A VPN stands for Virtual Private Network and is a means of connecting through a network over a secure encrypted connection to secure all data in transit.
When you connect to a VPN you effectively tunnel all your network traffic through another server through a secure connection which then makes requests and or retrieves data on your behalf.
This technology enables data to be transmitted securely over networks with poor security such as wireless networks at hotels, coffee shops or other public locations.
These networks often have weak passwords and are vulnerable to traffic analysis attacks whereby a malicious user can intercept all traffic and potentially capture emails, messages, images and or voice & video data such as video calls.
Most VPN technologies will utilize different network protocols, here are the most common ones associated with the technology.
- IPSec: This is a set of protocols formulated by the IETF to facilitate the secure exchange of packets on the IP layer, IPSec has two encryption modes which are the transport and tunnel.
- PPTP: The Point-to-Point Tunneling protocol was made in order to create VPN’s by Microsoft and other technology vendors collectively known as the PPTP forum.
- L2TP: This stands for Layer 2 Tunneling protocol, it is an extension of the PPP protocol that allows internet service providers such as Telstra to operate VPN servers.
Uses for a VPN
Virtual private networks have a number of different uses, their most common use is by organizations who have large teams or operate in multiple locations.
A VPN in this case would facilitate the sharing of files between people from different locations that may potentially be insecure or not abide by company standards for network security.
Another use of these networks is to circumvent content blocking systems which may restrict access to content based on the country of the user. For example a video may only be available in the United Kingdom and not available to users located in Poland.
In this example a VPN server located in the UK could be used to access the content for the user in another country.
The biggest advantage of using a VPN is the fact you can establish secure connections when traveling and unsure of the security of your current network.
They can also help by adding a level of privacy by safeguarding your network traffic from malicious adversaries on the network or from websites actively tracking your movements around the web.
Potential disadvantages & The dangers of using free VPN’s
The major disadvantage of using a VPN is that you are trusting the server to safeguard your information, just because your connection to the server is encrypted doesn’t mean the provider isn’t logging data or worse engaging in data mining with your sensitive information.
This concern is mostly an issue with consumer VPN apps particularly “free vpns” for both desktop and mobile devices which will often weaken security more then they claim to improve and may even perform other nasty actions like inject malware or ads into pages you visit.
In order to overcome this problem you can use various open source software such as OpenVPN which allows one to set-up his/her own server which can be configured to connect from desktop and mobile devices. Other disadvantages of using this technology is that depending on where the server is located your internet connection may be much slower as the data will need to be encrypted first which can slow down load times for websites and applications.
Differences between an access VPN or tunnel
VPN tunnel: A tunnel is the most common form of VPN server commonly called a “privacy vpn” as it will direct the entire network traffic of a device through a remote server. All requests are then funneled through the server and made on behalf of the client. Tunnels are most commonly used by consumers
Access VPN: This type of server is set-up purely for the purpose of allowing remote connections (usually to an internal network or locally hosted service), it commonly used by enterprises to allow employees to remotely access the corporate network securely so they can access their files.
A system like this won’t protect all network traffic but only aid in establishing a secure encrypted connection to the network or server configured by the organization.