VPN4ALL uses enhanced OpenVPN to ensure that (1) all your Internet traffic is encrypted with military-grade encryption as it’s transmitted over the Internet and that (2) your digital ID (IP address) remain invisible to the worldwide web at all times.
We also use Secure DNS to protect our users against DNS spoofing for 100% safe and Secure Online Banking and Shopping.
VPN4ALL provides optional Extra Protection – a second layer of at-the-server AntiVirus, AntiMalware, AntiPhishing and Firewall protection, which helps you make sure that far fewer malware gets through to your computer or mobile device.
All you need to do is launch your VPN4ALL software, select a server location and click Connect. VPN4ALL takes care of everything else silently in the background. VPN4ALL is the only personal VPN service that provides such a high level of security and powerful advanced VPN connection options combined with incredible ease of use.
Enhanced VPN Technology
With VPN4ALL, all you need is an active Internet connection (which you get through an ISP – at home, at school or in the office, in a public place though a HotSpot or from your Mobile Provider), VPN4ALL VPN Software and your individual VPN4ALL License Number.
Once connected, VPN4ALL creates an encrypted “tunnel” which penetrates the public Internet to connect your computer and our secure VPN network. All your data is then encrypted and encapsulated for safe transmission across the Internet as if you were part of a secure private network and not on a public one.
Our encryption engine handles the secure key exchange for each VPN4ALL user. When your computer sends or receives data over the Internet, VPN4ALL automatically communicates in encrypted code with our secure server to request the encryption keys. The server then securely authorizes the encryption and decryption operation of your data to ensure it’s confidentiality and integrity as it travels over the public Internet.
1VPN Security: Data Encryption and Tunneling
With VPN4ALL, we symmetrically encrypt and decrypt all your outgoing and incoming Internet traffic before it’s transmitted over the Internet. This symmetric encryption – the Advanced Encryption Standard (AES) algorithm – uses a very fast block level algorithm to encrypt and decrypt your data. We utilize AES ciphers (unique session keys) with the largest key size available today – 256 bits.
Every time a user connects with VPN4ALL, 2048 bits of random numbers are converted into a unique pair of keys for each user and for each session — one private key and one public key. These two keys are mathematically related in a very useful way. Data encrypted with one key can only be decrypted with the other key in the pair, and vice versa. The one-time unique session key used to encrypt your Internet traffic is then asymmetrically encrypted with the one-time public key from your pair of keys, using the RSA public-key encryption algorithm with the longest public key used today – 2048 bits.
Both the encrypted data and the encrypted session key are encapsulated and sent over the Internet.
VPN4ALL creates a virtual encrypted “tunnel” which penetrates through the public Internet to connect your computer and one of our secure VPN servers. This allows us to transmit a wide range of your data over the public Internet safely and securely, regardless of applications or protocols. Both sides of the encrypted VPN tunnel use the same one-time unique key for each session to encrypt and decrypt all your traffic in both directions.
With VPN4ALL all the data that reaches your computer from the Internet is also encrypted using the AES-256 Encryption. This ensures that no one can interfere with your incoming Internet traffic. Since the unique session key used to encrypt your incoming data was asymmetrically encrypted at our secure VPN servers, the VPN4ALL VPN client uses your one-time private key from the pair of keys to decrypt it. Your one-time private key from the pair of keys is encoded with a one-time secret code associated with your individual VPN4ALL License Number. Without the secret code, there is no way to access your private key.
In essence, with VPN4ALL, all you need is an active Internet connection, the VPN4ALL VPN client and your individual VPN4ALL License Number. Our encryption engine automatically handles all the one-time public and private key exchange for each VPN4ALL user. When your computer sends or receives data over the Internet, your VPN4ALL VPN client automatically communicates in encrypted code with our secure VPN servers to request the required public or private keys. The servers then securely authorize the encryption and decryption operations on your data.
2VPN Security: Secure DNS
Fast, Reliable, Secure DNS Lookups
To improve speed, reliability and security of DNS lookups to our customers, we have switched to Secure DNS. In essence, we quit letting our network’s Domain Name Servers convert domain names (like google.com) into IP addresses (18.104.22.168) for your browser. When you type a domain name, the conversion to an IP address now goes through Secure DNS instead. Secure DNS is the first IPv6-ready recursive DNS service in the world, which also helps us to prepare for the coming global migration from IPv4 to IPv6.
What is Secure DNS
Secure DNS is a popular third-party Domain Names System security and infrastructure services provider that makes the Internet safer through integrated DNS and anti-phishing defense. By placing company servers in strategic locations and employing a large cache of the domain names, Secure DNS can process DNS queries more quickly and reliably. By collecting a list of malicious sites, Secure DNS blocks access to these sites when a user tries to access them.
3VPN Security: Secure VPN Connection
Dynamically Assigned Shared IPs
After reaching our secure VPN network, your traffic leaves the VPN4ALL server with a new IP address – the same shared external IP address as that of thousands of other VPN4ALL users’. All this shared traffic of many VPN4ALL users is mingled together inseparably. The randomness of the data packets at our secure exit server is indecipherable because the IP addresses of all the packets are the same and cannot be differentiated by a hacker or any third party. Therefore no one can match your data with your local IP address, much less identify you through your online activities.
No disconnect on accidental Internet connection loss
VPN services that rely on default Windows PPTP or the default OpenVPN setup are disingenuous when they promise a secure connection. Apart from the IPv6 vulnerability, the default VPN setups fail to protect users on an unstable Internet connection. For short periods all Internet connections drop (particularly on dynamic IPs) and go unnoticed. This causes a break of your encrypted VPN tunnel and reveals your underlying local IP address. With VPN4ALL, there is a safeguard that keeps your VPN tunnel alive for 2 minutes after an unexpected connection failure. This ensures your data packets are encrypted and your underlying IP isn’t revealed until your Internet connection is reestablished again.
