VPN

Introduction

● Definition of VPN
● How it works
● History of VPNs
● Encryption
● Tunneling
● Authentification
● Protocols
 What is VPN

● VPN stands for "Virtual Private Network"

● service that masks your Internet Protocol (IP) address
○ encrypt your internet traffic in real time
○ allows to browse the internet anonymously
○ no one can link your data to your IP address.
● need to break down the words
○ “virtual”
○ “private”
○ “network”
 Virtual, Private and Networks

● VPNs are “virtual”

○ digital service
○ no need a cable or hardware to use them
● VPNs are “private”
○ they encrypt your connection
○ let you browse the internet anonymously
● VPNs are “networks”
○ build a secure connection between your device, the VPN server, and the internet.
 Brief VPN history

● Experts first realized the world needed VPNs after the Advanced Research Projects Agency Network
(ARPANET) launched.
● ARPANET was an early version of the internet developed by the US Department of Defense.
● ARPANET spurred the creation of Transfer Control Protocol/ Internet Protocol (TCP/IP).
● TCP/IP allowed devices and local networks to connect via a shared network. This introduced a
cybersecurity risk, as an outsider could use the network to access devices inside it.
 Brief VPN history: Part 2

● Researchers from AT&T Bell Labs and Columbia University developed the first VPN, Software IP
encryption protocol (swIPe), in 1993.
● Wei Xu and Gurdeep Singh-Pall developed more VPN technology in 1994 and 1996, respectively. Xu
created IPSec, and Singh-Pall (a Microsoft employee) created the Peer-to-Peer Tunneling Protocol
(PPTP).
● Throughout the early 2000s, many companies and governments used VPNs, and consumers later
started adopting them in the mid-2010s.
How VPN works
● VPNs create a secure encrypted connection, also known as a VPN tunnel, between your device, and
the remote server that you connect to, thus ensuring safe and secure data transfer.
 Transmit of data with VPN

1. The VPN client encrypts your data and sends it securely to the VPN server. Even though the data
passes through your ISP, it's so scrambled with encryption that they can't understand it.
2. The encrypted data from your computer is decrypted by the VPN server.
3. Your data is then sent to the internet and receives a reply that’s meant for you, the user.
4. The traffic is then encrypted again by the VPN server and is sent back to you.
5. The VPN client on your device will decrypt the data so you can actually understand and use it.
 VPN Tunneling - Encryption
● Once connected to the VPN server, it will encrypt any data sent up and down through a “VPN tunnel.”
● This data travels through your ISP, but your ISP can’t see it because it’s encrypted. Your ISP can only see
that you’re transferring data to and from the VPN server.
● Most VPNs have a “no log” policy - won’t store any of your web browsing data
● Some of the most popular VPN protocols for 2023 include:
○ OpenVPN
○ Internet Key Exchange Version 2 (IKEv2)
○ PPTP
○ Secure Socket Tunneling Protocol (SSTP)
○ Layer 2 Tunneling Protocol (L2TP)
○ Wireguard
 What is a VPN Protocol
● A VPN protocol is like a set of rules or instructions that determine how your data is routed between your device
and the VPN server.
● VPN connections use an encrypted tunnel to transmit your data. These secure tunnels are created through VPN
protocols that ensure a safe and secure connection.
 Protocols

● OpenVPN: Widely used open-source protocol with strong encryption based on

OpenSSL and SSLv3/TLSv1. Supported on multiple platforms, considered the best
choice for most users.
● IPsec/L2TP: Combination of IPsec and L2TP protocols for secure connections.
Included in most operating systems, a good option when OpenVPN is not available.
● IKEv2/IPsec: Protocol based on IPSec that enables quick network switching, making
it ideal for smartphones. Some sources suggest it is faster than OpenVPN, but
OpenVPN is generally considered better overall.
 Protocols

