For security purposes, a mobile device can be configured to route application network traffic through an encrypted network tunnel, such as a virtual private network (VPN). This configuration, is especially useful when the mobile device is connected to the Internet through an open Wi-Fi access point, where any device can eavesdrop on the network traffic. This configuration is also useful in situations where the mobile device is connected to a secured network to which untrusted dev ices can be connected, or if the operator of the network (or intermediate networks) cannot be trusted. Also, the use of a VPN can be necessary to connect to resources hosted on an organization's private network or intranet.
Different applications can have different requirements for bandwidth or quality of service (QoS) for network access. For example, applications that involve real-time voice or video content can require a higher QoS level than applications performing a bulk data transfer. A video telephony application experiencing a temporary network delay can have dropouts in video or audio that can interrupt the flow of a conversation and perceivably diminish the user experience. However, an application performing a bulk data transfer will likely not be set back by the temporary network delay and can recover by way of increased bandwidth later.
Although network operators can sometimes set QoS levels or priorities for different types of traffic on their networks, such QoS levels or priorities do not affect tunneled application traffic. To the network operator the tunneled traffic appears identical since it is encrypted. For instance, video network traffic and bulk data network traffic that is tunneled can appear to the network operator as indistinguishable socket secure (SOCKS) traffic. Moreover, control of prioritization rests with the network operator, not the mobile device owner or the organization that manages the mobile device.