Latency is a measurement of time between when your computer sends a request and when it receives a response. It's often called ping time. Lots of things can affect latency; the distance your request physically travels through fiber has a big impact, for example. Latency is measured in milliseconds, however, so even a large increase may not be noticeable to the average user. Latency is very important when playing video games over a VPN, as lower latency means a more responsive experience with less lag.
When a VPN server is in front of a firewall and connected to the Internet, inbound and outbound packet filters on the VPN server need to be configured to allow only VPN traffic to and from the IP address of the VPN server’s Internet interface. Use this configuration if the VPN server is in a perimeter network, with one firewall positioned between the VPN server and the intranet and another between the VPN server and the Internet.
VPNs are necessary for improving individual privacy, but there are also people for whom a VPN is essential for personal and professional safety. Some journalists and political activists rely on VPN services to circumvent government censorship and safely communicate with the outside world. Check the local laws before using a VPN in China, Russia, Turkey, or any country with with repressive internet policies.
The ability to use public WiFi securely. Using the WiFi in a public place such as a library, cafe, or airport can make you feel vulnerable, especially when unsure of how secure the connection is. You never know who could be gaining access to your personal files. However, our VPN service secures your privacy and allows you to browse and work as you please.
Whereas most providers say they log nothing, that’s not always the case. Some record very little data like the day you subscribed, the amount of data you’ve consumed, and delete those logs when you end the session. Other providers log your IP address, the servers you used, and store those logs. If they’re based in the US, UK or any other country with data retention laws, they can be compelled to hand over that data to law enforcement.
Many VPN services also provide their own DNS resolution system. Think of DNS as a phone book that turns a text-based URL like "pcmag.com" into a numeric IP address that computers can understand. Savvy snoops can monitor DNS requests and track your movements online. Greedy attackers can also use DNS poisoning to direct you to bogus phishing pages designed to steal your data. When you use a VPN's DNS system, it's another layer of protection.
CyberGhost is one of the most feature-rich VPNs with special configurations for different use cases, including media streaming, downloads, anti-censorship and safe browsing. Ultimately designed to optimize your connection, this turned out to be quite irrelevant when looking at the download speed, which came out lowest across all testing tools, with an average speed of 2.47 Mb per second.
When a VPN connection drops, you might just lose your connection. But because the internet is very good at routing around failures, what is more likely to happen is your computer will reconnect to the internet application, simply bypassing the VPN service. That means that -- on failure -- your local IP address may "leak out" and be logged by the internet application, and your data may be open to local Wi-Fi hackers at your hotel or wherever you're doing your computing.
Torrenting/P2P Support – Many individuals use a VPN to download torrents and performing P2P networking. Although we do not encourage piracy, the conscientious personal use of copyrighted files is a bit of a legal and moral gray area. To maintain freedom and neutrality on the web, torrenting should be supported and available to users. As such, support for P2P networking is a feature that a true VPN should possess.
Our results were similar in other parts of the world, with IVPN ranking near the top regardless of the test, day, or time. The exception was in Asia, where its Hong Kong servers didn’t perform well. At the time of our initial tests in spring of 2018, IVPN didn’t offer any other servers in Asia aside from Hong Kong. Since then, the company has added locations in Singapore and Tokyo, but we haven’t run a new series of standardized tests with either location.
Jurisdiction – Gibraltar is territory that is controlled by the United Kingdom to some extent. Nonetheless, the internal affairs of the country are governed by itself. Censorship of certain websites is present in Gibraltar. As such, the jurisdiction of IVPN lies in a region with limited online freedom, but privacy in the region is still much better than in Europe.
Like Avast, Avira got into the VPN business to complement its antivirus offerings. Phantom VPN is easy to use and gives you up to 1GB of data per month for free, making this service ideal for vacation travelers who just need to check email. Its unlimited paid plans are reasonably priced, but it had slow downloads and dropped connections in our 2017 tests.
To verify that each service effectively hid our true IP address, we looked at a geolocation tool, DNS leaks, and IPv6 leaks. When connected to each service’s UK servers, we noted whether we could watch videos on BBC iPlayer, and using US servers we noted whether we could stream Netflix. We also visited the sites of Target, Yelp, Cloudflare, and Akamai to check whether our VPN IP addresses prevented us from accessing common sites that sometimes blacklist suspicious IP addresses.
Use IP packet filters on the VPN remote access policy profile to discard both inbound traffic on the VPN connection that has not been sent from the VPN client and outbound traffic that is not destined to the VPN client. The default remote access policy, named “Connections to Microsoft Routing and Remote Access server in Windows Server 2003” has these packet filters configured and enabled by default.
To be fair, not all pay VPN services are legitimate, either. It's important to be careful who you choose. Over on ZDNet's sister site, CNET, I've put together an always up-to-date directory of quality VPN providers. To be fair, some are better than others (and that's reflected in their ratings). But all are legitimate companies that provide quality service.
IPVanish is a top pick, especially for Kodi and torrenting, due to excellent speeds, zero logging and extensive privacy tools. It’s ultra fast on local connections but less consistent internationally across a network that’s mid-sized for locations but super-sized for servers and IP addresses. Netflix is working but iPlayer is currently blocked, which is a shame as it’s otherwise fantastic for streaming.
Voluntary tunneling occurs when a client computer or routing server creates a virtual connection to the target tunnel server. To accomplish this, tunneling client software and the appropriate tunneling protocol must be installed on the client computer. For the protocols discussed in this technical reference, voluntary tunnels require an IP connection (either LAN or dial-up).
Most VPN services allow you to connect up to five devices with a single account. Any service that offers fewer connections is outside the mainstream. Keep in mind that you'll need to connect every device in your home individually to the VPN service, so just two or three licenses won't be enough for the average nested pair. Note that many VPN services offer native apps for both Android and iOS, but that such devices count toward your total number of connections.