The internet and, now, cloud computing transformed the way we conduct business. It’s insurmountable to succeed without the resources available online today. The downside to this long-term trend is that communications online, never mind on public cloud platforms, present vulnerabilities via web attacks and malware. Enter VPN technology.
One longtime cybersecurity solution for small teams up to global enterprise networks is virtual private networks (VPN). VPNs offer clients an encrypted access channel to remote networks through a tunneling protocol and can obfuscate the client’s IP address. While the latter is most applicable to individual consumers, the former – VPN’s use as an enterprise network appliance – is up against an evolving ecosystem.
Ongoing innovation in connectivity lessened the potential economic impact of the COVID-19 pandemic, in part because organizations quickly adopted solutions like VPNs to secure a remote workforce. The market jumped, but how does a movement towards zero trust affect the future of VPNs, and what VPN vendors offer genuine enterprise-tier services?
We dive into the top enterprise-ready VPN vendors and solutions and offer the background to make an informed decision with your purchase.
Top VPN products
Founded in 2011, CyberGhost VPN is headquartered in Bucharest, Romania, and boasts over 30 million global customers. With a fleet of 7,300 servers in 91 countries, CyberGhost offers individual households and small businesses reasonably priced plans for contracts from one month to three years. CyberGhost plans include 24/7 live support and a 45-day money-back guarantee for plans a year or longer. Cyberghost is explicit in their marketing, they believe privacy is a fundamental human right, and it drives their solutions.
User Reviews: With over 12k reviews on TrustPilot, CyberGhost VPN holds an industry-high 4.8/5 star rating. The CyberGhost VPN app has an average 4.1/5 star rating with over 122k+ reviews on the Google Play store and a 4.2/5 star rating with 30k+ in the Apple Store.
Encrypt.me has a flexible range of plans from consumers to enterprise organizations. In 2011, the Los Angeles VPN provider launched a platform-friendly solution for iOS, Android, macOS, Windows, and Amazon devices. Even better, customer accounts are not limited to a set number of devices. For coverage, Encrypt.me offers contracts as short as a week passes up to family accounts for as long as a year. Team plans offer a scaled discount that includes custom plans above 250 team members. Encrypt.me provides a two-week free trial with no credit card required.
User Reviews: The Encrypt.me application holds a 3.5/5 star rating with 863 reviews in the Google Play store and a 4.5/5 star rating with 4,679 reviews in the Apple Store.
One of the largest VPN service providers globally, ExpressVPN is an award-winning software across Windows, Mac, iOS, Android, and Linux platforms, as well as on-premises routers. With 3000 servers in 160 locations and 94 countries, ExpressVPN boasts its military-grade encryption and leak-proofing features, including a kill switch and unlimited bandwidth for clients. ExpressVPN bill plans range from one month to a year and have a 30-day money-back guarantee.
User Reviews: On TrustPilot, ExpressVPN holds a 4.6/5 star rating with over 7k reviews. The ExpressVPN app has an average 4.4/5 star rating with 203k+ reviews on the Google Play store and a 4.6/5 star rating with 133k+ in the Apple Store.
Also Read: Tokenization vs. Encryption: Pros and Cons
Because Fortinet offers a portfolio of solutions for the modern cyberinfrastructure, they’re relatively unique to some of the standalone VPN vendors featured. Consistently ranked as a top cybersecurity company, Fortinet’s VPN solution is FortiClient, a component of the FortiGate line of firewalls solutions. FortiClient offers IPsec and SSL encryption, WAN optimization, endpoint compliance, and more to secure organization networks. This fabric agent-based approach is deployable via VPN or Fortinet’s ZTNA tunnels.
User Reviews: The Fortinet app holds an average 4.5/5 star rating with 12k+ reviews on the Google Play store.
Golden Frog is a Switzerland-based software provider focused on securing online communication. Golden Frog manages 100% of its servers, hardware, and network infrastructure for users in 195 countries to ensure the utmost security. The individual client plan (VyprVPN) and VyprVPN for Business are affordable services, and the business route includes features like deployment support, dedicated servers and IPs, and identity management. Plans include a 30-day money-back guarantee, and prospective clients can request a free trial for business plans.
User Reviews: The VyprVPN app holds an average 4.3/5 star rating with 52k+ reviews on the Google Play store and a 4.6/5 star rating with 10k+ in the Apple Store.
