Windows Devices VPN Reviews
VPN Providers for Windows Devices
How we tested the fastest Windows VPN for 2018
While other VPN review sites are still testing their services on lines that may only run 25Mbps at max (“hello, Stone Age? It’s 2018 calling”), we here at VPN.com know that broadband services and fiber optic networks are the wave of the future, and that our readers want real speed test results which reflect that.
We’ve spent months tirelessly vetting every VPN on this list, using the most comprehensive speed test regimen seen on the web today. It all starts with the bandwidth: a 1Gbps simultaneous up/down fiber optic line provided by CenturyLink, which is hooked from our testing location in Northeast Portland, Oregon. Every speed test result hosted on VPN.com was gathered using the gold-standard in location-by-location testing, Ookla’s Speedtest.net. In order to get the most accurate results we used the newer HTML5-based test rather than the old Flash version, since Flash isn’t always capable of handling the compression technique that some VPN protocols use to protect your packets.
Testing servers for each of our 17 different locations around the globe were selected after an initial three-test run of every Speedtest.net host for that respective city. The fastest three servers then went to a final round where they were tested once more for reliability and top speed, and the #1 result is the host we’ve used to test the providers for this list.
Once the fastest server was established in each city we would then schedule the VPNs to run at 6AM and 9PM local, in order to get a read that represented the average network load during the lowest and highest population hours respectively. Three consecutive dry runs are scheduled for each hour of testing, designed to established the highest speed our line is currently getting when connected to a server in our own city. This provides a controlled baseline for what happens to the speeds once we hook up to the VPN, and gives us the result we ultimately rated all our services against.
After the dry run returns its results, we then connect the VPN to the test city and connect Speedtest.net to the server specific to that location. On average each Speedtest.net node is less than 50 miles in distance from the VPN server, which ensures an even playing field and the most optimal results for every VPN we test.
Finally once the VPN is hooked up and the Speedtest.net server is selected, we run the test three more times for each time slot (6AM or 9PM). The three results are then averaged together and plugged into our master spreadsheet, where they’re compared against the hourly dry run tests to get the final result.
We’ve gone to great lengths to guarantee that every speed test we run is the fairest, most accurate representation of the kinds of speeds you can expect to get with a VPN in your town. So what does this mean for you? It means that when we tell you Private Internet Access is the #1 fastest VPN for Windows on the internet today (with scores that pushed well past the 300Mbps mark on local servers), you know they’re the fastest around period.
If you’re a speed-demon who wants to supercharge their privacy without sacrificing power, Private Internet Access is the fastest VPN for Windows in 2017.
How much should it cost?
Windows VPNs can vary pretty greatly in cost depending on a number of different factors. These can include: the number of connections supported on the account, the number available platforms, what type of features you’re looking for, and whether or not extra services are made available for an additional cost.
On average, Windows users should expect to pay anywhere from $3.99 - $12.99 for their monthly service, depending on the provider selected.
What are some of the VPN features that are specific to the Windows ecosystem?
As one of the first operating systems to offer native support for VPNs Windows has been one of the most popular platforms for hundreds of different VPN providers over the years, nearly all of which have all released their own Windows-ready app for all versions ranging from XP and up.
As far as extra features go, Windows-based VPNs often have the most connection protocols to choose from compared to OSX, iOS, or Android, and many also come with a number of different add-ons that can help you do anything from blocking a few pesky ads, to getting you immediately linked through a double-ghosted TOR/VPN-hybrid connection for ultimate, unbreakable privacy at its best.
Connecting through a Windows VPN is also recommended if you’re trying to troubleshoot network issues for your mobile devices or potentially run a problem with your router. Several of our top picks on this list keep extensive logs when creating a new connection via Windows, which can be invaluable while you’re working with your provider’s support team to get the issue fixed.
Both the PPTP and SSTP connection protocols are proprietary to Windows, and were actually invented by Microsoft itself years ago. However although these are proprietary protocols, given the potential security flaws revealed by the NSA Snowden leaks back in 2013, we wouldn’t recommend connecting through either if you have another option available on your Windows machine.
