VPN services are entirely legal and legitimate in most countries. It's completely legal to mask your IP address and encrypt your internet traffic. There is nothing about using a VPN that's illegal and VPN services themselves do not and cannot do anything illegal. The only thing that's illegal is if you were to break the law while using a VPN - for instance if you were to infringe on someone's copyright. But that's the action of infringement that's illegal, not the use of the VPN.
If you’re unsure about whether you should get a VPN, check out our post that explains what a VPN is and when one makes sense as a privacy and security tool. But most people leave their privacy and security vulnerable in ways that can be addressed with methods other than signing up for a VPN—methods that are potentially more effective. If you have a drafty house with paper-thin walls and halogen light bulbs, you’d get far more value out of every dollar by sealing up cracks, insulating, and switching to LEDs than you would by putting solar panels on your roof. Similarly, before you rush to sign up for a VPN subscription, you should consider these other ways to up your privacy game.
FoxyProxy is an add-on to Firefox, Chrome or Internet explorer web browsers that facilitate and streamline proxies and VPN settings. As a complementary payment service, it makes available to the user several VPN servers located in different countries. The installation and configuration of this add-on is simple, and you simply have to be attentive to add the Proxy Server that we like the most, and that does not have to be from the US.
PIA is another great option and offers a 7 day money back guarantee. It keeps no logs, which is a claim that it has proved in court! And although optional, its security can be first rate. Its desktop software supports multiple security options, a VPN kill switch, DNS leak protection, and port forwarding. Up to 5 simultaneous connections are permitted. Its Android client is almost as good, and PIA boasts excellent connection speeds. PIA has servers located in 29 other countries.
It’s also fast with impressive 830+ server locations, which makes it an excellent choice for P2P file-sharing, online gaming, and HD streaming. There are no annoying bandwidth caps here, and you can connect to Netflix US, BBC iPlayer, or France’s Canal+ if you wish – there’s a server for every need. The double encryption will understandably slow things down.
ProtonVPN is a superb service provided by the developers of Proton Mail. It is a secure VPN provider that lets people use the service on an unlimited basis. This makes it perfect for privately surfing the web on a daily basis. On the downside, it throttles free-users’ bandwidth. This means that the free ProtonVPN service will not provide the speeds necessary for doing data-intensive tasks such as streaming in HD. ProtonVPN is a superb VPN that many people may find useful for unblocking censored news.
Downloads took four times as long as they did without the VPN switched on, but even then, ProtonVPN was far from the worst among the nine free services we tested. You'll also be limited to VPN connections in only three countries, as opposed to the paid complement of 25, and you won't have access to ProtonVPN's "Secure Core" of super-hardened servers.
There are a number of ways to use VPN. The most common scenario is when a remote user accesses a private network across the Internet using a remote access VPN connection. In another scenario, a remote office connects to the corporate network using either a persistent or an on-demand site-to-site VPN connection (also known as a router-to-router VPN connection).
The service supports Windows, Mac, Android and iOS devices, but manual connection through Linux, BlackBerry, Boxee Box, HP WebOS or DD-WRT is also possible. It likewise allows users to use up to five devices using the account. PureVPN’s proprietary gigabit network ensures uptime and extremely fast speeds. It offers unlimited bandwidth, which is ideal for users who like video streaming or playing online games.
Finally, read the fine print to see if they restrict any protocols or services you wish to use the service for. If you want to use the service for file sharing, read the fine print to ensure your file sharing service isn’t blocked. Again, while it was typical to see VPN providers restrict services back in the day (in an effort to cut down on bandwidth and computing overhead) it’s more common today to find VPNs with an anything-goes policy.

The download speed indicates how fast data can be pulled from the server to you. Since the majority of online activity – like loading web pages or streaming videos – consists of downloads, most connections are designed to download much faster than they upload. Download speed is measured in megabits per second (Mbps) and, generally, the higher the number the faster the connection.
Our VPN reviews instead stress value and technical excellence. The number of devices that can be used with an account is, in our opinion, more important. We also prefer VPN services with lots of servers and a good geographic distribution of those servers. VPNs that are easy to set up and use for first timers and include a well-made local client also go a long way toward getting PCMag's endorsement. And, of course, price is a major issue. The average monthly price of a VPN right now is $10.48. If a VPN is charging more, it had better be offering something compelling.
IVPN also performed well in our speed tests. Though it wasn't always the fastest in the 54 measurements we took on each service, it ranked near the top on many servers at different times of the week—especially compared with the most trustworthy services. Private Internet Access, one of the most visible, privacy-focused VPNs, had slower speeds when connecting to most servers and less reliable connections than IVPN. For US servers (which we expected to be the fastest locations because we tested from California), IVPN ranked behind only OVPN and TorGuard. We liked OVPN—especially its speed results—but we thought that company's small team and small selection of servers and locations were too limiting for some people.