Also Read: Best IAM Tools & Solutions for 2021
Since its launch in 2012, Los Angeles, California’s IPVanish has garnered over 1,600 servers in 75 locations and 40,000 IPs. Available for Windows, macOS, iOS, Android, Amazon, and Linux platforms, IPVanish plans come with unlimited devices and bandwidth and zero logging of client data. Customers can add IPVanish’s data backup solution for a marginal added fee, including a 500GB encrypted cloud backup, automatic syncing, and in-app file editing. Both the standalone VPN and VPN + Backup come with a 30-day money-back guarantee.
User Reviews: On TrustPilot, IPVanish holds a 4.7/5 star rating with 7k reviews. The IPVanish app has an average 4.2/5 star rating with over 13k reviews on the Google Play store and a 4.5/5 star rating with nearly 71k in the Apple Store.
Taking home the award for the most tenured organization on our list is Utah software vendor, Ivanti. Born in 1985, the IT and security-focused company’s gone through several name changes, yet always has been a presence in the solutions market and serves 78 of the Fortune 100. At the end of 2020, the acquisition of PulseSecure means Ivanti is serious about the VPN market. Dubbed Connect Secure, Ivanti’s solution comes with an SSL VPN, no contractual commitments, and support for VMware, KVM, and Hyper-V hypervisors. Free trials and quotes for a custom plan are available upon request.
Perhaps one of the most well-known VPN brand names globally, NordVPN calls Panama home. Started in 2012, NordVPN has long been a consumer-first vendor. Seven years later, the announcement of NordVPN Teams opened the door to SMBs and remote teams. Today, NordVPN has more than 5,200 servers worldwide in 33 countries. Specialty server offerings include P2P, Onion over VPN, dedicated IPs, and obfuscated VPNs. A free consultation is available upon request for NordVPN Teams, and all NordVPN plans include a 30-day money-back guarantee if unsatisfied.
User Reviews: The NordVPN app holds an average 4.3/5 star rating with 414k+ reviews on the Google Play store and a 4.6/5 star rating with 193k+ in the Apple Store.
Also Read: Top EDR Software Solutions of 2021
Perimeter 81, only started in 2018, is already an award-winning service provider in the cybersecurity industry. The Tel Aviv-based vendor offers secure access solutions for private networks, applications, and hybrid infrastructures through a unified cloud-based SASE platform. While Perimeter 81 prioritizes their zero trust market solutions, Perimeter the standalone VPN solutions for business are appealing to medium and large companies that need private servers, access management, and user-friendly apps across devices. Interested customers can try a demo upon request.
Based in Hong Kong, PureVPN offers a fleet of 6,500 servers in 141 countries to over three million clients. Established in 2007 by GZ Systems, PureVPN offers the leading tunneling protocols (PPTP, L2TP, SSTP/SSL, and IKEv2) and military-grade data encryption at 256-bit AES. For businesses, PureVPN enterprise solutions include options for a dedicated IP and private VPN server. The more the team members, the greater the discount per user for a contract with custom quotes available for teams over fifty people. PureVPN offers a 31-day refund policy.
User Reviews: With over 12k reviews on TrustPilot, PureVPN has a 4.8/5 star rating. The PureVPN app holds an average 3.8/5 star rating with 29k+ reviews on the Google Play store and a 4.2/5 star rating with 2k+ in the Apple Store.
Among the younger vendors on our list, Surfshark launched in 2018, and its headquarters are in the British Virgin Islands. While IKEv2 over IPSec is the default protocol for apps, clients can also utilize OpenVPN and Linux-based WireGuard tunneling protocols. Added features for a nominal fee per month include Surfshark Alert offering real-time alerts for breaches and personal data monitoring, and Surfshark Search for avoiding ads and hiding from search engines. Surfshark provides a 30-day money-back guarantee with subscriptions from one month to two years.
User Reviews: The Surfshark VPN app holds an average 4.3/5 star rating with 30k+ reviews on the Google Play store and a 4.4/5 star rating with 3k+ in the Apple Store.
Out of Orlando, Florida, TorGuard launched in 2012 and today offers many coverage options for SMB and larger organizations. Specializing in VPN servers, routers, and email security, TorGuard has over 3,000 servers in 50+ countries. Customers can choose from OpenVPN, WireGuard, IKEv2, or Shadowsocks for tunneling protocols. The Business VPN plan includes features like white label software, isolated networks, and user and IP management. For teams up to 500 people or more, TorGuard might offer the most customizable plan before talking to a representative.