Secure License Number Transmission
Your VPN4ALL Software License Number together with the email address you provide us with at the signup is what identifies your VPN4ALL account. Your individual VPN4ALL License Number is also associated with the one-time secret codes utilized to encode your one-time private keys. It is therefore important that your VPN4ALL License Number is completely secure once we issue it to you. All transmissions that include your VPN4ALL License Number are encrypted with SSL 256bit encryption so that no one can intercept it.
First Secure IPv6-ready VPN Service
In response to requests from some of our corporate customers located in countries with early adoption of IPv6, we have prepared for the coming global migration from IPv4 to IPv6. IPv4 IP addresses are depleted and the last IP addresses were allocated in February 2011 so it’s only a matter of time before IPv4 stops functioning. The most fundamental customer requirement behind the need for an IPv6 global personal VPN service is the need for the same online confidentiality and security as provided by an IPv4 VPN Service. At VPN4ALL we are proud to be ready to offer exactly the same level of online confidentiality and security for both IPv4 and IPv6. Even when simultaneous IPv4 and IPv6 support is required, VPN4ALL users need only a single VPN4ALL software installation.*
*Even though most business users today can request IPv6 addressing from their ISP, the dual IPv6-IPv4 version of VPN4ALL is offered as a beta in Asia Pacific and EMEA regions only.
4VPN Server Security: Hardened Server Security
VPN Network Setup with Security in Mind
All VPN4ALL secure VPN servers are set up and maintained with security in mind. All the software and hardware used on our VPN network are always up-to-date and undergo regular security compliance checks. In addition, our network is protected by Cisco Firewalls and the best in the industry anti-malware solution.
No VPS, No collocation
Unlike the vast majority of other Personal VPN Services, our affordable price doesn’t come at the expense of server security. We don’t collocate our servers, don’t use VPS hosting. We work hard to ensure that only the highest quality dedicated servers in secured data centers with plenty of Ram, very fast processors and where possible dedicated 1Gbps ports make it on our network.
Secure Server Locations
All VPN4ALL servers are hosted at secure datacenters with dedicated ports and are protected and secured with 24-hour surveillance. Unauthorized access to one of our VPN servers would not compromise our operations data or signal origination data. Although we have VPN servers throughout the world that are made available to VPN4ALL users, certain servers on our secure VPN network are anonymous and we do not disclose the location of those servers as this would present tactical information to those who may wish to compromise our network in some way.
5VPN Server Security: Premium Extra Protection
Kill threats before they reach your computer*
Macs are falsely believed to be invincible and completely safe against malware threats and online attacks. Running an AntiVirus software on your SmartPhone or Tablet PC is heavy on your device’s CPU and affects its performance.
An average home antivirus is only effective against 85% of malware attacks. With VPN4ALL at-the-server Extra Protection*, far fewer malware gets through to your PC, Mac or mobile device, which results in nearly 100% anti-malware protection.
An at-the-server anti-virus solution scans check-sums of segments of files transferred from the Internet through our secure server network to see if they are infected with any new virus. Should any virus be present, its stops the virus at the server. This requires no additional setup on the user’s side and works seamlessly without causing a noticeable delay in connection speed. Since all the tests are run on our servers, it won’t use any of your system resources nor will it slow down your computer.
An at-the-server anti-phishing solution attempts to identify phishing content that may be contained in content transferred from the Internet through our secure server network. This anti-phishing solution employs the open-source databases of known phishing resources as well as databases provided by security services of financial organizations. This helps us improve the quality of protection from phishing attacks and is offered to those VPN4ALL users who opt for Extra Protection.
An at-the-server anti-malware solution stops worms, trojan horses, spyware, dishonest adware, scareware, crimeware, malicious rootkits, as well as other malicious software, content, code and scripts that are trying to get to your computer to disrupt its operation, gather information that would lead to loss of privacy or exploitation or gain unauthorized access to your system resources.
* A premium option available at extra cost as an opt-in at the checkout.
Frequently Asked Questions
Is 256-bit encryption secure enough? Can it be hacked?
We are using AES-256 encryption to protect the confidentiality of data in transit. The algorithm has been analyzed extensively and is now used worldwide. As of 2014, no successful attacks on the underlying cipher itself have ever been found. In June 2003, the U.S. government announced that AES may be used for classified information: “The design and strength of all key lengths of the AES algorithm are sufficient to protect classified information up to the SECRET level.” This marks the first time that the public has access to a cipher approved by the NSA for encryption of TOP SECRET information.
I’m behind a restrictive firewall and can only establish connections to a certain port. Which ports does VPN4ALL use?
VPN4ALL connections are possible over TCP and UDP using a choice of popular ports. As long as you have an active Internet connection and are able to access Internet resources, VPN4ALL is likely to help you bypass restrictions.
How can I check that VPN4ALL is in fact working?
You can verify your new IP address quite easily. Both your IP from your local ISP and your new IP address given by VPN4ALL are displayed in the interface of the software. You can also verify that your IP address has indeed changed to our secure anonymous IP address by visiting the page secure.vpn4all.com/whatismyipaddress/. You can also install any sniffer on your computer and track packets on the external interface. The information inside the packet will be undecipherable.
How does extra protection work?
Our extra protection solution stops viruses, malware and phishing attacks at the server, before they reach your PC, Mac or mobile device.