● PPTP: Point to Point Tunneling Protocol, an older protocol with potential security
vulnerabilities. Recommended if speed is more important than safety, useful for bypassing
streaming restrictions.
● Softether: Open-source application that supports various VPN protocols, including SSL
VPN, L2TP/IPsec, OpenVPN, and Microsoft Secure Socket Tunneling Protocol. Works on
multiple platforms.
● WireGuard: Newer protocol focused on high performance, currently in development.
OpenVPN is still recommended until WireGuard is more widely adopted.
 Authentication

● authentication methods, such as passwords and certificates ensure that only authorized users
can access the VPN
● 3 most common types
● Password-based authentication is a common and straightforward method.
○ Users enter a username and password when connecting to the VPN.
○ VPN server verifies credentials against a user database or authentication server.
○ If credentials match, the user is granted access to the VPN.
 Authentication
● Certificate-based authentication:
○ Users are issued digital certificates as unique identification credentials.
○ Certificates are created using cryptographic techniques and assigned to specific users or devices.
○ When connecting to the VPN, users present their certificates to the server.
○ VPN server verifies certificate authenticity, ensuring it's signed by a trusted certificate authority (CA) and
matches the user's identity.
○ Successful verification grants the user access to the VPN.
● Two-factor authentication (2FA):
○ VPNs often support two-factor authentication to enhance security.
○ It combines something the user knows (password) with something they possess (smartphone or
hardware token).
○ After entering username and password, users provide an additional authentication code generated by an
app or received via SMS.
○ This adds an extra layer of security to VPN access.
Types of VPN
● Remote Access VPN
● Site-to-Site VPN
● Cloud VPN
● Client to Server VPN
● Mobile VPN
● SSL VPN
Features and Functionality
● Encryption
● Privacy and Anonymity
● Remote Access
● Bypassing Geo-restrictions
● secure public Wi-Fi
● Protection against ISP Throttling
● Multiple Device support
● Firewall and Malware Protection
● Split Tunneling
Security considerations
● Encryption Protocols
● VPN PRovider Trustworthiness
● Kill switch
● DNS Leak Protection
● 2FA
● Server Security
● Server Locations
● Malware and Antivirus Protection
● Public Wi-Fi Networks
● Regular Updates and Patches
VPN Use Cases

Some of the most popular Use Cases of VPNs are:

● Secure remote access for Remote Workers.
● Protection of personal data on public Wi-Fi networks
● Access to geographically restricted content
● Bypass of censorship in regions with strict internet censorship (China, Iran, etc.)
Choosing a VPN

Important Factors to Consider when choosing a VPN

● Security and privacy
● Server network
● Connection speed and performance
● Number of simultaneous connections
● Compatibility and User-Friendliness
● Customer support
Setting Up a VPN

Steps of setting up a VPN

● Choose and Subscribe to a service that suits you
● Download the client or app for your Operating System or device
● Log in the client using your credentials
● Select server location and establish a VPN connection
● Find out if the VPN works by using an IP tracking service
Troubleshooting

Common VPN issues:

● Connection problems
● Slow server speed
● Compatibility Issues
● DNS leaks
● VPN blocked by networks or regions
Advantages
The benefits of using VPN are vast. One of most
important is the fact that businesses can
effectively secure their network. Without your
knowledge, an application or website can keep
track of your activity online. They can then
analyze the data they collect and use it to try to
target you with ads.

If you use a VPN, it can stop people, software and

web browsers from gaining access to your
connection. This keeps the information you
transmit and receive secure and anonymous.
 Hide Your Private Information
Another one of the primary benefits of VPN is the ability to hide your private information. Hackers can use a
variety of methods to intercept sensitive information you enter on websites. Using that information they can
try to impersonate you, gaining access to bank accounts, credit card information and more.

With a VPN, however, you can enjoy high level security, such as 256 bit encryption. This makes all your
communications online look like nonsensical, garbled text and characters to anyone who is able to find a way
to intercept them.
Access Geo-Restricted Services
VPN gives you a different Internet Protocol. Your IP address
tells you where your device is when you browse the
Internet, stream content, or do other online activities.
Some websites and services do not allow users in certain
countries to access some or all of their services. This is
common with streaming services that target specific
locations.

