VPN (Virtual Private Networks) Use Cases

Virtual Private Network (VPN) usage has exploded in recent years and for good reasons. MarketWatch, in a recent press release for their “Virtual Private Network (VPN) Market 2020 Research Report”, states that, “In 2019, The Worldwide Virtual Private Network (VPN) market size was USD 1579.4 million and it is expected to reach USD 3368.8 million by the end of 2026, with a CAGR of 11.3% during 2021-2026.”

The reasons for this trend include hardware and software capabilities that can now (relatively) quickly encrypt/decrypt large streams of real-time data, combined with an increasingly ubiquitous and dangerous online presence, for both the corporate world and the individual consumer. The world now spends more and more of its time (actually, all of its time) connected to the Internet, which increases the likelihood of security breaches, from hacking into corporate databases, to stealing your private, personal information or eavesdropping on chats and emails in real time.

While VPNs have been fundamental in the corporate world for decades, consumer use has only really taken off in the last 10 years or so. Let’s discuss some of the use cases for VPNs, in the corporate world and in consumer space, and also discuss the symbiotic relationship between VPNs and global data centers.

What is a Virtual Private Network?

A VPN is an encrypted tunnel that connects your local LAN to the public Internet while masking your IP address. It does this by routing all of your Internet traffic to a remote VPN server (often in another location) at which point the traffic is unencrypted and sent along its way to its final Internet destination. Any website you visit will only see the IP address of the VPN server, thus masking your true IP address and location.

There are many ways to implement a VPN and many protocols in use as well. For some more detail on the differences between these protocols (point-to-point protocol (PPTP), Layer 2 tunneling protocol, secure socket tunneling protocol, and others), see our blog, “What are the differences between various types of popular VPNs”.

The overall performance of any VPN is also dependent on how you connect to the Internet. The first step in taking control of your VPN performance means taking control of your WAN connectivity via technologies such as VPN bonding via packet-level load balancing (broadband bonding). Check out “How to Take Control of Your VPN Performance” for more information.

Corporate Use Cases

Corporate use cases for VPNs has remained fairly stable over the past decades. There are two primary use cases: remote VPN and site-to-site VPN. Remote VPNs allow individuals to access the company network from their home or mobile devices. Site-to-site VPNs create secure tunnels between sites, or computer networks, rather than terminating one end of the tunnel at a specific user device. Site-to-site VPNs typically have the routers at each site perform encryption/decryption, so all traffic inbound/outbound from either site is secure. The sites may be corporate headquarters, branch offices, data centers, and/or private, public, or hybrid clouds.

Modern SD-WAN branch routers sometimes support built-in encryption capabilities for the bonding tunnels they leverage for inter-office communications. Using an external VPN tunnel in conjunction with SD-WAN tunnels is possible and common, however, enterprises that would like to simplify and streamline WAN networking may opt-in to rely solely on the encryption available on the SD-WAN tunnels.

And a bit more information about corporate site-to-site VPNs. As mentioned, cloud-based sites are becoming standard parts of any enterprise’s online infrastructure. In particular, VPCs (Virtual Private Clouds), are a particular type of hybrid cloud, per Wikipedia:

“A virtual private cloud (VPC) is an on-demand configurable pool of shared computing resources allocated within a public cloud environment, providing a certain level of isolation between the different organizations using the resources.”

Of course, securing access to a VPC from a corporate data center using a VPN remains a common use case. However, there are times when an enterprise needs access to multiple VPCs, all over the world, located in different regions. Here, the use case naturally expands, requiring redundancy to be built in to any solution. If a single VPN connected to a particular VPC fails, then business will be crippled with respect to any traffic utilizing that VPC.

Having multiple, redundant VPNs connecting your data centers with your VPCs ensures you maintain the high-availability, high-reliability resource benefit of the VPC. SD-WAN tunnels provide an ideal solution for such setups where reliability, performance and specific route engineering is needed.

While VPNs and SD-WAN tunnels remain a major option to provide this redundancy, each cloud provider (AWS, Google, Microsoft, etc.) also provides their own suite of connection options, each with various costs, benefits, and technical challenges. Typically, the connection options are all of the form:

• User VPN
• Managed VPN
• Hardware VPN
• Transit gateways
• Direct connect via a private network

While the details are beyond scope of this blog, here is a nice article describing Amazon’s AWS VPC Connectivity Options, which, while specific to Amazon, still gives a great overview of the general landscape.

Consumer Use Cases

Consumer use cases for VPNs are much more varied and interesting than corporate use cases. In very general terms we could describe the use cases as being related to enhanced privacy, enhanced security, and bypassing geo-restrictions (any restrictions imposed on internet content based on country). Here is a list of some specific VPN uses and how they can be helpful, and often invaluable, as a fundamental tool.

