A virtual private network (VPN) is a way to add security to online connections and preserve privacy through encryption. Individuals and businesses that deal in sensitive matters and wish to conceal their online activity tend to utilize VPNs. By creating an encrypted, point-to-point tunnel on which the data travels, their online identities and IP addresses are hidden.VPN connections are typically established between a user device such as a laptop and a VPN server.
This article covers the primary types of VPNs, what is needed for each and their main use cases.
Types of VPNs: comparison table
|Private and secure connectivity for individuals.
|Employee and branch offices when secure connectivity is an occasional rather than a continual need.
|Permanent connection to head office.
|Users who travel frequently, especially internationally.
A personal VPN is meant for personal use as opposed to business use. Although some businesses try to save on budget by employing them, they really only belong in individual use cases. Those using them increase internet connection security by cloaking browsing and email traffic in anonymity. It also shields traffic from snoopers, whether they are Internet Service Providers (ISPs), government monitors, advertisers or cybercriminals. Like all VPNs, a virtual tunnel enables traffic to pass through confidentially. This ensures that data can’t be monitored, intercepted en route or altered in any way.
Here’s a list of personal VPNs we’ve tested:
- TunnelBear has a very user-friendly, bear-themed interface; its ease of use and free subscription option make it attractive to first-time VPN users.
Read our full review of TunnelBear.
- Proton VPN provides multi-hop connections—specifically designed to protect against government surveillance.
Read our full review of ProtonVPN.
- Surfshark VPN allows users to connect an unlimited number of devices simultaneously—a unique capability among VPNs.
Read our full review of Surfshark.
When to use a personal VPN:
Personal VPN use cases include:
- Protection of personal devices from external attacks or exploitation.
- Secure connectivity between the user’s mobile devices and their desktop, server or network.
- Anonymous personal browsing.
A remote-access VPN is designed to establish a secure and encrypted connection between a remote user’s device and an organization’s internal network. Companies typically use remote-access VPNs when they have remote employees and need to ensure a safe connection.
Remote-access VPNs are typically inexpensive and provide a greater level of security compared to personal VPNs. However, businesses using a remote-access VPN should watch out for permissive permission policies. If one user has too many permissions, they may be able to access the data of other users in that VPN if they can obtain one password. Further, malicious insiders can utilize the privacy of the VPN to exfiltrate sensitive data.
Here’s a list of reputable remote-access VPNs:
- NordVPN features include multi-hop connections, split tunneling, traffic routing and file-sharing and access to a wide range of additional security services.
Read our full review of NordVPN.
- NordLayer offers third-party authentication, dedicated servers and access and security for bring your own device (BYOD) users.
- Check Point Remote Access VPN offers multi-factor authentication, auto-connection, centralized management and compliance scanning.
When to use a remote-access VPN
- Remote-access VPNs are primarily used when employees are off-site and want to securely connect to the corporate network.
- When people want to access a private network from a public area, sometimes they choose a remote-access VPN.
- Internet Protocol security (IPSec) teams often make use of remote-access VPNs when forced to operate on public Wi-Fi or less secure networks.
- Those wishing to mask their location when operating on public networks should consider a remote-access VPN.
- Some regions restrict content based on location so users may rely on a remote-access VPN to bypass geographic restrictions.
- Prevention of ISP and other third-party tracking can be done using remote-access VPNs as providers aren’t able to log and track browsing history via a device’s IP address.
A site-to-site VPN makes use of a secure gateway to link a corporate network with other networks. Using a site-to-site VPN doesn’t require installing a VPN client on a device. Instead, users can access a secure channel in the cloud. In many cases, the traffic is sent from one router to another between multiple sites. As such site-to-site VPNs are a semi-permanent connection as opposed to a temporary connection as in a personal VPN or remote-access VPN.
Here’s a list of site-to-site VPNs:
- Perimeter 81 includes features to prevent access to sites that violate company policies to control access to time-wasting sites and harmful sites, protect against malware and block objectionable content.
Read our full review of Perimeter 81.
- AccessAnywhere Access provides a free, easy-to-use VPN router for site-to-site traffic to travel between offices and frequently-used locations.
- AWS site-to-site VPN is a managed service that creates a secure connection between a data center or branch office and AWS resources.
When to use a site-to-site VPN
- Site-to-site VPNs are good for companies with multiple offices in different geographic locations that need ongoing access to the corporate network.
- Field offices use site-to-site VPNs to establish direct connections to headquarters.
- Where databases, applications and other systems are operated centrally, branch offices can use site-to-site VPNs to securely connect.
- Some use site-to-site VPNs as an alternative to private MPLS circuits.
A mobile VPN is one that can persist during sessions despite changes in physical connectivity such as a shift in the network access medium or the point of attachment. In other words, a mobile VPN is not one for mobile users. It is a way to be connected at all times even if you change from one internet connection to another. Despite such changes, the VPN can maintain the session without interrupting user apps.
Mobile VPN options include:
- ExpressVPN has a broad international presence, using the open-source OpenVPN protocol and is ideal for those wishing to spoof their location to be able to access services normally available only at home, as well as anyone traveling outside of the USA who wants to stay secure.
Read our full review of ExpressVPN.
- CyberGhost VPN has a huge collection of VPN servers and multiple options for spoofing, allowing up to seven simultaneous connections and comes with antivirus.
Read our full review of CyberGhost VPN.
- TotalVPN supplies safe browsing, encryption, anonymizing and prevention of loss of service due to spotty internet or Wi-Fi.
When to use a mobile VPN:
- When you often switch from Wi-Fi to mobile data or between Wi-Fi hotspots without having your applications or streaming channels stop.
- For travelers or commuters who must deal with spotty and variable network performance.
- Remote workers who need constant access regardless of network or Wi-Fi fluctuations.
Those considering a VPN should give careful thought to the type of VPN they select. The different VPN types listed above fit different use cases. Some are good for individuals while others are better fit for enterprise use.
Further, the type of device and platform play a part. For example, some VPN solutions are designed to enhance browsers—such as with Chrome extensions—and others are designed specifically for certain mobile devices or operating systems.
Subscribe to the Cloud Insider Newsletter
This is your go-to resource for the latest news and tips on the following topics and more, XaaS, AWS, Microsoft Azure, DevOps, virtualization, the hybrid cloud, and cloud security. Delivered Mondays and Wednesdays