What Is a VPN and How Does It Work? (Full Guide 2024)
VPNs are online apps that secure your traffic and hide your IP address. They help you get past annoying geo-blocks on popular streaming sites. They also protect you from cyber attacks, which are common today.
But there’s more to VPNs than just a short definition. This guide covers everything you need to know about them. You’ll learn how a VPN works, what it’s used for, and how to use it.
VPN Definition
VPN stands for Virtual Private Network. A VPN encrypts your online traffic and hides your IP address. This lets you browse the web securely and access blocked content.
Test Your VPN Knowledge – Take A Quiz!
How Does a VPN Work?
A VPN lets you connect to different VPN servers worldwide. When you do, it swaps your IP for its own. This makes any site you visit think your traffic is coming from the VPN server’s country. Also, a VPN encrypts your online traffic, making it unreadable.
How a VPN Works (Technical Explanation)
A VPN has a VPN app for your device and VPN servers to connect to. When you connect, the app and server create an encrypted link. This link makes your data unreadable, like gibberish to anyone spying.
Also, when you visit a site with a VPN, your connection goes through the VPN first. So instead of this:
You → ISP Network → Website
Your connection becomes:
You → VPN App → ISP Network → VPN Server → Website
This makes any site you visit think your traffic is from the VPN server. So, the site sees the VPN server’s IP, not yours. This “tricks” the site into thinking you’re from the VPN server’s country.
What Happens When You Connect to a VPN?
Here’s a step-by-step look at what happens when you use a VPN to go online:
- You use the VPN app on your device to connect to a VPN server.
- The VPN app encrypts your internet connection, making it unreadable, and establishes a connection to the VPN server.
- The VPN app sends the encrypted data to the VPN server.
- The VPN server receives your encrypted connection, decrypts it, and forwards it to the internet.
- When the VPN server receives the online data you requested from the web, it encrypts it and sends it to the VPN app on your device.
- The VPN app receives the encrypted data and decrypts it so that you can view it.
This process happens every time you access the internet via a VPN. It seems long and complicated, but it only takes a few seconds at most in real-time.
What Does a VPN Do?
Here’s a quick look at what exactly a VPN does:
- Creates a secure “tunnel” — the VPN establishes a secure connection between your device and a VPN server.
- Encrypts your traffic — this makes your data unreadable, so nobody can spy on it.
- Hides your IP address — allows you to browse the web using the VPN’s IP address.
What a VPN Doesn’t Do
And here’s what a VPN can’t do:
- Prevent malware infections — VPNs can’t protect your device from direct malware infections. They can only secure your online connections. For that kind of protection, you need to use an antivirus.
- Protect you from cookies — cookies are small text files that are stored on your device when you interact with sites. VPNs can’t intercept and store them on their servers instead of on your device. To make sure cookies don’t leak your real location while using a VPN, use your browser’s incognito/private mode.
- Bypass internet shutdowns — VPNs can bypass censorship, but not internet shutdowns. That’s when a government shuts down internet access country-wide. To use a VPN, you need to have online access.
Why Should You Use a VPN?
Here are the main reasons you should use a VPN:
- Access streaming sites and content — with a VPN, you can watch videos and streaming platforms not available in your country. Or access sites only available in your country when abroad. This is because the VPN hides your IP address, showing your location. So, streaming sites can’t block you with geo-restrictions.
- Bypass censorship — VPNs let you use an IP address without firewall restrictions. This means you can access blocked sites in countries like China.
- Secure your data — VPNs encrypt your traffic, making it unreadable. This stops cybercriminals from spying on your data when using unsecured WiFi.
- Secure P2P traffic — using a VPN for torrenting hides your IP address in the torrent swarm. This stops copyright trolls and lawyers from collecting it. Also, it prevents your ISP from seeing your P2P traffic.
- Prevent bandwidth throttling — if you use too much data, your ISP might slow your speeds for certain services. A VPN encrypts your traffic, so your ISP can’t see what you’re doing. Without this info, they can’t slow your connections.
- Protect yourself from DDoS attacks— a DDoS attack floods your network with traffic, making it offline. To target your network, hackers need your IP address. With a VPN, hackers can’t see your IP, so they can’t DDoS you. They might DDoS the VPN, but most providers have protection.
- Save money — VPNs can help you save on plane tickets, car rentals, video games, and more. Try connecting to VPN servers in lower-income countries to see lower prices online.
- Lower ping— VPNs might lower your ping while gaming. Connecting to a VPN server in the same country as the gaming server might route your traffic directly. This can lower your ping compared to passing through multiple countries.
Who Should Use a VPN?
Here’s a quick look at who could benefit from using a VPN:
- People who want to secure their data on public WiFi.
- People who want to stop their ISPs from spying on their browsing or throttling their speeds.
- Anyone who wants to access geo-blocked content or sites.
- People who want to enjoy gaming without dealing with high ping and DDoS attacks.
- Torrent users who want to protect their privacy.
- People who live in or travel through restrictive countries.
