October 21, 2021
VPN Protocols: A Complete Guide for 2024
The average VPN has at least a couple of VPN protocols on offer, but what’s the difference [...]
WHAT’S IN THIS REVIEW?
Disclaimer: Partnerships & affiliate links help us create better content. Learn how.
The majority of users tend to look at VPN servers like a zero-sum game. For example, they’ll look at which provider has the most servers on offer because they think that would signify the best overall service.
This works to some extent, as it gives a good idea of the potential speeds, as well as how many locations you’ll be able to connect to. However, it’s also worth factoring in a provider’s ownership and jurisdiction when deciding on a particular VPN.
Are you confused about VPN servers, and what they actually do? Here’s an extensive guide on everything you could possibly need to know before connecting to one.
A virtual private network VPN) improves privacy and anonymity by creating an encrypted tunnel for user data. It works to mask your IP address and can also be used to access blocked content. This means that a VPN is a great method to bypass censorship.
The server itself is the physical hardware used to route your connection to a specific region. As your data travels through the encrypted tunnel, it needs to be sent to and from these servers to give the appearance of the user being in a different location.
For example, if you’re based in the US and would like to connect to the UK, the VPN client will create an encrypted tunnel between your device and their server, which is hopefully found somewhere in the region you’ve selected.
The server will then connect to the internet, allowing the user to hide their movements as it’ll appear as though they’re based wherever the server is.
The process is the same on the way back, so all data sent to and from your device will be encrypted.
VPN servers are key to a number of features and functions associated with the technology. Beyond being able to route a connection, the user will be assigned a new IP address that corresponds with the region selected. This helps to unblock a range of content.
A VPN server is used to keep your data safe and secure while it’s in transit. The data is encrypted and sent through the secure tunnel according to the VPN protocol you’ve selected.
Of course, the server itself will need adequate protection. In July 2021, Windscribe said it “failed to encrypt company VPN servers that were recently confiscated by authorities in Ukraine, a lapse that made it possible for the authorities to impersonate Windscribe servers and capture and decrypt traffic passing through them.”
That’s just one example of why it makes sense to stick with a provider who cares about the state of their servers. In Windscribe’s defense, they were the first to disclose the issue, noting in a later update:
“We’ve learned about the problem, and delivered a network-wide solution in less than 4 weeks that is aligned with best industry practices. Many of the other companies have 10x the staff we do and were around for 2–3x longer. The fact that the above issues are present in their infrastructure years after these events occurred is simply unacceptable.”
It clearly takes time and effort to maintain a large server network, and there are many potential issues that may arise.
As we’ve mentioned, VPNs create a secure point-to-point connection between your device and their servers for the purpose of added privacy and anonymity.
Many will use a tunneling protocol, which essentially determines how the data is sent to and from your device. We’ve listed some of the most popular VPN protocols offered:
Most VPNs make use of a client app, offering a combination of the protocols seen above, while some are better than others depending on the task at hand.
For example, you might be interested in streaming, gaming, or torrenting with your VPN. Depending on the activity, you’ll likely prefer a speed boost at the expense of privacy, or vice versa. There’s something to suit almost every user.
Some providers also offer proprietary protocols that have been built from the ground up. As they’re designed to work with specific VPN apps and networks, they tend to offer some of the best speeds and security overall.
NordVPN offers NordLynx, using the WireGuard protocol as a basis while ensuring there is no compromise in terms of privacy.
We’ve listed the different types of VPN servers, including commercial hardware and virtual options. What’s the difference between commercial and privately-owned hardware, and should that factor into your decision when selecting a provider?
A number of data centers own server farms in locations dotted around the world. One example would be M247. These servers are sometimes rented by VPN companies who are hoping to expand their services at a lower cost. This doesn’t mean that they’re not as safe as first-party options, depending on their internal procedures.
Renting is a decent option that allows for a wide range of locations to choose from. A provider can also opt for co-located servers.
