There’s a lot of misleading advertising about residential (consumer grade) VPNs. The purpose of this post is to clarify the difference between IP Masking and Virtual Private Networks.

WHAT IS A VPN?
From the official IETF documentation:
RFC 4026, Paragraph 3.10. Virtual Private Network (VPN)
“VPN is a generic term that covers the use of public or private networks to create groups of users that are separated from other network users and that may communicate among them as if they were on a private network. It is possible to enhance the level of separation (e.g., by end-to-end encryption), but this is outside the scope of IETF VPN working group charters.”

What does that mean in non-technical terms? It has two parts:
1) A VPN is a private link between two endpoints connected to each other over a network that is also used by others.
2) The private link may be encrypted (and often is), but that’s not a requirement to be classified as a VPN. (For those who are trying to wrap their head around the idea of an unencrypted VPN, I’ll give one example without going into any technical explanation: an unencrypted GRE tunnel is a VPN).

WHAT IS IP MASKING?
Refer to the middle picture. IP masking is when you use a relay service to hide the source IP address, or the destination IP address, from interested third parties.

WHAT’S MISLEADING?
Refer to the bottom picture. You don’t need to pay for a VPN service to do safe online purchasing or banking. Every time you see the padlock in your browser, or the “https” prefix on the address, you’re using an encrypted VPN connection.

THE LESSON
Next time you see an ad for residential VPN service, pay attention to the wording. What are they really trying to sell? The privacy of the VPN is automatic with https. All they’re really offering is IP masking. Do you need it? (Some people really do).

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP