Proxy vs VPN: What are the differences?
Two web security tools, two different use cases
If you're shopping around for ways to boost your online privacy, you might come across VPNs and proxies and wonder, ultimately, what's the difference? Both technologies hide your IP address—but they work in very different ways.
A proxy routes specified internet traffic through an intermediary server while the best VPNs create an encrypted tunnel between your device and a secure server, and act as your gateway to the internet.
I think a VPN is the better choice in most scenarios, but I'll walk you through how proxies have their own uses, too, and how both tools shore up your digital security.
What is a proxy?
A proxy server is an internet-connected device that routes internet traffic on behalf of the clients connected to it. When you connect to a proxy server, any requests you send to access an internet resource are sent through the proxy server first. The proxy then forwards your request to the destination specified, retrieves the response, and sends it back to you.
Although you might be most familiar with the anonymizing type of proxy that hides your IP address when making a request, there are a variety of proxies that perform different roles.
Transparent proxies send your traffic without making any alterations to it whatsoever. These are mainly used by large institutions to conserve bandwidth by caching popular websites on the server, but can also be used to filter certain types of inappropriate content or block malicious traffic. These proxies do not hide the origin of a request, however, so they aren’t useful for protecting your anonymity.
Anonymous proxies, on the other hand, do exactly that by replacing your IP address with the IP address of the proxy server. So, to any server you interact with, you'll look like you're connecting from the proxy server instead of your home connection. This, in turn, makes it harder for websites and advertisers to track your online activities.
What is a VPN
VPN stands for Virtual Private Network. It's a secure, encrypted connection between your device and a computer network using the internet as a transport layer. This means that any data sent over this connection is private. Even if someone outside the VPN (such as your ISP) intercepts your internet traffic, they won't be able to read it.
When you use a VPN, all your internet traffic is routed through a secure server before reaching its final destination. The VPN server replaces your IP address with its own. This makes it appear as though you're browsing from the VPN server's location rather than your actual one, enhancing your online anonymity.
A VPN isn't powered by any one specific protocol. There are many competing VPN protocols used to power connections, but only a few are considered worth using. OpenVPN is the most widely trusted protocol, as it’s open source and built off of audited existing technologies such as SSL. There’s also WireGuard, which is a new protocol designed to be significantly more lightweight than OpenVPN at the cost of a reduced feature set.
You'll also see some VPNs that support L2TP and PPTP. Both of these protocols are considered outdated and insecure. PPTP is Microsoft’s attempt at building a secure VPN protocol, but it uses an insecure password hashing system which leaves it vulnerable to brute-force attacks. L2TP is considered potentially insecure as a result of leaked NSA documents which suggest that the Five Eyes alliance has access to the capability to somehow decrypt streams of data that use L2TP as a tunnel.
What is the difference between a proxy and a VPN?
The key difference between a proxy and a VPN is how they handle your data.
A proxy server is basically a forwarding service. It doesn't change how your data looks apart from replacing your IP address. If someone was monitoring the traffic sent from your device to a proxy at any point along its path, they'd be able to see everything you've sent through that proxy.
While the widespread proliferation of TLS encryption for HTTPS-enabled websites means that critical pieces of information like your bank passwords are encrypted before they leave your device, a third party would still be able to see the websites you're requesting as well as any plaintext traffic you send and receive from a HTTP website.
You can't really be sure that a proxy isn’t scraping all of the data you send through it, either. Your ISP can still see everything you're doing, but you're adding in an extra routing point that can see all of your traffic. As a result, proxies should only be used for tasks where security isn't critically important. For example, marketing agencies use them to quickly scrape data on the same websites as they appear from different areas of the world.
A VPN, on the other hand, encrypts all data between your device and the VPN server, creating a secure "tunnel." The VPN server then communicates with the internet on your behalf, masking your IP address and ensuring all transmitted data is encrypted and secure. Your ISP can’t see any of the traffic you send through a VPN tunnel, and neither can anyone else on your network
As such, VPNs are ideal for high-security needs, such as sending personal data on public Wi-Fi. The ability to obfuscate your VPN traffic to make it appear as normal browsing traffic also makes VPNs for avoiding government censorship. Most importantly, no log VPNs undergo third-party audits to demonstrate that they don't hold any of your data after transmitting it through their servers.