Typically, these are stored on-site within the data center, and they can only be physically accessed by VPN staff. They’re kept under lock and key, just in case there is an issue. (They can also be accessed remotely by the VPN provider, so the servers can be controlled without having to be there.)
Otherwise, they’ll rent the servers directly from the data center, and they’ll be placed along with the others. This is more of a risk in terms of security, although they can still be monitored remotely.
The point is, co-located servers aren’t necessarily a bad thing, and offer a cheaper alternative compared to owning and operating servers on foreign soil. Renting them directly is less secure, but there are still steps in place to protect these servers.
NordVPN deploys diskless servers, which store no data or configurations on-site. In 2020, they introduced co-located servers that can be found in Finland.
“Co-located servers are fully owned, maintained, and managed by NordVPN. The complete ownership of our servers guarantees that we stay in control of their configuration and security.”
NordVPN
They outline the terms of the deal:
“Our partners provide the facilities for storing the servers, along with a continuous power supply, stable internet connectivity, and strict security…The co-located servers in Finland are just the start of our infrastructure overhaul. We’re planning to update our server network further, so more of NordVPN’s servers will be under our complete ownership by the end of the year.”
Some providers have taken it a step further, opting to own or control their entire network.
For example, servers owned by VyprVPN span the entire world. Server clusters are located in North America, South America, Europe, Asia, Africa, and Oceania (with 700+ VPN servers total). They also have over 300,000 IPs on offer, and they won’t be shared with other companies according to them.
IPVanish is another VPN that owns and manages its network rather than renting the necessary hardware, offering an impressive solution with nearly 2,000 servers in 75 locations. The majority are located in the United States, United Kingdom, and Australia.
Ideally, a provider will own the entire network, ensuring maximum security if the servers are also stored on-site. This means that they’ll have full autonomy, and they won’t have to rely on outside means to ensure that your data is safe and secure.
It’s helpful for configuring updates quickly, and nobody else will have access. From a security perspective, it’s hard to beat an in-house network.
What if a VPN service would like to set up servers in a region like China or Russia, which have traditionally banned or limited the use of private networks in some shape or form?
A virtual server location is a suitable solution. For example, the server might be physically located in Hong Kong, but will offer users a Chinese IP address to access local content. They’re sometimes described as “fake” locations, but it’s not necessarily a problem as long as the service is transparent about where you’re connected to.
A prime example would be ProtonVPN. Their network, Secure Core, routes network traffic through servers in privacy-friendly countries like Switzerland or Iceland for superior privacy and security. They clearly state, “Secure Core servers and networks are fully owned and operated by ProtonVPN for extra safety.”
The level of protection offered by a VPN will differ depending on their server setup, and whether they rent or own the hardware/location used to host the virtual server.
A physical server will be able to host multiple virtual VPN servers, making it tempting for services aiming to save money. However, this can be an issue if they rent virtual space on a physical server and also host their VPN there.
It’s possible to set up a personal VPN from the comfort of your own home, given the right know-how. It’ll depend on your internet speeds, and it’s inadvisable if you have a data cap in place.
This can be done via a router or by taking advantage of a cloud-based solution with a virtual private server (VPS). For most users, it’s more likely to be the latter, unless you happen to own an expensive router that offers support out of the box.
Of course, you won’t be able to unblock content from other regions as your personal VPN will still be in your current location. It’s also significantly more difficult to set up than commercial options, which is why they’re preferred by the majority of users.
A personal VPN server is still a viable option for advanced users, removing the man in the middle from the equation.
What about if you want to download torrents or privacy while browsing the internet? Here are the various VPN server types and what they’re typically used for.
As the name implies, a standard server will encrypt your traffic and mask your IP address. It’s one of the more commonly used options and is handy for a range of tasks. If you connect to a random server, it’s likely to be one of these.
For an added layer of security, Double VPN servers encrypt and send user traffic through two servers. This will lead to some slowdown, but it’s recommended for anyone from political activists to journalists. (However, Double VPN is only offered by some providers, such as NordVPN.)
