In VPN circles, you’ll hear a lot of discourse about the difference between virtual and physical VPN servers. There are absolutely benefits and drawbacks to both, but we’d make the argument that one is superior to the other. That being said, let’s look into the pros and cons of virtual vs physical servers.
How Do VPN Servers Work?
When you sign up for a VPN, you are protecting your data in two major ways. Logging on to the VPN network creates a secure connection to a VPN server. This does the following:
- It masks your IP address, making your online activity anonymous and preventing others from easily getting your private information.
- It encrypts all of your data, sending it from your computer through an encrypted tunnel to its destination. That keeps anyone watching your connection from seeing what data you’re transmitting.
The VPN servers can be either virtual or physical.
Benefits Virtual Servers
Why would you want a virtual server? There are a lot of good reasons for a VPN to use virtual servers.
A virtual VPN server still operates on a physical hard drive, but instead of it standing on its own, it might share that hardware’s resources with other virtual servers. This means that it’s easy to create a new server by simply setting up a virtual machine.
Virtual servers tend to have much smaller upfront costs than physical servers. It doesn’t take a lot of hardware investment to spin up new virtualization. On the other hand, physical servers require the purchase and installation of new hardware at a particular location.
The other major reason why a VPN would create a virtual server is to fill in space in their network. There are some countries that make it very difficult to build physical servers in their borders. Not only are there regulatory issues, but it can be incredibly expensive to set up a server farm in a new place. With a virtual server, they can purchase IP addresses that are local to an area and use virtualization to make it appear the server is located there. This lets VPNs expand their server footprint and offer access to more places.
However, virtual servers come with some significant disadvantages.
Drawbacks of Virtual Servers
The issue with virtualization is that it can be slow and unreliable. A virtual server is nothing but a part of a physical server with finite resources.
The easiest metaphor is a pie. Each virtual server is a slice of pie. You can continue to subdivide those slices smaller and smaller, but it quickly becomes unsatisfying. Eventually, you need more pie to serve everybody.
When you pin a new virtual server to a physical server, it takes away computing resources. The more people that are connecting to the server, the slower and less stable it becomes.
Another issue is one of access. Virtual servers are often rented from large, global server farms. If something goes wrong, it’s often on the VPN to fix it without necessarily having access to the actual equipment.
Hypothetically, let’s say that you own a VPN and run a virtual server in Malaysia. At first things are fine, but your latest marketing efforts were more successful than you could have dreamed. You have thousands of new users that want to connect to your servers. In order to handle this load, you contact the server farm where your Malaysian virtual machine is running and ask if you can buy more resources. Depending on your original contract, you might not have that option.
Finally, virtual servers are just not as secure as physical servers. In order to work, a virtual server needs to be set up through a “hypervisor,” which is a program for running virtual machines. With a hypervisor, I can run Windows on my Mac computer in a window, for example. Each new server needs a new virtual machine.
The problem is twofold. First, virtual machines take up a lot of computing power, so each new one could significantly slow down every other server running on that hardware. Secondly, hypervisors are another layer of technology that could have exploits for hackers to use. As of the time of this writing, a major exploit was found in VMware, one of the most popular hypervisors, less than a month ago. Gaining access to one virtual machine through the hypervisor could give a hacker access to every virtual server running on that hardware.
Benefits of Physical Servers
Physical servers are generally more reliable than virtual servers. When you set up a physical server, you own the hardware that will run your VPN. While you might rent space from a server farm, your IT team will have the ability to travel there and deal with issues, install upgrades, and generally maintain your network.
Moreover, physical servers are also just more powerful. They can have anywhere from 2 to 20 processors running simultaneously, making it possible to process astonishing amounts of data at incredibly fast speeds. Since virtualization isn’t being used, VPNs have more control over how resources are portioned and can optimize them on the fly if necessary. When it comes to virtual vs physical servers, performance isn’t even close.
This also leads into another benefit of physical servers: the ability to customize them. Since your VPN owns the servers, they can configure them any way they see fit. This allows them to tailor their service to their customer base. If there’s a demand for more P2P-enabled servers, for example, it’s possible to adjust settings to integrate that in a way that would be much more difficult on a virtual server.
Drawbacks of Physical Servers
Of course, it’s not all perfect. Physical servers do have a few drawbacks, but most of them are on the business side.
For example, owning and operating physical servers is a much bigger upfront cost. Whether you’re building a server farm or renting space in one, hardware will always cost more than software. Even if you had to license every server from your hypervisor (which you don’t), it would still be cheaper to start than buying countless hard drives, processors, etc.
Because of their physical location, it can be more difficult to maintain physical servers. Some maintenance has to be done on site, and fixing problems might require a tech to go and actually deal with it. In fact, having physical servers requires a larger IT team than virtual servers. You need people who are able to travel to your servers and do replacements, maintenance, and configuration. If you have a global network, then that makes it even more difficult.
Why PrivadoVPN Uses Virtual vs Physical Servers
At PrivadoVPN, we have made a number of commitments to our users, and one of them is that we use physical servers for our virtual private network.
Ultimately, the security risks and performance issues of virtual servers outweigh the benefits. We want to be confident that somebody hasn’t planted malware on dozens of virtual machines because of an exploit. We want to give our customers the best speeds and most stable performance.
That’s why we not only use physical servers, we own a lot of our own equipment, up to and including the fiber optic lines. Yes, it’s an investment, but we feel that it’s better we take on that burden rather than pass it on to our users.
This isn’t to say that all virtualization or that VPNs that use virtual servers are bad. But we’ve weighed the pros and cons of virtual vs physical servers, and have decided that the best option for our users is physical all the way.