VPN Or Proxy?
Often, the terms "VPN server/service" and "proxy server/service" get used interchangeably. That's not quite accurate. While both are similar in function, their differences can decide which is better for your given needs.
A VPN is essentially a secure wide area network (WAN) comprised of two or more end points, at least one of which will be a server. VPNs use any of several protocols to perform their tunneling; PPTP, L2TP, IPSec, and SSL are the most common. (It is beyond the scope of this article to talk about the inherent advantages and disadvantages of each approach, but there are plenty of resources for doing so.)
VPN technology is cheap, but it still suffers from the same congestion and latency issues as the public Internet because, after all, it's on the public Internet.
A proxy server acts as a middleman, fielding requests from clients requesting resources from servers. If you've seen Galaxy Quest, you might recall how Sigourney Weaver's character would field requests for information from the captain and then convey them to the ship's computer system. Then, when the computer supplied an answer, Weaver would repeat it back to the captain (even though everyone could hear the computer first-hand)? Weaver was acting as a proxy server. In real world computing, the client (the captain, in our analogy) wouldn't be in the same room. The end server can only see the proxy server and has no idea what client is doing the requesting, thus preserving anonymity.
"A VPN provides the highest level of privacy because it applies encryption to the entire session, protecting all applications that access the Web," notes Jason C., a TorGuard administrator. "A proxy simply tunnels the traffic with no encryption. However, it can be applied to specific applications that support proxies."
According to Ted Kim, interim chief operating officer of London Trust Media, maker of the Private Internet Access VPN service, all software will work with a VPN service. This is not true of a proxy service. The latter will take your request, perform any necessary processing (such as authenticating your user status), then send out your request as if it were its own. If a software application is written to work with this forwarding arrangement, then all is well -- and many do. Most Web browsers, Torrent clients, and so forth work very well with proxy services. But proxy forwarding falls flat when, for instance, needing to mask DNS requests such that they appear to come from another country. Proxying also struggles with games, VoIP, and other traffic types that flow just fine on a VPN.
"A VPN service adds a virtual network adapter that your PC is then told is the primary network adapter for the computer," explains Kim. "All traffic, whether it's designed to be proxied or not, will go out on the VPN to your end-point. This allows for traffic such as DNS, gaming, and VoIP to be routed out via that network with surprising ease. Our servers then take the traffic, anonymize it, and send it out to its destination. The client can relax in security, knowing there’s no identifying information about their personal IP address visible to the end-node at the network level."
Compatibility aside, the critical difference between these two service types generally boils down to security. Proxy services do not tend to be encrypted; VPN services do. With encryption in place, your ISP cannot see what is happening within your VPN connection. This may not be the case with a proxied connection. Caveat emptor.
On the other hand, encryption can slow things down, and therefore proxy services process streaming media and file downloads faster, TorGuard founder and CEO Ben Van Pelt tells us. Also, he adds, "a proxy server can be configured to provide IP masking for a single application or device that may not normally support VPNs."
For the ultimate in privacy control, you can use a technique called layering, or using both a proxy and VPN. This helps "prevent against accidental disconnects or IP leaks," Van Pelt says, adding that TorGuard provides discounts to customers who add connections.