A virtual private network hides your actual IP address, making it look like you’re connecting from a different location. VPNs offer many benefits, like additional privacy, unlocking geographically restricted content such as foreign Netflix libraries and circumventing censorship or throttling restrictions.
While most folks are probably familiar with personal VPNs -- like ExpressVPN or NordVPN -- there are multiple virtual private network varieties. Remote access VPNs and site-to-site VPNs, commonly found in work environments, offer different functionality from consumer VPNs.
Let’s dive in and explore the various types of VPNs and what each one can do.
What are the different types of VPNs?
There are three main VPN options: A consumer or personal VPN, remote access VPN and site-to-site VPN (in either the intranet or extranet variety). All VPNs make applications, websites and internet-connected services think you’re connecting from a different location than where you’re physically located. How each operates and their intended use cases vary.
A consumer or personal VPN is probably what you have installed on your devices at home
If you’ve got a VPN on your laptop, phone or streaming box, chances are it’s a personal VPN. Consumer VPNs require two main components: A client or app, and a server. Once you’ve downloaded and installed your VPN software or client, you’ll simply select a desired server location. Apps, websites and your internet service provider (ISP) view your traffic as coming from a different location -- whether it’s another part of your state, nation or a separate country. Personal VPNs boast many use cases, including extra privacy while browsing the web, region-restricted content unblocking and censorship circumvention.
Whether you need a VPN for travel, want to stream geographically restricted content or want to shore up your privacy, a consumer VPN is an excellent addition to your software arsenal. For instance, you can use a Canadian VPN server while sitting in the US to mask your IP address and dupe apps or services into thinking you’re located in Toronto, Montreal or another Canadian locale. I regularly use a VPN to stream Murdoch Mysteries episodes on the CBC website straight from the States. CNET’s top VPNs include ExpressVPN, NordVPN and Surfshark.
Remote access VPNs are often used in the workplace, but can also be used at home
Whereas a personal VPN routes your internet traffic through any shared VPN server you select from a list, remote access VPNs establish secure connections to a private network. A remote access VPN lets you securely tunnel into a specific network for extra privacy on public Wi-Fi, security authentication or file access. Like with personal VPNs, each device requires a client app that communicates with a server. Unlike most consumer VPNs, you’ll usually have one or a handful or server choices designated by network administrators, and only authorized employees or contractors can use them. By contrast, any paying customer can hop onto the often thousands of servers available with a consumer VPN.
Chances are you’ve used a remote access VPN on the job, primarily if you work from home or take regular business trips. Remote access VPNs establish a secure tunnel between a device like your work laptop or phone and the company’s network. Then, you can access company resources from almost anywhere you’ve got reliable internet, just as easily as if you were under the warm glow of the fluorescents in the office. PureDome by PureVPN is an example of a remote access VPN commonly deployed in enterprise environments.
While remote access VPNs are common in the workplace, some folks use them at home, too. For instance, you can set up a remote access VPN to log into your home network from anywhere, which lets you manage a network-attached storage (NAS) device even when you’re traveling. NordVPN’s Meshnet lets you easily run a remote access VPN at home.
When I first received my work laptop, an outdated driver prevented me from using the video outputs on my PC to connect to my external monitor. I contacted our IT folks, and one of them used a remote access VPN to install the correct drivers. The remote access VPN allowed our IT department to securely connect my laptop while I was in my home office and they were at the office, so they could set up the necessary software. Apps and websites view my work PC’s traffic as coming from a company-wide network even if I’m hammering away at the keyboard in a coffee shop, in the airport or at a coworking space.
Site-to-site VPNs create secure connections between remote locations in enterprise environments
Site-to-site VPNs are most commonly used in large organizations to directly connect physical office locations (sites), and come in two varieties: Intranet and extranet. Both remote-access VPNs and site-to-site VPNs boast many of the same advantages, namely secure data sharing between different physical locations. Remote access VPNs require a VPN client app installed on every device and are intended for a per-user or -device basis. On the other hand, site-to-site VPNs, as the name suggests, connect entire offices and don’t require a VPN client application. Remote access VPNs are engineered more for individual users working from home and taking business trips, while site-to-site VPNs connect whole offices.
An intranet site-to-site VPN securely connects the local networks of multiple locations -- such as several offices of one company. Rather than relying on a VPN client app that talks with a server, site-to-site VPNs directly link the gateways of offices. A gateway, also called a network node, is a device that accesses the internet. Intranet-based site-to-site VPNs make it easier to communicate for folks in geographically distant office branches, for instance, because any devices using the local Wi-Fi -- or ethernet for that matter -- appear as though they’re using the same network. For instance, a marketing company might use an intranet site-to-site VPN to securely share company resources, letting account managers in one branch seamlessly view mockups from the design team housed in another location.
Extranet site-to-site VPNs operate similarly but facilitate communication between various internal and external parties, like businesses, partners and customers. Whereas an intranet site-to-site VPN is typically used by one company, extranet VPNs have measures to limit access to company resources. A beverage company may rely on a site-to-site extranet VPN to securely share information between separate organizations that comprise its overall supply chain, such as shippers, distributors and manufacturers.
NordLayer is a business VPN with intranet and extranet site-to-site capabilities.
Which type of VPN should you use?
If you want a VPN to install on your personal computer, phone, tablet or other device, a consumer VPN is what you want. ExpressVPN is our Editors’ Choice VPN because of its unparalleled user-friendly design, excellent transparency and cutting-edge security features. NordVPN is the fastest VPN we tested, while Surfshark boasts an outstanding value. Proton is the only free VPN we recommend.
Remote access VPNs are great for enterprise environments to securely connect users with an office network on the go. For companies with distributed work-from-home employees and regular business travelers, remote access VPNs maintain security and data privacy.
Larger organizations with a main office and multiple hubs can utilize intranet site-to-site VPNs; think of a hospital securely sending patient data via electronic health records between its different branches. Big companies that collaborate closely with outside organizations might rely on extranet site-to-site VPNs, which connect businesses and external partners efficiently yet securely, with measures in place to limit access to select resources.
