The new WireGuard VPN protocol has made a big splash lately. Major tech và programming personalities lượt thích Linus Torvalds, the creator of Linux, have praised it as a “work of art” compared to earlier VPN protocols like OpenVPN & IPSec. An early reviews from Ars Technica found that it connected và reconnected much faster than other protocols và that its cryptographical choices meant that it was more secure too.
In this article, you’ll learn what the hype is all about—and how WireGuard can help you protect your browsing.
Bạn đang xem: Wireguard: fast, modern, secure vpn tunnel
Pros & cons
In a nutshell, WireGuard is a newer protocol, so it has some great advantages & some growing pains. Here are its biggest pros:Agility. WireGuard connects & reconnects fast, even when you’re roaming across networks. It stays connected in situations where other VPN protocols would falter. Other VPN protocols sometimes feel brittle or clunky by comparison.Security. Compared to other VPN software, WireGuard chooses smart, modern cryptographic primitives with secure defaults. Plus, it’s very small & simple in relation khổng lồ older protocols, meaning that security researchers can audit it much more easily.Speed. WireGuard uses fast cryptography code. Plus, its low-level component lives within the Linux kernel (on servers & Linux desktops), making it faster than userspace VPNs.Ease of deployment. Both the client and server parts of WireGuard are really easy lớn install. You can tải về ready-to-go client apps for desktops and mobile devices from the platform ứng dụng store. On the server side, setting up WireGuard is not much harder than configuring SSH, a task that nearly every IT professional is familiar with.
Despite those advantages, WireGuard also suffers from some issues:Baked-in support. Even though WireGuard offers client apps for every major platform, it doesn’t work without extra software except on some Linux distros. If you want to use a VPN on a device where you can’t install apps, you’ll need lớn use a different protocol.Obfuscation. The WireGuard project does not seek khổng lồ build a VPN that counters deep-packet inspection. If, for example, you’re trying to lớn get through the Great Firewall of China, WireGuard by itself won’t vị the trick. However, WireGuard’s architecture allows it to support obfuscation tunnels as a layer on top.
What is WireGuard?
WireGuard is a VPN protocol —the way that a client (like your computer or phone) communicates with a VPN server. You might also hear “WireGuard” refer to the phầm mềm you can run on your devices as well.
It only supports UDP, which uses no handshake protocols. That"s one of the reasons why it"s so fast. It can skip the checks that OpenVPN TCP has to lớn perform.
How does WireGuard work?
WireGuard uses modern cryptography and network code lớn create an encrypted tunnel between two devices. Using some clever strategies, it even works when the client device’s IP address changes. For example, you can switch from smartphone data lớn Wi-Fi without waiting thirty seconds for the VPN to reconnect.
You can read more about WireGuard’s deep technical details on their website.
Is WireGuard secure?
Owing to its use of modern, well-vetted cryptography, WireGuard is one of the safest VPN protocols out there. Without compromising either the VPN vps or your client device, an external attacker can’t figure out much about your browsing.
What undoubtedly contributes to its safety is that its code is very streamlined và uses fewer lines of code than, i.e., OpenVPN. The less complex setup, the less it"s prone lớn errors & misconfigurations. All of this adds to lớn your overall safety.
Why is WireGuard important?
Previous VPN protocols were clunky lớn set up & configure. Even more importantly, IPSec & OpenVPN were huge, poorly-audited codebases that could have contained all sorts of security bugs lurking below the surface. The benefit you’re most likely to lớn notice as an end user is WireGuard’s faster connections and easier roaming.
Is WireGuard better than other protocols?
Yes. Since it uses faster cryptography & runs within the Linux kernel, WireGuard can be faster at transferring data than other protocols. You’re more likely khổng lồ notice the fact that WireGuard connects faster, however. Here’s how it stacks up against the two other common protocols today:
WireGuard vs. OpenVPN
One thử nghiệm found that WireGuard beat OpenVPN in raw tốc độ by about 15% in normal conditions. When OpenVPN was restricted to lớn its slower TCP mode, WireGuard was 56% faster. While the best-case comparison isn’t a mind-blowing difference, you’ll definitely feel WireGuard’s speed boost, particularly with big downloads.
Both OpenVPN and WireGuard are open-source, have very few vulnerabilities, và will require additional configuration files lớn set up on most devices. The difference is that WireGuard is using much more advanced cryptographic libraries và is much more efficient.
WireGuard vs. IPSec/IKEv2
IPSec is also a fast, fairly recent protocol. However, WireGuard has two advantages: its cryptographic primitives may be faster, and it’s built into the Linux kernel. One kiểm tra found that IPSec beat WireGuard in one particular situation, while WireGuard was more consistently fast.
The difference between IKEv2 and WireGuard is that the former will be supported by default on most devices. For WireGuard, you"ll need lớn install additional files. Though, it does have an edge with its more modern cryptographic libraries. Though IKEv2 isn"t very CPU-intensive in its defense & will be fast in most usage cases.
How to lớn easily configure WireGuard clients
Instead of manually copying certificates và typing details, the WireGuard tiện ích on smartphone devices lets you just scan a QR code. Your VPN provider or hệ thống software can provide you with a QR code khổng lồ scan. Then, from the WireGuard app, hit the plus sign and choose “Create from QR code”.
VPNs supporting WireGuard
Given its significant advantages for the average end user, many commercial VPN providers have been quick to lớn hop on the WireGuard bandwagon.
As one of the early financial contributors khổng lồ the WireGuard project, Mullvad supported WireGuard from an early stage. WireGuard is now the preferred method lớn use Mullvad.
Just lượt thích Mullvad, IVPN financially backed WireGuard as well as supporting it in their software. You can easily use the WireGuard protocol from IVPN’s apps without additional software.
The first "big" VPN to adopt WireGuard was NordVPN. They did so by modifying the xuất hiện source WireGuard software & creating their own protocol - NordLynx.
Private mạng internet Access, cryptostorm, và a number of other VPN providers were early backers of WireGuard. As the WireGuard protocol and software matured, more và more commercial VPN providers began to support WireGuard. Tìm kiếm your favorite provider’s website for WireGuard; odds are that the provider already offers it.
Any VPN you create yourself
Of course, if you want to create your own VPN server, you can phối it up to tư vấn WireGuard out of the box. If you opt khổng lồ go this route, a big advantage of using WireGuard is that there are far fewer configuration options to tweak for maximum security.
While existing VPN protocols lượt thích IPSec & OpenVPN worked just fine for most people, they’re not perfect. Older protocols can be slow, rely on outdated cryptography, & are hard to lớn keep secure. WireGuard turned the world of VPN protocols on its head.
If you’re looking khổng lồ stay on the cutting edge of công nghệ with a next-generation VPN experience, look no further than WireGuard.