It is also common for some corporate websites to restrict

the use of public works services based on location. B. To
solicit offers or access more specific information about our
Services. A VPN can give the impression that you are
browsing the Internet from a location that allows the
services you are trying to access.
Disadvantages
A good VPN will hide your IP address, encrypt your web browsing activity, and allow you to unblock censored
websites in your location.

However, a VPN doesn't solve all problems. It's important to understand the limitations and drawbacks of
using a VPN to stay safe online and decide if a VPN is worth it for you. Despite their obvious benefits, VPNs
are not a panacea for all internet privacy issues. Considering this to be the case, it can be dangerous.

Using a VPN does not make you completely anonymous. Even the best VPN cannot guarantee online
anonymity. Your browsing behavior can reveal your true identity in ways that the VPN service cannot control.
If you're logged into your Google or Facebook account, a VPN won't stop those companies from monitoring
your activity.
How Reliable is Your VPN Service?
One of the key reasons to use a VPN is to stop unwanted
individuals from observing what you do online. Just as
you wouldn’t let a stranger watch you from the window
of your house, you don’t want strangers spying on you
online.

However, by protecting yourself with a VPN, you’re still

handing your browsing activity over to someone else:
your VPN service. All your traffic is routed through the
VPN provider’s servers. If it wanted to, it could see who
you are and what you’re doing online. That’s why it’s
crucial to look at the VPN’s logging policy before you
start using it.
 It’s Illegal to Use a VPN in Some Countries
VPN apps are legal in most countries around the world,
but in a few regions VPN use is illegal or restricted.
Therefore, just using a VPN can be against the law and
you could be prosecuted if caught.

In China, for example, anyone using a VPN service not

specifically approved by the government can be fined up
to RMB 15,000 (equivalent to about $2,300).

Note: Using a VPN to do anything illegal is illegal

anywhere in the world.
Most VPNs Are Dangerous To Use
VPN services access a lot of personal information. See your IP address, the websites you visit, and your activity
on those websites. Trustworthy VPN companies ignore this information, and most choose not to log it at all.

However, while secure VPN companies make money from subscription payments, many free VPNs are not
secure. The companies behind these apps collect your personal information and sell it to the highest bidder to
make a profit.

In summary:

You are the product, not the VPN. Because of this, they can often offer a VPN for "free." Using a VPN is often
more dangerous than not using it. That's why it's important to do research before downloading. Use a reliable
and secure VPN or don't use it at all.
Future of VPN
Since the first security protocols were developed, VPNs have become fast and easy for everyone to use. The
internet is becoming more and more likely to be a safe space. Despite improvements in cyber security
solutions, the number of cyber crimes continues to rise. Given the effectiveness of VPNs, it is likely that
browsers and devices will incorporate his VPN functionality in the future. Until then, users should get their
own VPN tool to protect themselves from internet dangers.
Questions?
 Sources
https://vpnoverview.com/vpn-information/what-is-a-vpn/

https://kinsta.com/blog/how-does-a-vpn-work/

https://www.kaspersky.com/resource-center/definitions/what-is-a-vpn

https://www.comparitech.com/blog/vpn-privacy/internet-censorship-map/

https://www.forbes.com/advisor/in/business/software/why-use-a-vpn/

https://www.geeksforgeeks.org/types-of-virtual-private-network-vpn-and-its-protocols/

Ferguson, Paul, and Geoff Huston. "What is a VPN?." (1998): 01-22

Zhang, Zhensheng, et al. "An overview of virtual private network (VPN): IP VPN and optical VPN." Photonic network
communications 7 (2004): 213-225

Berger, Thomas. "Analysis of current VPN technologies." First International Conference on Availability, Reliability and Security
(ARES'06). IEEE, 2006