User Reviews: The TorGuard app holds an average 4.4/5 star rating with 3k+ reviews on the Google Play store and a 4.8/5 star rating with 701 reviews in the Apple Store.
Built for dual-use to access location-restricted sites and as a hotspot shield, the TunnelBear VPN is available for free, individual use, and teams. Full of animated bear graphics, the Toronto-based TunnelBear has apps for Mac, Windows, iOS, and Android, known for their usability. Features include a no-logging assurance, 256-bit encryption, access to servers in 41 countries, and up to 5 devices per user. For pricing, TunnelBear Team plans are configurable up to 200 team members, with custom quotes beyond that. TunnelBear offers a free 7-day trial for interested customers.
User Reviews: The TunnelBear VPN app holds an average 4.3/5 star rating with over 250k+ reviews on the Google Play store and a 4.6/5 star rating with 46k+ in the Apple Store.
While zero trust is tossed around by industry analysts, Twingate’s mission is to replace legacy VPNs with a fabric-based approach to scaling VPN infrastructure. For an innovative VPN solution, their SMB and enterprise-centric plans makes Twingate a vendor worthy of consideration. The Twingate Teams subscription starts at up to 50 users and jumps to 150 users at the Business plan and unlimited users and devices for Enterprise clients. Demos for Twingate’s enterprise plans are available upon request, while the first two plan tiers include a 14-day free trial with no credit card required.
The second Toronto vendor to make our list is Windscribe. Launched in 2016, the Canadian VPN provider offers free, consumer, and team subscriptions as an app for desktop, smartphone, or web browser extensions. For securing data in transit, Windscribe uses AES-256 with SHA512 and a 4096-bit RSA key. Tunneling configuration options include OpenVPN, IKEv2, WireGuard, and SOCKS5. Added features include static IPs located on-premises or remote data centers, enabling port-forwarding and reducing blacklisting. Interested customers can create an account to see more options for plans and pricing based on organization needs.
User Reviews: The Windscribe VPN app holds an average 4.3/5 star rating with 49k+ reviews on the Google Play store and a 4.6/5 star rating with 10k+ in the Apple Store.
Also Read: Top Cybersecurity Companies of 2021
Your guide to VPN tools
What is a VPN?
Virtual private networks (VPN) make secure communication between points over public channels possible.
Either as a hardware or software appliance, a VPN connected to a client machine and private network enables more secure communication between points over the internet. Through tunneling protocols that dictate communication rules between two points, a VPN allows a user or device on one network the ability to work on another private network, shielded from the public internet.
For enterprise networks and workforces spread out geographically, a deployed VPN encrypts data from clients and the private networks being accessed to reduce the risk of web-based attacks.
Point-to-Point Tunneling Protocol (PPTP)
- One of the earliest protocols
- Low encryption, faster speeds
Layer 2 Tunneling Protocol (L2TP)
- Extension of PPTP and L2F
- Uses PPP like PPTP
Internet Protocol Security (IPSec)
- Operates transport and tunnel encryption
- Requires devices exchange a public key
Secure Socket Tunneling Protocol (SSTP)
- More secure than PPTP
- Uses TLS 3.0 for encryption
- Open source and most popular
- Based on TLS/SSL protocols
Internet Key Exchange version 2 (IKEv2)
- Used with IPsec for mobile devices
- Employs Diffie-Hellman key exchange
- A work in progress
- Faster and more straightforward than OpenVPN
Full Tunneling vs. Split Tunneling
An important distinction for any VPN service is whether the service offered is full or split tunneling. Most services provide both, but full tunneling is the objectively more secure option of the two.
A split tunneling VPN can divide a client’s internet traffic between a VPN and the open internet. While this can increase speed and enables multi-network access for the client, it’s often too significant a risk for the enterprise network.
VPN Solution Features
- Cross-platform compatibility for desktop, tablet, and mobile devices
- Embedded kill switch in case of IP leak
- Geographic distribution of VPN servers for hosting connections
- Limited or prohibited logging by the VPN service provider
- Pricing according to your organization size, uses, and scaling needs
- Router support for on-premises infrastructure deployment
- Support for different tunneling protocols (L2TP, SSL/SSTP, IPsec, OpenVPN)
- Technical support for deployment, maintenance, and troubleshooting
Types of VPNs
The predominant use of VPNs for enterprises has been the site-to-site VPN. These tunnels serve a specific set of site locations. In this case, the terms site locations or sites more than not refers to a network of offices.