• Avoid ISP monitoring – Your ISP sees every byte that you send or receive to or from the Internet and virtually all ISPs sell your data to advertisers. Much of that data is anonymized, but certainly much is not. Using a VPN ensures that all your data is encrypted, and the ISP is left with no information about your internet activity, except that you are using a VPN.
• Ensure general anonymity – ISP monitoring is one thing, but of course there are prying eyes everywhere you go on the Internet. Use a VPN to ensure privacy from websites, search engines, online stores, and others who routinely track and log your IP address, location, and any other personal information they can glean from your online activities. Using a VPN also ensures complete privacy for any and all uploading or downloading you do, including torrents, and it also ensures privacy for any online chats and/or P2P communications.
• Ensure public WiFi security – Anytime you are connected to a public WiFi network, you are much more vulnerable to attacks and malicious behavior. Often these networks are not password protected at all, or they use a very weak password. Even with a highly secure password, hackers can get easy access to it by simply asking “Can I please have a latte and the WiFi password?” This makes it very easy for a malicious actor to intercept all your WiFi traffic without your knowledge. A VPN client installed on your laptop completely neutralizes this threat as all your traffic is now encrypted.
• Bypass geo-restrictions / censorship – VPN providers typically run server farms all over the world and allow users to choose the country from which their Internet traffic will be routed through. This means that all of your Internet traffic, and IP address, appears to be coming from the VPN’s foreign server’s location. So, if you want to watch a Netflix show or NBA game or soccer match that is not available in your country, you can simply choose to access the Internet using a VPN server located in a country where that content is available. Similarly, if you live in a country that censors and/or controls Internet access, like China, you may be able to bypass this censorship by using a VPN server located out of the country. However, authorities are also aware that this occurs, and are constantly trying to locate and shutdown all VPNs.
• Miscellaneous other use cases – Given the overall benefits a VPN provides – privacy, security, unlocking geo-restrictions – there are many different, specific use cases that you might not have been aware of, including:
  • Financial transactions while traveling – If you’re away from your home country, it can be convenient to use a VPN to connect to your bank from a server in your home country.
  • Online shopping natively – You can use a VPN to access special products and services only availably to a certain country.
  • Bypass traffic ISP shaping/throttling – It’s possible to bypass some of the traffic shaping and bandwidth throttling that ISPs routinely impose by using a VPN so the ISP cannot identify any of your traffic.
  • General protection from hackers, malware, and viruses – When a hacker has direct access to your IP address, they also have direct access to your identity, in some form. By running all of your traffic through a VPN, it becomes much more difficult for malicious actors, and/or software, to compromise your data, your computer, or your LAN.

VPNs and Data Centers – A Symbiotic Relationship

Aside from the usual corporate and consumer use cases for VPNs, there is another major application for VPNs involving data centers. Using VPNs to securely connect data centers has become standard practice for many of the reasons discussed above. But there is also a natural symbiosis between VPNs and data centers. VPN providers promise their customers 24/7 access to high-speed Internet from numerous locations around the world. This has resulted in the proliferation of huge data centers all over the world, housing thousands of VPN servers in large server farms, professional managed and maintained using state-of-the-art encryption and security methods. At least this is the case with the most reputable and highly rated VPN providers.

An article, “VPNs and Data Centers: A Match Made in Heaven”, that discusses VPNs and data centers and their relationship, states:

Data centers are the lifeblood of any VPN network. Without them, VPN providers would not be able to function on a scale which would allow them to provide secure internet connections to millions of users across the globe

VPNs can provide users with many practical benefits, and data centers are what enable VPNs to deliver these benefits to their end users. Indeed, the overall quality of the data center will directly correlate with the overall quality of the VPN service, and with all how data centers lay the foundation for VPN services to function; we can conclude that it is a match made in heaven.

Conclusion

We’ve discussed VPNs in some detail, going over what they are, how they work, and many typical use cases. If you’re not currently using a VPN you might want to reconsider, given the many benefits it provides, and usually at very reasonable monthly rates. The specific VPN provider you choose will depend on your own use cases, and the level of comfort and confidence you have in that provider.

Here are two very useful, very detailed links rating and ranking the best VPN services of 2020:

• The Best VPN Services of 2020: 10 Top VPNs Compared
• The Best VPN Service

My only advice? Do not use a free VPN service – ever. If the provider is legitimate and responsible, there is no reason not to charge a small monthly fee for their service. Monthly fees start from as low as a few dollars a month and even the most expensive should max out around $10 per month. Free VPN services must be making their money somehow, and if it’s not from charging you a monthly fee, they are likely monitoring your online behavior and selling your data.

To further support the proposition that free VPN services should be avoided at all costs, it appears that about 20 million VPN users had all of their data and full Internet logs left unsecured on a server for several weeks. Whoops! Read more about it here, “No-Log VPNs Exposed Users’ Logs and Personal Details for All to See”, and avoid these free VPN services:

• The VPNs affected are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN – all of which appear to be connected by a common app developer and white-labeled for other companies.

Also remember that using a VPN requires that you actually connect to it! This means making sure that your local network (home and/or office) is connected to the Internet intelligently. And what does this mean? Redundant lines and broadband bonding of multiple ISP links, both wired and wireless.

Rob Stone, Mushroom Networks, Inc. 

Mushroom Networks is the provider of Broadband Bonding appliances that put your networks on auto-pilot. Application flows are intelligently routed around network problems such as latency, jitter and packet loss. Network problems are solved even before you can notice.

https://www.mushroomnetworks.com