How We Choose VyprVPN’s Server Locations

We have recently been asked by several of our customers to explain what a “server location” is and how we operate them.

VyprVPN Server Locations

At VyprVPN we have over 70 server locations worldwide.  Each server location provides IPs that are geo-located to the city listed, which is accomplished using either a physical server housed in that location or a virtual server which appears to be housed in that location.  We have been specifically asked about our use of virtual server locations and our criteria for utilizing them.

As a practice we do not have physical servers in restrictive countries.  Instead, we use virtual servers to keep the encryption gateway out of the hands of dangerous regimes, yet still offer access to an in-country IP address. We also utilize virtual servers to test new locations and determine where to deploy physical servers as we gain more customers and usage. When making these decisions, we are guided by our top three technical goals: security, performance and IP location. Here’s some more detail on our technical goals and how our server deployments support them.

Security:  We use identical algorithms and configurations around the world, but the physical location of the endpoint does affect security. Some locations simply do not have facilities, networks, or laws that we feel are secure enough to protect our connections. In these instances, we might choose a virtual server over a physical one, to bring traffic back to a secure facility with trusted physical infrastructure. For some countries, such as Russia, encrypting that traffic to a physical location outside the border ends up being more secure overall than placing a server in-country.

Performance:  For performance reasons, networks don’t always operate according to physical country borders. For example, much of the network from Brazil to Argentina will travel thousands of miles from Brazil to the United States through a single data center in Miami, Florida called the NAP of the Americas and then to Argentina. The Amsterdam Internet Exchange (AMS-IX) is another example. Traffic between European countries will often go through AMS-IX before reaching its destination. Since its inception, Golden Frog has exchanged traffic at AMS-IX, and our sister company, Giganews, helped AMS-IX break the 100 Gbps barrier back in 2005 (I’m also CTO of Giganews). Golden Frog and Giganews remain AMS-IX members today.

Network quality around the world varies greatly, and many networks in smaller countries bring their traffic to large international Internet hubs for better peering and interconnection with the rest of the world. For these locations, we tend to put our physical servers where all of the country’s networks are physically interconnecting – which may not be within the country itself. This allows us to provide fast connections and enables our large sites to bring their performance benefits to smaller countries where we otherwise could not deploy those kinds of resources. As sites get large enough, we spin them out to separate physical locations. For all server locations, we provide ping times to help the user make a decision about what server location has the performance that is best for them.

Geo-location: For customers concerned about the “country” of their connection, this is the feature that really matters. We work very hard to configure our systems and peer with the right networks so that customers present an in-country presence, even if the server is physically located elsewhere. On the Internet, physical borders are fungible. A user in China, for example, may not normally be able to access a controversial newspaper, but online, the physical border that keeps that newspaper out does not really exist. The same concept applies to networks. A network need not be in a country if it can directly connect with that country’s networks effectively.

For some countries, our overall model simply doesn’t work. Take China, for example. Two of the reasons we don’t have a China server, physical or otherwise, are that we do not feel comfortable with the system and network security within China, and connecting directly to Chinese networks just outside of China does not provide true in-country performance due to the Great Firewall.

As you can see, there are a variety of factors and complexities to consider when we select our server locations and determine which are physical versus virtual. Regardless of where our actual physical infrastructure is located, we only store our customers’ personal information physically in Zurich, Switzerland (this is where our company is incorporated, too!), due to their favorable and exceptional privacy laws as well as the physical security of the data center and networks there. If you have any questions about our servers or server locations at all, please feel free to ask. You can reach us at support@goldenfrog.com.

Philip Molter

Philip is Co-CTO of Golden Frog. Philip drives the technology development and decisions for our products and services. In short, I am responsible for making the tech behind our security and privacy ideas a reality.

Read more posts by Philip Molter →