Don't miss an insight. Subscribe to Techopedia for free.


What is the difference between a VPN and a firewall?

By Doug Kersten | Last updated: November 17, 2022

Firewalls, in their most basic form, protect systems and network by limiting access to (and from) source and destination addresses and ports. By doing this, they limit the external attack surface, so it is much easier to protect systems and networks. Think of this as a castle with only a front and back gate, versus an open-air tent.

Modern firewalls are much more sophisticated and can verify that protocols are not being abused, block malicious websites, restrict access to trusted sources, and identify and block traffic. Think of this as adding armed guards with biometric scanners and traps to the castle gates. (Read also: How to Build Network Architecture That Facilitates Better IT.)

VPNs (virtual private networks) on the other hand, are virtual networks set up to protect traffic on unprotected networks. The internet, by design, is an unprotected network. And this lack of protection is a driver behind much of the security innovation we’ve seen in the last fifty years. However, unprotected traffic can be collected and analyzed anywhere along its route and used in ways one may not expect. To mitigate this risk, companies often require employees to connect to their networks using a VPN to prevent attacks on their assets and intellectual property. Think of this as a King wearing armor and surrounded by his knights as he travels to his castle.

While organizations have been the primary VPN users since the 1990s, their usage has begun to wane due to the advent of remote work caused by COVID-19, reducing the need for corporate offices and networks. However, there has been an explosion in personal VPN use in recent years driven by privacy concerns, unsecured open Wi-Fi access, platform geo-restrictions, targeted advertising, and government censorship. VPNs mitigate these concerns by providing internet access for only the protected network at a trusted destination. (Read also: Considering a VPN? Make the Right Choice for Your Needs.)

When should you not use a VPN?

A VPN can be used to protect legal activities but can also be used to hide illegal or questionable activities. For example, bypassing geo-location restrictions, like those used by Netflix and other streaming services to restrict access to protected content, is illegal in many countries. They can also hide malicious activities like hacking attempts, including identity theft, ransomware, denial of service attacks, and more pressing concerns like cyber warfare.

Do I need a firewall if I have a VPN?

In short, VPNs and firewalls perform two distinct functions. VPNs protect data and identity as it transits unprotected networks, like the internet, and firewalls protect networks and systems from attack. The answer to the question, ‘Which one should I use?’ is both.

If necessary to start one with rather than the other, choose the firewall first. If networks and systems are compromised, it won’t make a difference if data identity is protected in transit. Build the castle to protect those inside, but don’t forget to put on armor when visiting friends.

Share this Q&A

  • Facebook
  • LinkedIn
  • Twitter



Written by Doug Kersten | Chief Information Security Officer

Profile Picture of Doug Kersten

Doug Kersten is the Chief Information Security Officer at Appfire. Kersten brings more than two decades of security leadership experience to this role, having led IT and security programs for some of the world’s top financial institutions and law firms.

More Q&As from our experts

Related Terms

Related Articles

Term of the Day

Content Services Platform

A content services platform is a software environment where users can collaborate as well as create and work on different...
Read Full Term

Tech moves fast! Stay ahead of the curve with Techopedia!

Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.

Go back to top