For SMB to large organizations, having multiple offices spread across the globe is as easy as ever. Securing these networks requires a site-to-site VPN to encrypt communications between these sites’ clients while shielding data to the public internet.
Beyond a global office network, the growing trend continues to be remote work, which requires remote access to organization networks. In what could be a paradigm shift caused by the COVID-19 pandemic and advancing connectivity, personnel want and sometimes need the ability to work from home or abroad. Organizations respond to this need to ensure remote access doesn’t compromise the client or the company network.
Enter: the remote access VPN. Just as a site-to-site VPN can shield traffic from a network of offices, the remote access VPN offers an individual web client access to the private network via a separate encrypted tunnel. An important distinction here is how an intranet VPN and an extranet VPN solution differ.
Customers, suppliers, and partners
How do I compare VPN services?
VPN technology isn’t new, and the existing market of solutions has been around for some time, but what separates the best personal VPN providers from the enterprise VPNs you seek?
Here is a shortlist of what should be priorities for your consideration:
- Bandwidth capacity
- Fast connections
- Robust encryption
- Server reliability
- Simultaneous connections
- Technical support capacity
Speed, Security, Cost
Any customer looking at VPN solutions must consider the reported speed, security features, and logical pricing. Without adequate server resources, offering speedy connections is limited, making this a critical differentiator between VPN vendors. Users can be deterred without a fast connection to a point where they no longer want to use the VPN when it’s essential to security.
For organizations of all sizes, network security is about maximizing the infrastructure’s defensive posture and reducing vulnerabilities like those presented by the public internet. The best VPN solutions offer military-grade encryption with 256-bit AES.
The server force and geographic distribution should be essential considerations. When a client employs their VPN service, the remote server location processes all data before reaching the user. When a web client in Australia uses a VPN server housed in Canada, this naturally causes a slower connection than if the client had accessed the data without a VPN.
Because VPN providers are responsible for serving clients with their force of distributed servers, this presents a second potential for throttling. Whether traffic is jumping between too many VPNs or too many clients are requesting server resources, these instances can stress the network and slow connections.
Small and medium-sized businesses up to large enterprises need access to multiple clients at a time. Some of the most popular VPN platforms are consumer-facing, so finding publicly available information on large contracts can be a struggle. If simultaneous connections are a priority, gathering quotes will be a worth-it process for the best balance between cost and security value.
How to harden VPN security
In a year where secure remote access was crucial, the limits of VPN security were tested. The COVID-19 pandemic left organizations globally scrambling to figure out work-from-home and the vulnerabilities presented because of the shift. Gartner’s research director Rob Smith noted, “VPN became the new infrastructure, and nobody was prepared for it.” Some companies continue to employ a VPN for securing a remote workforce a year later, while others have concerns.
VPN Vulnerabilities Come to Light
In April 2021, CISA and the FBI issued warnings about advanced persistent threat (APT) groups targeting SSL VPN vulnerabilities. Specifically cited was the Fortinet FortiOS system’s SSL VPN. Despite ongoing security alerts from Fortinet, organizations refusing to update and patch VPN software remain exposed to potential attacks at ports 4443, 8443, and 10443.
Concerns about bandwidth for video conferences and other big data applications aside, the security implications of leaks in coverage are enough to wonder how vital VPN solutions are for enterprises.
The Role of Zero Trust
Rather than protecting every endpoint, the current trend – in the form of zero trust security solutions – is protecting what’s most important. VPNs can be a part of that strategy, but zero trust and microsegmentation are a more holistic approach and isolates sensitive data from the usual suspects online.
VPN market in 2021
Several traditional VPN services are joining a pack of new actors offering cloud-based VPN solutions for the hybrid infrastructure. These cloud VPNs continue to dominate revenue share as organizations look to virtual private clouds for reduced maintenance and cost.
Forecasts from Research and Markets and Grand View Research show the global VPN market in 2020 was over $30 billion and could reach as much as $100 billion by 2027.
User Ratings and Reviews
Most top VPN market players hold ratings for their applications in the Apple and Google app stores. Available rankings for our selections include:
On TrustPilot, the top-ranked VPN vendors are:
- CyberGhost: 4.8/5 stars; 12,659 reviews
- PureVPN: 4.7/5 stars; 12,366 reviews
- IPVanish: 4.7/5 stars; 7,083 reviews
- ExpressVPN: 4.6/5 stars; 7,365 reviews