Luckily Windows supports the largest number of protocols of any platform including the more recently-developed SoftEtherVPN, which utilizes dozens of recent advancements in encryption technology to deliver a combination of the safest tunneling capabilities and fastest speeds in one complete package.
What is a Windows VPN?
A Windows VPN is a privacy tool which can be used to protect the identity of you or anyone in your family who browses online while at home or on the go. Every day the average internet user is inundated with a deluge of tracking cookies, ad banners, malware links and malicious downloads, all of which are trying to do everything they can to sell our personal identifying information to the highest bidder.
A virtual private network - or “VPN” for short - is a method of encrypting your online activity which helps to obfuscate any digital information that could be used to identify you or a family member on the internet. This includes your real IP address, your location information and your ad preferences, along with a host of other bits and pieces of metadata that - when added up over time - can form an eerily accurate picture of who you are and how you live your life online or off.
This invasion of our personal privacy ranges from the relatively innocuous (Google Ads) to the downright insidious (malware-packed phishing links), and a VPN is one of the most user-friendly tools that can help to stop both in their tracks.
It’s no secret at this point that when it comes to the contest of “which operating system has the most security vulnerabilities”, Windows has taken home the trophy for 20+ years and counting. Microsoft remains at the top of every network security administrator’s biggest list of headaches, and although other options like OSX or Chrome OS aren’t still without their own problems, their vulnerability list is a mere drop in the bucket compared to the number of holes that get punched through the Windows architecture on a day-to-day basis.
The reasons why Windows continues to the be the #1 most-targeted operating system by cybercriminals are varied, but in a few words it all boils down to a numbers game. According to the most recent statistics off NetMarketShare, from XP and above Microsoft owns around 89% of the entire operating system market on desktop and laptop machines.
This means for every successful hack created on Windows a hacker will have the opportunity to attack 9 machines, where a Mac hacker may only have one. Most non-specialized hacks throw as wide a net as they can across as many machines as possible in order to raise the odds that they’ll successfully penetrate a machine that much faster.
If the most recent Q2 report released by AV-Test.org is to be believed (hint: it is), this move towards making malware for Windows above all other operating systems has resulted in over 600 million unique attack strains that are designed to attack the desktop OS. This means that of all the digital platforms available today, Windows alone accounts for nearly 78% of every attack recorded on the web.
It’s not necessarily that OSX or Linux are any more or less secure of a platform at their core than Windows is, but there will always be more hackers making more hacks for Windows because by sheer volume, they have the best chance of paying back a return on the investment quickly.
A Windows VPN makes it more difficult for hackers, malware distributors, and identity thieves to intercept your data in transit. Without that identifying data they can’t get your credit card information, social security number, or any of the other pieces of the puzzle they would need to pull off a successful attack. This is why it’s vital that anyone using the operating system always have a VPN installed and running to protect them from all the different malware, spyware, and adware programs that cause billions of dollars in damages each year.
Who needs a Windows VPN?
Everyone who uses Windows should be on a VPN, and each individual version has its own reasons why. For example, since Microsoft stopped issuing security updates for Windows XP back in April of 2014, your best bet to keep that platform secure is to add a VPN into the mix.
Users of Windows 10 have a whole different set of issues on their hands however, primarily involving Microsoft themselves and the many inventive ways they’ve attempted to offset the price of their recent upgrade program.
See, when Microsoft announced they would be releasing Windows 10 free to all owners of previous versions of the operating system, many people and journalists were skeptical how the company would make up the costs of development. If people weren’t buying the upgrade outright (usually costing anywhere from $100-$300 on older versions), how did Redmond expect to generate any revenue?
The answer soon came when it was revealed that deep in the privacy settings of the Windows 10 operating system, Microsoft would be collecting mounds of data on you and recording how you use your computer to send all that information back to home base.
Microsoft’s telemetry service became the bane of privacy advocates everywhere, as a huge backlash emerged in the privacy community over the company’s blatant violation of basic internet privacy rights.
Everyone from average Windows users to the Electronic Frontier Foundation were up in arms over Microsoft’s vague, murky response to what their operating system monitors. Even two years after its release, the company is still just barely getting comfortable with the idea of letting people know what they’re keeping an eye on.
