ExpressVPN has a wide range of client software, a dedicated proxy service for streaming media and its own DNS service. But in our 2017 tests, it dropped many connections and its overall performance was in the middle of the pack. It also allows only three devices to be connected simultaneously per account, and it's one of the most expensive services we evaluated.
In this approach, the firewall must be configured with input and output filters on its Internet and perimeter network interfaces to allow the passing of tunnel maintenance traffic and tunneled data to the VPN server. Additional filters can allow the passing of traffic to Web servers, FTP servers, and other types of servers on the perimeter network. As an added layer of security, the VPN server should also be configured with PPTP or L2TP/IPSec packet filters on its perimeter network interface as described in “VPN Server in Front of a Firewall” in this section.
NordVPN also nudged out ExpressVPN in terms of speed, with a few caveats. Most VPN apps select a location, and then the app automatically selects the best server in that location. NordVPN is not so good at this. The auto-select on a couple occasions put us on servers that were complete duds, which resulted in a test result so bad it qualified as a statistical outlier and had to be thrown out. Thankfully, the app allows you to manually select a specific server and view the load capacity on all servers, where we had much better luck. Servers are optimized for specific streaming channels, torrenting, or security measures.
TunnelBear is designed for a very specific group of people: people who want a VPN service but don’t want to mess around with configuration or become IT experts to make their connections more secure. And it caters brilliantly for that market, with a very straightforward interface and jargon-free writing. In truth, all of the VPN services these days do this but TunnelBear tries very hard to stand out. It’s not for power users - there isn’t much you can change - but with up to five simultaneous connections, servers across 20 countries and decent performance on US and Canadian websites. Longer connections can be slower, though: it’s when the relatively small number of server locations makes itself obvious. There’s a free version that limits you to 500MB of monthly traffic, and if you pay annually the price of the full version drops from $9.99 to $4.99 per month.
Our VPN reviews instead stress value and technical excellence. The number of devices that can be used with an account is, in our opinion, more important. We also prefer VPN services with lots of servers and a good geographic distribution of those servers. VPNs that are easy to set up and use for first timers and include a well-made local client also go a long way toward getting PCMag's endorsement. And, of course, price is a major issue. The average monthly price of a VPN right now is $10.48. If a VPN is charging more, it had better be offering something compelling.
We like that the company offers a connection kill switch feature and, for those who need it, there's an option to get a dedicated IP address. VyprVPN is a standout in their effort to provide privacy, and thwart censorship. When China began its program of deep packet VPN inspection, Golden Frog's VyperVPN service added scrambled OpenVPN packets to keep the traffic flowing.
As we already discussed in our guide of high-speed VPNs, VPN vendors use all essential privacy and security protocols to give everyone a safe-house access. However, it is subject to the protocol you use. As mentioned earlier, you need to select a right fast secure VPN protocol depending on your need. Use SSTP and OpenVPN protocols always if you are using torrent or bypassing firewalls like GFW, and NSA protocol. However, if only streaming is your concern, then switch to PPTP and L2TP protocols and get blazing fast VPN speed, with a little compromise on security. PPTP and L2TP are not unsafe, but they have low-security standards layers, that on the other hand, give you top speed for streaming.
CyberGhost has more than 1100 Servers worldwide in 50 countries, making it easy for users to find a fast and secure connection. It does not collect any user data and all traffic information are protected by 128-encryption. Speed is fairly fast, allowing users to stream content, download files and do online shopping. The service comes in three plans, a one-month plan, a six-month plan or an annual package.
So our advice is to not use a free VPN unless it really is for occasional, very casual use. For the odd IP-hopping use case, they can work. But if you're planning on using the VPN a lot and for streaming video etc we'd highly recommend going for one of the overall best VPN services - they're not free but they're also pretty cheap in the grand scheme of things.
We tested each service using both the Netflix-operated Fast.com download speed test and the more comprehensive Internet Health Test; the latter measures speeds up and down through multiple interconnection points between Internet providers. We ran each test on the macOS version of each VPN software in its default configuration, with our test computer connected over Gigabit Ethernet to a cable modem with no other traffic running through it. We recorded baseline download rates without a VPN active of nearly 300 mbps, and we checked our non-VPN speeds at random intervals to ensure that our local ISP wasn’t affecting the tests.
Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) is an EAP type that is used in certificate-based security environments. If smart cards are used for remote access authentication, EAP-TLS is the required authentication method. The EAP-TLS exchange of messages provides mutual authentication, negotiation of the encryption method, and encrypted key determination between the remote access client and the authenticator. EAP-TLS provides the strongest authentication and key-determination method.
First and foremost, using a VPN prevents anyone on the same network access point (or anywhere else) from intercepting your web traffic in a man-in-the-middle attack. This is especially handy for travelers and for those using public Wi-Fi networks, such as web surfers at hotels, airports, and coffee shops. Someone on the same network, or the person in control of the network you're using, could conceivably intercept your information while you're connected.