We subsidize our free version by displaying advertisements and we do not collect or sell your personally identifiable information. Our free version provides the same basic level of protection that is included in our paid plans. If you would like to remove the ads and get additional benefits, then you can upgrade to Hotspot Shield Premium. When people upgrade to our premium version, it provides additional revenue to keep our service running smoothly.
In many cases, each of these offices also have LANs. But how do the LANs connect? For some very specialized solutions, companies lease private lines to connect the offices. That can be very expensive. Instead, most companies opt to geographically connect separated private LANs over the public internet. To protect their data, they set up VPNs between offices, encrypting the data as it traverses the public internet.
Unlike the separate tunnels created for each voluntary client, multiple dial-up clients can share a tunnel between the FEP and the tunnel server. When a second client dials into the access server (FEP) to reach a destination for which a tunnel already exists, there is no need to create a new instance of the tunnel between the FEP and tunnel server. Instead, the data traffic for the new client is carried over the existing tunnel. Since there can be multiple clients in a single tunnel, the tunnel is not terminated until the last user of the tunnel disconnects.
Chrome starts to mark old-fashioned HTTP sites as ‘Not Secure’ in the address bar. If you have already updated Chrome to version 68 this week, you would probably be surprise at seeing a huge amount of HTTP sites are not secure overnight. That’s to let you know that the site you’re visiting is not HTTPS-enabled, and the traffic is being transmitted over the old, less secure HTTP protocol. That means a hacker could spy on the data you’re sending and receiving from the site in question (such as passwords and credit card numbers), and even hijack the connection to run a phishing scam or redirect you to a malware-laden page.
We use the most trusted and widely used VPN protocol available, OpenVPN for your Windows device. This protocol is open source which means you have the reassurance that no unknown proprietary codes can access your data. And to boot we use OpenSSL libraries and run the whole operation over UDP ports so you always get the best speeds when using our free VPN trial. Our VPN protection for Android is built on OpenVPN, the most widely used and trusted VPN protocol available. It’s the most trusted protocol because it’s open source meaning no unknown proprietary codes can do anything with your data. We also use OpenSSL libraries as well as running the whole thing over UDP ports. The result? The best speeds possible for you when using our free VPN trial. Our VPN protection for Android is built on OpenVPN, the most widely used and trusted VPN protocol available. It’s the most trusted protocol because it’s open source meaning no unknown proprietary codes can do anything with your data. We also use OpenSSL libraries as well as running the whole thing over UDP ports. The result? The best speeds possible for you when using our free VPN trial. We use the IPsec protocol for our iOS implementation which is built entirely on Apple’s proprietary stacks. The result? A super fast connection speed each time you switch on your AVG Secure VPN for iPhone. Our macOS implementation of AVG Secure VPN uses the IPsec protocol and is built entirely on Apple’s proprietary stacks. Which means that you get the best in performance and compatibility for your Mac when you connect using our free VPN trial.
Among last year's VPN apps for Android, Private Internet Access had the least impact on downloads, reducing speeds by just 10.3 percent. However, Private Internet Access had an enormous impact on latency. If that's your primary concern, TorGuard is your best bet. That service only increased latency by 12.5 percent. In our upload test, Private Internet Access fared well but TorGuard less so.
But even if you know who’s behind your VPN, you shouldn’t trust a free one. A free service makes you and your data the product, so you should assume that any information it gathers on you—whether that’s an actual browsing history or demographics like age or political affiliation—is being sold to or shared with someone. For example, Facebook’s Onavo provides an encrypted connection to Onavo’s servers like any VPN, shielding you from the prying eyes of your ISP or fellow network users. But instead of promising not to examine, log, or share any of your traffic, Onavo’s privacy policy promises the opposite. Covering the service, Gizmodo sums it up well: “Facebook is not a privacy company; it’s Big Brother on PCP.” Facebook collects information about your device, other applications you use, and even “information and other data from your device, such as webpage addresses and data fields.” And the company “may combine the information, including personally identifying information, that you provide through your use of the Services with information about you we receive from our Affiliates or third parties for business, analytic, advertising, and other purposes.” That means Facebook can collect anything it wants, and sell it to anyone it wants.
We considered native apps for Windows, Mac, and Android to be mandatory because they’re easier to use than open-source or third-party VPN apps like Tunnelblick; that in turn makes it easier to stay secure. For more-advanced users, adding VPN connections to Wi-Fi routers can help secure all connections on a home network without having to manage devices individually.