Even with the release of more transparent data handling policies on the Windows 10 Creators Update, you can still never be exactly sure what Microsoft is doing unless you dig into the nitty gritty of your registry editor and pick apart the OS piece by piece.
This is why everyone at VPN.com recommends that you install a VPN on any devices running Windows, and especially those upgraded to Windows 10. Without an extra layer of encryption to secure the tunnel that Microsoft opens up between your computer and their servers, all of the information the OS collects could be easily intercepted by hackers and used to steal your identity, hack your computer, or worse.
Microsoft isn’t the only one to worry about
Now, while Microsoft itself (probably) isn’t doing anything all too malicious with that data, it’s still vital that you do everything you can to protect anything they collect while it’s in transit from your machine to them.
The sort of information that the Windows telemetry service collects is a veritable gold mine for hackers, and since Windows 10 already does the hard work of tracking, monitoring, and categorizing that data for them - all they need to do is break into the connection to have it sent to their own desk instead.
Sure, Microsoft may only want to check your Edge browsing history to find out what kind of games you like so it can display ads on your lock screen (still annoying on its own), but a hacker may try and use that same information to track your banking logins, or steal your credit card information without you finding out about it until it’s already too late.
According to the 2016 IC3 Internet Crime Report, identity theft cost American citizens $58 billion just last year, a figure which is expected to rise even further in 2017 with the development of even more advanced phishing campaigns being distributed worldwide. Anyone with a way to crack into the Windows 10 telemetry could easily end up turning your own operating system against you, transforming it into a tracking beacon that leeches valuable data to anyone in range.
Finally, it also bears mentioning that despite all of Microsoft’s promises to use the data they collect responsibly and protect it in the best interest of their customers, leaks like those revealed by Edward Snowden in 2013 show they may not actually have a choice of who sees it and who doesn’t.
Even if Microsoft wanted to keep their entire data collection effort above board, according to leaked documents first published by The Guardian all it takes is one court order to send the company’s lawyers running for the hills. This is why it’s vital that you do everything you can to protect the information that Microsoft collects through the Windows ecosystem, and be able hide your daily activities behind the wall of uncrackable encryption that a proper Windows VPN can provide.
Are Windows VPNs legal?
When asking this kind of question, the answer usually all depends on where you live in the world and when you’re actually finding this guide for the first time. VPNs are one of the many types of privacy protection tools that have seen different levels of tolerance depending on the country in recent years, and their legality for major regions can (and often do) change on a dime.
Some governments will openly welcome the people who run these types of businesses to open up shop wherever they please with the promise not to bother them under any circumstances, while others may be knocking down the door every other day with a subpoena about some new criminal they can’t find on their own.
As of this writing in October of 2017, VPNs are outright illegal to use on connections originating in: Belarus, China, Iraq, Oman, Russia, Turkey, and the United Arab Emirates, while their legality in Iran, Turkmenistan and North Korea is subject to special conditions.
However if you live in any other country than one of those mentioned. you’re 100% in the clear to use any VPN legally for as long as you like!
What does Windows do to protect connections on its own?
Of course, Microsoft hasn’t left their flagship OS stranded without its own system of defenses that come built-in with every installation.
Microsoft uses two primary applications to protect your network and your hard drives from attacks: Windows Defender and Windows Firewall, and while both are actually half-decent at what they do, as you’ll find out there are still several problems with each that warrant the use of extra security measures beyond what you get stock out of the box
Since Windows XP, Microsoft has included a malware defense system called Windows Defender which, somewhat surprisingly if we’re being frank, actually isn’t half bad at keeping your PC secure.
In my experience, it seems that Windows Defender could be one of the most universally-liked products ever released by Microsoft, seen as a “good enough” option by even the most hard-to-please fanboys out there. That said, Windows Defender can really only protect you from threats like malware and spyware that might try to install themselves on your computer.