Should you use a VPN or a proxy?
Proxies are great for quick, basic internet tasks. Most browsers and internet-based tools feature proxy support, which means there's no need for additional software. This makes proxies useful for doing things like reviewing websites from a different location to test out things like language support and advertisement coverage, as well as bypassing regional locks on some types of content. Proxies are also handy in a pinch if you need to quickly hide your IP address for anonymous web browsing while sending or receiving content that isn't sensitive.
However, if you need more than just basic anonymity, a VPN is the way to go. Just like a proxy, VPNs hide your IP address and let you bypass geo-blocks by forwarding your traffic through an additional server. What makes the difference is that VPNs provide comprehensive encryption for all your internet traffic, ensuring that your data remains secure from hackers, ISP surveillance, and snoopers on your local network. This is particularly important when using public Wi-Fi networks, where it's relatively easy for someone on the same network to capture your internet traffic.
VPNs also offer a broader range of features compared to proxies. If you want to change location using proxies, you have to find a new proxy in the location you want and then paste that new IP address into your proxy software. A good VPN makes this process easy by allowing you to make the switch in-app with a few clicks, keeping you secure while the handover takes place thanks to a connection kill switch that ensures your traffic isn’t sent over your normal internet connection in the meantime.
Additionally, VPNs are more effective at bypassing sophisticated geo-blocking measures. Proxies can be easily blocked by firewalls, whereas advanced VPNs use obfuscation techniques that disguise VPN traffic as other internet protocols. This means that you can hide the fact you're using a VPN altogether, sidestepping even the nastiest ISP firewalls. When combined with access to an encrypted in-house DNS server, this allows you to access a wide range of content from almost anywhere in the world, bypassing streaming restrictions and avoiding censorship in regions with strict internet controls.
The best VPNs in 2024: my top three
1. The best VPN service overall: NordVPN
NordVPN is the ideal choice if you're concerned about security. It uses advanced encryption protocols built on AES-256 to keep your data secure, as well as several extra security features built into the client such as an encrypted file-sharing Meshnet, dark-web identity theft monitoring, and a malware detection agent.
With a 30-day money-back guarantee, you can try NordVPN risk-free.
2. The best VPN for beginners: ExpressVPN ExpressVPN is one of the fastest VPN providers out there, making it an ideal choice for streaming and downloading. It operates a vast network of servers in 105 countries, providing extensive coverage and lightning-fast connection speeds. While it's more expensive than most VPN suites, ExpressVPN has proven to be extremely reliable when it comes to unblocking streaming content from all over the world.
Like NordVPN, you can try it out with a 30-day money-back guarantee to see if it's the VPN for you.
3. The best cheap VPN: Surfshark
Surfshark is the perfect choice for VPN coverage on a budget. With speeds and locations comparable to both NordVPN and ExpressVPN, what sets Surfshark apart is the ability to connect an unlimited number of devices under a single subscription. This makes it perfect for large families or users with multiple devices. You'll be safe in the knowledge that each device you use with Surfshark is covered by CleanWeb, a feature which blocks ads, trackers, and malware from appearing in your browser.
There's also a 30-day money-back guarantee, so you can explore Surfshark's features without committing to a subscription.
Disclaimer
We test and review VPN services in the context of legal recreational uses. For example:
1. Accessing a service from another country (subject to the terms and conditions of that service).
2. Protecting your online security and strengthening your online privacy when abroad.
We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
Sam Dawson is a cybersecurity expert who has over four years of experience reviewing security-related software products. He focuses his writing on VPNs and security, previously writing for ProPrivacy before freelancing for Future PLC's brands, including TechRadar. Between running a penetration testing company and finishing a PhD focusing on speculative execution attacks at the University of Kent, he still somehow finds the time to keep an eye on how technology is impacting current affairs.