Finally, read the fine print to see if they restrict any protocols or services you wish to use the service for. If you want to use the service for file sharing, read the fine print to ensure your file sharing service isn’t blocked. Again, while it was typical to see VPN providers restrict services back in the day (in an effort to cut down on bandwidth and computing overhead) it’s more common today to find VPNs with an anything-goes policy.
Required only when the VPN server is acting as a VPN client (a calling router) in a site-to-site VPN connection. If all traffic from TCP port 1723 is allowed to reach the VPN server, network attacks can emanate from sources on the Internet that use this port. Administrators should only use this filter in conjunction with the PPTP filters that are also configured on the VPN server.
You can also use a remote VPN server to spoof your location. For example, you could be sitting in Chicago and select a VPN server in Australia. Your traffic would then make a trip down under before continuing as normal. To people trying to track you, you'd appear to be surfing from Australia. This is especially useful if you're keen to access region-locked streaming content. If you connect to a server within the UK, free BBC TV streaming is suddenly available to you in the United States. It's also a useful tool for when you are connecting in countries that have strict or repressive internet regulations. Always be clear on the laws of the land and any terms of service you might be running up against by doing so, however.
A lot of people avoid using VPN providers based out of the United States on the premise that US law would compel those providers to log all VPN activity. Counterintuitively, there are no such data logging requirements for US-based VPN providers. They might be compelled under another set of laws to turn over data if they have any to turn over, but there is no requirement they even keep the data in the first place.
As we previously noted, we don’t recommend relying on our picks to get around geographic restrictions on copyrighted content. The practice is likely illegal, and it violates the terms of service of your ISP, VPN, and content provider. On top of that, it often doesn’t work—we couldn’t access Netflix over any of the services we tried, and of the four streams we loaded on BBC iPlayer, only two worked a few days later.
The Remote Authentication Dial-In User Service (RADIUS) protocol is used to provide centralized administration of authentication, authorization, and accounting (AAA) and an industry-standard security infrastructure. RADIUS is defined in RFCs 2138 and 2139 in the IETF RFC Database. RADIUS enables administrators to manage a set of authorization policies, accumulate accounting information, and access an account database from a central location.

Since VPNs route your traffic through another network, you can also make it appear as if it’s coming from another location. That means if you’re in Sydney, Australia, you can make your traffic appear to come from New York City. This is useful for certain sites that block content based on your location (like Netflix). It also allows some people (we’re looking at you, Australians) have to deal with insanely high import taxes on software that see them paying twice (or more) what US consumers pay for the same products.


When we tested other aspects of IVPN's performance, it also satisfied our requirements. On the default settings, our real IP address didn't leak out via DNS requests or IPv6 routing, let alone a standard IP address checker. The DNS-requests check indicated that the app was using the company's internal DNS servers and that they were correctly configured. None of the 12 services we tested disclosed our true IP address (though some showed mismatched IPs).
The Shiva Password Authentication Protocol (SPAP) is a reversible encryption mechanism employed by Shiva Corporation. A computer running Windows XP Professional uses SPAP when connecting to a Shiva LAN Rover. A Shiva client that connects to a server running Routing and Remote Access also uses SPAP. Currently, this form of authentication is more secure than plaintext but less secure than CHAP or MS-CHAP.
We have split our fastest VPN speed test into two parts; without a VPN connection and with a VPN. We will be testing VPN speeds from a US connection with a stable Internet connection. With VPN, we have chosen to connect to a location that is far from the United States, let’s pick the UK. It is important to understand that VPN speed is directly related to the distance of the connection. As the distance increases, chances are there that you might report slower VPN connection speed.

Transport Layer Security (SSL/TLS) can tunnel an entire network's traffic (as it does in the OpenVPN project and SoftEther VPN project[8]) or secure an individual connection. A number of vendors provide remote-access VPN capabilities through SSL. An SSL VPN can connect from locations where IPsec runs into trouble with Network Address Translation and firewall rules.
Access to restricted websites: Some websites and streaming content may only be accessed in certain countries. For example a TV program might only be broadcast in the UK – Trying to stream this program outside the country will return an error. Through the masking of your IP address, and thus your physical location, free VPN will allow you access to this restricted content and make it appear that you are located in the required region. Learn More
VPN services, while tremendously helpful, are not foolproof. There's no magic bullet (or magic armor) when it comes to security. A determined adversary can almost always breach your defenses in one way or another. Using a VPN can't help if you unwisely download ransomware on a visit to the Dark Web, or if you foolishly give up your data to a phishing attack.
×