Windows Defender is a solid antivirus, anti-malware, and anti-spyware program which continually monitors your Windows machine for any suspicious activity. First released in 2005, the program receives regular updates from Microsoft for anyone running Windows Vista and above and will often be the first and last line of defense that millions of Windows users have when it comes to keeping their filesystems free of infection.
In the 12 years the program has been active there have been only a few major breaches reported, with one of the most notable happening just earlier this year. That’s a pretty great track record for any antivirus company, and a great one for Microsoft all around.
But, while Windows Defender is a solid choice for anyone who wants to use a lighter, leaner anti-malware solution, Windows Defender can’t do much of anything when it comes to actually protecting your information while it’s in transit on the web.
This is why it’s important that even if you have the app running 24/7 that you include extra layers of protection that can encrypt your data on the fly.
Windows Firewall is the first and last line of defense when it comes to how Windows protects its connections, and for a free program that’s installed on nearly 90% of all networks running today it actually holds up pretty well against your more general, non-specific targeted attacks.
However because Windows Firewall is so ubiquitous, that also makes it a favorite target for larger malware distribution campaigns that aim to take hundreds, or even thousands of computers at once.
According to a resilience report released by the International Journal of Information & Network Security (IJINS) in 2014, dozens of advanced botnets and malware distributions have already been designed with the penetration of Windows Firewall in mind. With only a few lines of code, notorious campaigns like Conficker can easily disguise malicious traffic as legitimate requests as far as Windows Firewall can tell, which suggests that even the most commonly known threats are still capable of getting through undetected under the right circumstances.
However all is not lost. Many security researchers (including those from the IEEE) have drafted their own custom rulesets that can be used to further specify what Windows Firewall detects, and what it allows through the front gate of your PC.
This is why it’s important that on top of any antivirus or firewall program you have installed, you’re always running a VPN to guarantee that you’ve got every aspect of your digital life covered and accounted for.
Windows VPN Client
Finally, Windows gives users the option to route all their VPN traffic directly through a module in the operating system’s own network settings.
This is handy if you don’t want to deal with third-party applications that might bug out or glitch while you’re connected, and instead routes all the connection instructions through the manual creation of a new TAP adapter.
Using the Windows VPN connection method doesn’t offer any distinct advantages over a regular VPN application, but it does still come with all the same encryption techniques and IP routing tools that you would get from using the respective VPN application instead.
How does a Windows VPN work?
On Windows, a VPN works by creating an encrypted tunnel of information between you and the rest of the internet...Microsoft’s own servers included. In order to protect your data, a VPN client uses a series of special TCP/IP-based protocols, known as “tunneling protocols”, to open up a virtual dialog between your Windows machine and the VPN server.
What’s a “tunnel”, and how does it work?
In a normal uninterrupted internet connection, packets of data are sent from your computer, through your ISP, to the internet and back again without any form of encryption laid on top. Tunneling takes packets that would normally be transmitted in their raw form and encapsulates them behind what’s known as a “header”.
Headers dictate where a packet of data will be routed - and when used to direct traffic through a VPN server - will encrypt that data via a number of different authentication methods which vary depending on the VPN service you’re connecting to.
How can you find out if your Windows VPN is working properly?
There are several tools that you can use through your web browser which will help you verify that your VPN is connected to the server it’s claiming to, that your IP is truly hidden, and that your DNS isn’t leaking any identifying information about your location or the VPN provider to the outside world.
The first test is to check your IP location through this handy test here. If your VPN is functioning correctly, this IP shouldn’t be the same one that’s normally provided to you by your ISP. If you do see the same IP address, this means your VPN isn’t working the way it should.
The second test is to visit DNSLeak.com. Hit the green Start button in the middle of the page, and if the results have any red marks or are returned as “your DNS may be leaking”, then your VPN is not doing an effective enough job at protecting your connection to the web.
Lastly, the best way to check if your VPN is working correctly is to verify that the TAP adapted on your Windows machine is connected and running properly. To do this, once you connect the VPN in your provider’s application navigate to the Network and Sharing Center, and choose the option labeled Change network adapters.
Once here find the TAP adapter that was installed when you went through the VPN setup, right-click it and choose Properties. Your VPN is working if both sides of Send and Receive at least more than a few hundred packets transmitted from each side.
