Layer 2 Tunneling Protocol (L2TP)
- Secure Socket Tunneling Protocol (SSTP)
- Internet Key Exchange Version 2 (IKEv2)
- OpenVPN¹
PPTP is one of the oldest protocols still active on the internet, and it was created by Microsoft. It uses the Transmission Control Protocol (TCP) control channel and Generic Routing Encapsulation (GRE) tunneling protocol. PPTP relies on Point-to-Point Protocol (PPP), which is a Layer 2 communications protocol directly between two routers, so that security functionalities may be implemented.¹
L2TP combines PPTP with Layer 2 Forwarding (L2F) tunneling protocol. It strengthens the data tunnel provided by PPTP, but it doesn’t provide any encryption or privacy capabilities. So, this protocol is usually bundled with a security protocol such as Internet Protocol security (IPsec).¹
SSTP was created by Microsoft and is more secure than the previous protocols. It transports PPP traffic through the secure sockets layer/transport layer security (SSL/TLS) channel. This enables encryption, key negotiation, and traffic integrity checking.¹
IKEv2 handles request and response actions to ensure traffic is secure and authenticated. It establishes the security attributes of the device and server, then authenticates them, and agrees which encryption method is best to use. It supports 256-bit encryption and allows Advanced Encryption Standard (AES), Camellia, and ChaCha20 to be used. IKEv2 is generally used to secure mobile devices and is quite effective.¹
OpenVPN is considered the best open-source VPN technology available. This free software uses pre-shared certificates, secret keys, and usernames/passwords to authenticate every device or server. It uses Open Secure Sockets Layer (OpenSSL) encryption library and TLS alongside a custom protocol using SSL/TLS for key exchange. It basically offers the same protection as established protocols but on a wider scale.¹
I hope this article has convinced you of the importance and usefulness of VPNs. If you found it helpful or useful, I would appreciate you sharing this article to help further spread information about cybersecurity and increase awareness in the community. As always, keep on learning everyone!
Connect with Me on LinkedIn
I am always looking to expand my network in the cybersecurity community, so add me on LinkedIn, and let’s chat!
Buy Me A Coffee
If you appreciated the article or learned something valuable, consider buying me a coffee via the button below. Supporting me helps me stay motivated to write great educational content for everyone. No pressure, but I sincerely thank everyone that helps out. If you have any topics you would like covered, write them in a note, and I will try my best to write an insightful article for you.
References
(1) Fortinet. (n.d.). How Does a VPN Work?. Retrieved on 5/19/2024 from https://www.fortinet.com/resources/cyberglossary/how-does-vpn-work
(2) Globyte, Ema. (2023, December 13). What a VPN hides (and what it doesn’t). NordVPN. https://nordvpn.com/blog/what-does-a-vpn-hide
(3) Šlekytė, Irma. (2024, May 16). VPN benefits: Pros and cons for personal use and business. NordVPN. https://nordvpn.com/blog/benefits-of-vpn/
(4) Turner, Gabe & Vigderman, Aliza. (2024, Janaury 12). How to Check if a VPN Is Working. Security.org. https://www.security.org/vpn/test/
(5) Perunicic, Kristina. (2024, April 2). Pictures from VPN Protocol Comparison — Speed, Security & Ease of Use. vpnMentor. https://www.vpnmentor.com/blog/vpn-protocol-comparison-pptp-vs-l2tp-vs-openvpn-vs-sstp-vs-ikev2/
(6) aster cloud. (2019, October 18). Pictures from What Is A VPN? Do I Need One?. https://aster.cloud/2019/10/18/what-is-a-vpn-do-i-need-one/
(7) Meyer, Bernard. (2021, October 11). ISP selling data: why you should actually care. cybernews. https://cybernews.com/privacy/isp-selling-data-why-you-should-actually-care/
