My recommendation, and the protocol I most often choose to use, is OpenVPN. OpenVPN is a non-proprietary, open-source implementation of a VPN communication layer protocol. It's well-understood, well-regarded, generally quite secure, and robust. In addition, it has the benefit of being able to communicate over port 443, which is the standard port for https communication, which means almost all firewalls will allow OpenVPN traffic -- and most won't even be able to detect that a VPN is being used.
A firewall uses packet filtering to allow or disallow the flow of specific types of network traffic. IP packet filtering provides a way for administrators to define precisely what IP traffic is allowed to cross the firewall. IP packet filtering is important when private intranets are connected to public networks, such as the Internet. There are two approaches to using a firewall with a VPN server:
TorGuard was consistently one of the fastest services we tested. When we averaged three tests performed at different times of the week with Internet Health Test, TorGuard was the fastest service when connecting in the UK and Asia, the second fastest in the US, and the third fastest in Central Europe. OVPN was the next most consistent, but that company’s small network doesn’t have any servers in Asia, and it ranked fifth in the UK. Our top pick, IVPN, was the third most consistently fast after TorGuard and OVPN. However, we tested with each app’s default settings—since we expect most people won’t change them—and TorGuard’s default 128-bit encryption gives it an advantage in speed tests over VPNs that default to 256-bit encryption, as most services do. Still, we think 128-bit encryption is fine for most people who prioritize speed, and TorGuard’s consistency makes it a good value as our budget pick.
That said, there are many other ways to track movements across the web. There may be, for example, a tracker inside an ad on website A and another tracker from the same company on website B. By correlating data from both of those trackers, it's possible to assemble a picture of an individual's browsing history. Installing a tracker blocker such as TrackOFF or Privacy Badger from the EFF is a good idea. Fortunately, many VPNs also say they block ads and trackers on the network level.
StrongVPN has exit nodes in 43 cities, 20 countries, and supports PPTP, L2TP, SSTP, IPSec, and OpenVPN protocols–you’ll be hard pressed to find a device you can’t configure to use their service. There are no bandwidth caps, speed limits, or restrictions on protocols or services (torrenting, Netflix, you name it, they don’t care). Additionally, StrongVPN maintains no server logs.
If you’re going to bother with a VPN, you should spend money on a good one—don’t trust a free VPN. Security and privacy cost money, and if you aren’t paying for them, the provider has an incentive to make money from marketers at your privacy’s expense. Though price doesn’t always equal quality, a few dollars a month more for a better experience is worth it for something you’ll use on a regular basis.
TorGuard is incorporated in St. Kitts and Nevis, and operates out of offices mostly in the US. But most people shouldn’t be worried about the legal jurisdiction of their VPN’s offices—we detail the reach of government surveillance above. In short, we think a privacy-focused VPN with public leadership that can be trusted not to collect information about their customers is a better choice in any country, rather than an opaque company run from the most liberty-ensuring country on the planet.
Beyond the CNET directory, it's always good practice to search "the Google" for a company or product name and read the user reviews. If you see a huge number of old complaints or new complaints suddenly start showing up, it might be that there's been a change of management or policies. When I'm looking for a service, I always base my decision partially on professional reviews and partially based on the tone of user reviews.
The basic monthly allowance is only 2GB, but if you register with an email address, that jumps to 10GB. If you run out of data before the end of the month, you can always switch over to the even more generous Hotspot Shield.For even more free data, you can let Windscribe use your computer to mine cryptocurrency. That feature seems a bit creepy, but it's entirely optional and you can adjust the amount of power drawn.
HMA Pro (reviewed here) is slightly more complicated, but it’s far from difficult to understand. If you want to select your desired virtual location click the Location mode tab, click on the location name, and then choose your preferred location from the list. Once that’s done, click the slider button that says Disconnected. Once it flips to Connected, you’re ready to roll.
Buffered VPN doesn't disclose much about the size of its network, but the 30-day money back guarantee means that you can take their service for a test drive and really get a feel for how well it performs for you. The company lost a few points from us because they do keep some connection information. They gained points for their client support, unlimited bandwidth, and generous number of simultaneous sessions allowed.
We tested NordVPN and found that it works well with Netflix and other streaming services that block most other VPNs. It is compatible with all devices, does not retain logs, and offers a 30-day money-back guarantee (it's real, we checked). With a price so low, it's no wonder NordVPN is the most popular VPN out there, used by technology experts all around the world.
Compatibility – ExpressVPN is compatible with a wide range of devices and operating system. This includes Windows, OS X, Linux, and Chrome OS. In mobile phones and tablets, it is compatible with Android, iOS, Amazon Kindle Fire. It is also compatible with gaming and streaming consoles such as Amazon Fire TV, Chromecast, Apple TV, PlayStation 4, PlayStation 3, Xbox, Xbox One, and Roku. In short, I don’t think there is any other VPN provider that has such a wide cross-compatibility with different platforms.
IVPN excels at trust and transparency, the most important factors when you’re choosing a virtual private network. After interviewing IVPN’s CEO, we’re convinced that IVPN is dedicated to its promises not to monitor or log customer activity. But a trustworthy VPN is only as good as its connections, and in our tests IVPN was stable and fast. IVPN apps are easy to set up and use with secure OpenVPN connections on Windows, macOS, Android, iOS, plus a few other platforms. Extra features like automatic-connection rules and kill switches to block data on unsecured connections add protection and value that make it worth a slightly higher price than some competitors.
Our VPN reviews instead stress value and technical excellence. The number of devices that can be used with an account is, in our opinion, more important. We also prefer VPN services with lots of servers and a good geographic distribution of those servers. VPNs that are easy to set up and use for first timers and include a well-made local client also go a long way toward getting PCMag's endorsement. And, of course, price is a major issue. The average monthly price of a VPN right now is $10.48. If a VPN is charging more, it had better be offering something compelling.
ProtonVPN is a VPN from Switzerland. The software is easy to use and provides all the features necessary to keep your data secure both at home and while on public WiFi. Servers are located around the world, and because ProtonVPN uses a Secure Core network of servers – it will provide fantastic speeds for streaming. Proton permits P2P for torrenting on some of its servers. In addition, it can be installed and used on five simultaneous devices. That means you can protect all your devices with one account. The VPN is zero logs (it never stores IP addresses) and the time of your last session is deleted every time a new session is started.
In the configuration shown in the following figure, the firewall is connected to the Internet and the VPN server is another intranet resource connected to the perimeter network, also known as a screened subnet or demilitarized zone (DMZ). The perimeter network is an IP network segment that typically contains resources available to Internet users such as Web servers and FTP servers. The VPN server has an interface on the perimeter network and an interface on the intranet.
Also important is the protocol the VPN service uses. Connecting to a VPN service using the OpenVPN protocol generally yields a faster, more reliable experience. Plus, OpenVPN is, as the name implies, open-source. That means it has been picked over for flaws and exploits by thousands of volunteers. If you're concerned about speed and security, selecting a service that supports OpenVPN and makes it available by default is important.
VPNs also cloak your computer's actual IP address, hiding it behind the IP address of the VPN server you're connected to. IP addresses are distributed based on location, so you can estimate someone's location simply by looking at their IP address. And while IP addresses may change, it's possible to track someone across the internet by watching where the same IP address appears. Using a VPN makes it harder for advertisers (or spies, or hackers) to track you online.