Sometimes users can have issues getting their VPN to actually communicate with the outside world, which can happen as a result of their home network, router, or firewall blocking the connection for one reason or another.
The first step in diagnosing why your VPN is running into network limitations is to open up whichever software firewall you’re using on the Windows desktop you want to connect with and check to see if it’s set to block connections on commonly used ports for the protocol you’re trying to connect with. For example, OpenVPN can use ports like 443, 8080, 1194, or 8888 on both the TCP and UDP protocols. If you see that your firewall is blocking UDP 443, this may be the cause of the stoppage.
If your software firewall isn’t causing the problem, the next place to check is your router’s firewall. Options like NAT can sometimes see an incoming encrypted VPN channel as a threat, and by default may be configured not to let that kind of traffic through. Which channel is being blocked will all depend on the VPN you’re using as well as the router model in your home, so be sure to search your provider’s FAQ page thoroughly to make sure you’ve got a match.
As far as we’re concerned at VPN.com, any Windows VPN that’s worth the price of admission should have a quick, simple, and foolproof setup process (as all of the picks on this list do). However not all VPNs are created equal, and sometimes their complicated setup process can lose some users before they’ve even had a chance to jump on.
The most common problem that most users face is some kind of corruption with the TAP adapter installation (Edit: “you can read more about TAP adapters in our guide on the subject here”). Sometimes a VPN may have its own branded TAP adapter that gets installed during the initial setup, or it will carry the standard label of “Windows TAP Adapter v9”.
You can make sure that the driver for the TAP adapter is updated and installed properly by going to Network and Sharing Settings > Change Adapter Settings. Right-click on the adapter that your VPN installed and choose Properties. Click the Driver tab and choose the option for Update Driver. This will automatically run the Windows TAP driver update and install it in a few minutes or less.
3rd-party client issues
Sometimes the proprietary client of your chosen VPN may experience glitches or issues that prevent it from being able to connect properly to the provider’s network.
In this scenario you have two options to circumvent the problem: either use the OpenVPN GUI with manual config files, or manually configure the connection by creating a new TAP adapter in Windows Settings.
Both choices offer their own benefits and drawbacks. On the one hand while the OpenVPN GUI app runs fast, light, and snappy on Windows and rarely ever failed in all the time I’ve used it personally, it’s only capable of creating a link with servers that support connections from the OpenVPN protocol.
Second is the internal Windows VPN client, which is available on versions from Vista and up. The internal VPN client (located in different spots depending on which Windows you’re using) can connect to almost any VPN protocol and service that supports manual configuration. Some of our favorites in this department include IBVPN, which lets you connect over every single Windows protocol available through any method you prefer using their handy setup page found here.
A VPN adds another layer of protection to Windows
For anyone who’s been on Windows as long I have (Windows 3.1 at six years old, thank you very much), you know just how tumultuous of a relationship one can have with this polarizing operating system.
On the one hand, when Microsoft gets it right (Windows XP, 7), they really get it right. But when they get it wrong (ME, Vista, 8.1), it’s just a dumpster fire of problems fueled by bad UI elements, slow speeds, and enough security vulnerabilities to fill an Olympic-sized swimming pool.
Of all the Windows releases in recent memory, it’s obvious that Microsoft was finally ready to try and flip the script with the hundreds of improvements that 10 makes in the security department over its predecessors. But, all that effort may ultimately be for naught when you consider that even if Windows 10 is technically safer than previous iterations, it still has one big glaring hole that can’t be ignored: privacy.
A VPN allows you to privately protect all of your personal information no matter where it is on your computer, because as soon as a hacker tries to steal it off your device, they’ll be staring down the barrel of one of the most advanced encryption standards used in the industry today.
Windows 10 is a huge improvement over many of the versions that came before it, but no matter how good it is, Windows will always continue to be the biggest target on the market for hacks, cracks, and identity theft due to the sheer popularity of the platform.
This is why it’s vital that you subscribe to a Windows VPN provider that has support for the features you want most and the speeds you crave, all at a price that won’t break the bank.