I’ve been wondering how much investment public VPN services actually make in their servers. Do they run their own physical servers connected at interconnection points? And, if so, what type of hardware and software investment is involved?
Or do they just rent time on cloud providers’ machines in a bunch of different geographies?
It would totally depend on the company.
If a company wants to do things properly, there would have their own physical servers in a good quality data centre.
However, most VPN companies try to do things as cheaply as possible – and use virtual servers. Maybe some use AWS, or other big companies, while others may use smaller VPS companies.
It depends. Most privacy conscientious VPN providers will generally rent an entire server (not VPS) from a small cloud service provider and avoid big ones like GCE, AWS and Azure. It’s a good compromise between security, privacy and cost effectiveness. Though some will also keep a small collection of highly secure servers that they own and maintain themselves.
It depends on the VPN provider. I suspect most use some combination of the above. The ones with thousands of IP addresses and hundreds of location probably rely more on cloud services. As it’s unlikely they operate their own servers in data centers in so many places.
I think most of the better ones run their own which requires a lot of locations around the world and thereby a lot of $$$, not to mention the price of the servers themselves.
Yea, I consider VPN servers setup on virtual servers a potential risk. Because even if the VPN sets up their virtual server to not log, the VPS provider their using could have network logging enabled on the hypervisor their using. This could mean that if subpoena or other means for a log was requested, they could just bypass the VPN company and their virtual server outright and just go to the VPS company and get their hypervisor’s network log.
While true, it won’t stop the data center from monitoring and logging egress and ingress traffic.