> For the complete documentation index, see [llms.txt](https://d3fenders.gitbook.io/d3fenders/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://d3fenders.gitbook.io/d3fenders/12.-d3fenders-vpn.md).

# 12. D3fenders VPN

### Overview

D3fenders VPN is a privacy and network security application for macOS built on the WireGuard protocol.

It provides encrypted traffic routing, DNS protection, and a built-in network firewall through a native system extension. The tool operates at the network layer and is designed to reduce exposure to malicious infrastructure before traffic reaches applications or the operating system.

D3fenders VPN functions as a standalone network security layer and does not rely on other tools to provide its core protections.

***

### Threat Model

D3fenders VPN is designed to mitigate network-level risks, including:

* IP-based tracking and fingerprinting
* Network surveillance on untrusted connections
* DNS leaks and metadata exposure
* Malicious domains and phishing infrastructure
* Ad and tracker networks
* Traffic leakage during unstable connections

It is particularly relevant for users interacting with decentralized applications, RPC endpoints, and public networks.

***

### Core Capabilities

#### WireGuard VPN Tunnel

The VPN is built on WireGuard, providing:

* Modern cryptography
* Minimal attack surface
* Fast connection establishment
* Seamless roaming between networks

All traffic is routed through an encrypted tunnel when the VPN is active.

***

#### Kill Switch Protection

The kill switch prevents traffic from leaving the device if the VPN connection drops unexpectedly.

When triggered, non-local traffic is blocked until the tunnel is restored, preventing accidental data leakage.

***

#### DNS Leak Prevention

All DNS queries are forced through the VPN tunnel.

Users can select from multiple DNS providers or use the built-in firewall DNS for threat blocking. Custom DNS configurations are supported.

***

#### FireGuard Network Firewall

The integrated firewall blocks traffic at the domain level, including:

* Known malicious domains
* Phishing infrastructure
* Ad networks and trackers
* Optional content categories

Blocking occurs before traffic reaches applications, reducing exposure at the network boundary.

***

#### Auto-Connect & Network Awareness

The VPN can automatically enable protection based on:

* Network trust level
* WiFi security characteristics
* User-defined trusted networks

This allows consistent protection without manual intervention.

***

#### Connection & Traffic Visibility

The interface provides:

* Connection status
* Active server location
* Session duration
* Data usage metrics
* Firewall block statistics

All statistics are local and do not require server-side logging.

***

### Security & Privacy Guarantees

* No traffic inspection beyond filtering logic
* No activity or connection logging
* Encrypted tunnel enforced by the OS
* Minimal IPC surface between app and system extension
* Clear visibility into network protections

***

### Limitations & Non-Goals

* D3fenders VPN does not scan files or applications
* It does not detect on-device malware
* It does not remediate compromised systems

Those concerns are intentionally handled at other layers.

***

### Intended Users

* Users on public or untrusted networks
* Web3 participants seeking network privacy
* Professionals requiring consistent IP protection
* Anyone wanting firewall and DNS enforcement at the network layer


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://d3fenders.gitbook.io/d3fenders/12.-d3fenders-vpn.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