Onion Over VPN works as a standard server. However, traffic is also routed through the Onion network as well, adding an extra layer of security. As with Double VPN, this can lead to some slowdown, but it is a highly secure method of connecting to the internet.
Obfuscate means to “make obscure, unclear, or unintelligible.” As such, Obfuscated servers attempt to hide the fact that the user is connected via a VPN in the first place. These servers are meant to be used in countries where VPNs are heavily restricted like China or Russia.
P2P (Peer-to-Peer) servers are designed for file sharing, although they can also be used as a standard VPN server. These are useful for torrents or other types of P2P technologies like torrenting sites.
Dedicated IPs offer an individual IP address that is assigned to the user, rather than the generic shared addresses used when you connect to a standard server. However, this tends to be a premium feature that isn’t offered by many providers and usually costs an extra fee.
What about free VPNs and the servers they use? Unfortunately, maintaining a large commercial network is prohibitively expensive, making it almost impossible to provide a quality service at no cost to the user. Between free VPN pros and cons, you can guess which are greater.
Some premium providers will offer a location or two as a taster to entice new customers, but they’ll often limit the time in which you can use the VPN, or slow down your connection speeds in an effort to save bandwidth for paid users.
They still tend to be a far better option in terms of privacy. You can check out the likes of AtlasVPN or Hola VPN if you’re looking for a freemium tier that will take care of your data, too.
If you’re not paying for the VPN, it’s likely that you’re the product, be it due to them selling your data or using customer metrics for advertising purposes.
They may also struggle to keep up with bugs or issues when compared to premium services. We wouldn’t trust the majority of free providers, and they’re unlikely to have been audited.
They’re also useless from a content perspective, as the majority of IP addresses will have been blocked while being used by others. Freemium VPN providers are also unlikely to have as many servers or locations on offer compared to premium VPNs.
Many free VPNs will simply rent virtual space within a physical server located elsewhere that can be used for a variety of online tasks. You’re better off sticking with a dedicated service like NordVPN that has the resources to ensure that everything works properly, with servers that can be trusted.
VPN servers can be physical or virtual and combine the use of hardware and software to allow the user to connect to a secure network. It’s reasonably technical, but you’ll be able to get started easily with the use of a client app that removes any hassle. (After all, you just need to sign in to your VPN app and select a server location to begin in most instances.)
First-party servers are preferable, but companies who stick to their own tech will probably have smaller networks. They also come with added peace of mind, especially as many VPNs are reticent when it comes to spelling out exactly how they’ve built up their network and how many physical servers they actually own and operate. However, rented servers aren’t as bad as they’re made out to be, and are especially helpful if you’re hoping to unblock content from a range of different regions.
It’s not as simple as looking at which VPN provider has the most servers on offer. Instead, ask yourself, “Are the majority virtual, or do they rent or opt for co-located servers? What speeds can you expect to achieve, and do their servers get overloaded at peak times?”
Finding out the answers to those questions will ensure that you’re better equipped to pick the right VPN provider. And, before selecting a provider, server, and protocol to use, think about the main reason why you’re planning to connect with a VPN.
If privacy and anonymity are your main concern, pick a server nearest to your physical location. (Ideally from a co-located trustworthy premium service like NordVPN.)
For unblocking content, you’ll need to pick a VPN for streaming with a server located in the region you want to connect to. They’ll also need to have servers with fresh IPs that can be used to access streaming services, so we’d stick with one of the better-known VPNs that have put effort into maintaining an impressive network.
WHAT’S IN THIS REVIEW?
Cookie | Duration | Description |
---|---|---|
__cfduid | 1 month | The cookie is used by cdn services like CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information. |
cookielawinfo-checkbox-advertisement | 1 year | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement". |
cookielawinfo-checkbox-analytics | 1 year | This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics". |
cookielawinfo-checkbox-necessary | 1 year | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-non-necessary | 1 year | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non-necessary". |
cookielawinfo-checkbox-performance | 1 year | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 1 year | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-functional | 1 year | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-others | 1 year | No description |