- People who want to stop advertisers from tracking their online preferences.
- Journalists, whistleblowers, activists, or anyone else who needs strong security.
Types of VPNs
Here are the 4 most common types of VPNs:
1. Commercial VPNs
A commercial VPN is a service that allows any online user to connect to a VPN server to securely access the web. Commercial VPNs are designed to be very easy to use— you only need to install an app on your device and use it to connect to a server. So pretty much anyone from college students and gamers to senior citizens and freelancers can use commercial VPNs.
Commercial VPNs come with paid subscriptions, though free options are available.
Commercial VPN example: NordVPN.
2. Corporate VPNs
A corporate VPN allows users to remotely access private networks securely. Most companies that have remote workers use corporate VPNs to encrypt employee connections to the company’s servers. Unlike a commercial VPN, corporate VPNs don’t secure users’ privacy. Employers who use a corporate VPN often enable logging to check what sites their employees access while connected to the VPN.
Companies can buy corporate VPN services from a provider or set up their in-house VPN.
Corporate VPN example: NordLayer.
3. Mobile VPNs
Mobile VPNs, also called mVPNs, are similar to corporate VPNs — they provide secure remote access to private networks. But mobile VPNs are designed to resist network changes, like when a user switches from WiFi to mobile data or turns off their device for a while. For example, a remote worker who lives in an area with poor connectivity could use a mobile VPN to securely access their company’s servers.
The term “mobile VPN” refers to the fact that the VPN can be used on any connection, providing great mobility. A mobile VPN can be used on any device, not just on mobile devices.
Mobile VPN example: Bittium SafeMove Mobile VPN.
4. Site-to-Site VPNs
Site-to-site VPNs are used to join together 2 networks that are located in different places. For example, let’s say there are 2 companies, called Company A and Company B. Company A has a site-to-site VPN client on a computer. And Company B has site-to-site VPN server software running on its servers. An employee from Company A could use the site-to-site VPN client to securely access Company B’s servers.
Site-to-site VPN example: OpenVPN’s Access Server.
What Is a VPN? (In-Depth Explanation)
In this section, we’ll take a closer and more technical look at how a VPN works.
What Is a VPN Client?
A VPN client, also called a VPN app, is a software you install on your device, which you use to access the VPN service. It lets you interact with the VPN, like connecting to VPN servers or changing settings. The VPN client also encrypts your connection when you connect to a VPN server.
VPN clients from commercial VPNs are easy to use. Here’s a screenshot of NordVPN’s app for reference:
What Is a VPN Server?
A VPN server is a server that hosts VPN software – it delivers the VPN service. It decrypts the data from your VPN app and sends it to the web. Then, it encrypts web data before sending it back to your app.
VPN providers can have both physical and virtual servers:
- Physical VPN servers — these are standalone physical servers. They are usually housed in data centers the VPN provider either owns or works with.
- Virtual VPN servers — this is a virtual machine instance created within a physical server. Multiple virtual private servers can be hosted on one physical server. Virtual servers are cheaper than physical servers, but just as secure.
The total number of VPN servers a VPN provider has is called a VPN server network.
What Is VPN Encryption?
VPN encryption turns readable data into unreadable data. When a VPN encrypts your connection requests, it turns your traffic into gibberish. So if someone spies on your traffic, they can’t see what sites you access. Instead, they’ll only see random strings of numbers, letters, and special characters — like HJ5rfu$3fs.
VPN providers use different encryption ciphers — it usually depends on which VPN protocol is used. The industry standard for most VPNs is 256-bit AES encryption, also called military or bank-grade encryption.
VPNs provide end-to-end encryption, meaning only the VPN app and VPN server can encrypt and decrypt your data.
What Is VPN Tunneling?
VPN tunneling is the process of establishing a secure connection between the VPN app on your device and the VPN server you connect to. Once the VPN app and server establish a VPN tunnel, any data that passes through it is encrypted. So nobody can monitor the traffic passing through the VPN tunnel.
While it’s called a VPN “tunnel,” you can easily refer to it simply as a VPN connection.
What Are VPN Protocols?
A VPN protocol is a set of rules that dictates how the VPN connection between the VPN app and VPN server is established. As a user, which protocol you use will determine what security and speeds you get. Switching between VPN protocols is normally very easy, as it’s done inside the VPN app’s settings menu.
To make things easier for you, we split the protocols into 3 different categories:
1. The Most Common VPN Protocols
These are the protocols you’re likely to see in most VPN apps:
- OpenVPN — a very popular VPN protocol that provides excellent security and good speeds. Most people like OpenVPN because it’s available on most platforms and it’s open-source, meaning anyone can inspect the code. OpenVPN has also passed multiple security audits.
- WireGuard — a relatively new VPN protocol that works on most platforms and is also open-source. It provides great security through modern encryption ciphers. Also, due to its very light codebase, it provides blazing-fast speeds compared to OpenVPN.
- IKEv2/IPSec — a secure and fast protocol that’s available on the most popular platforms. It’s designed to resist network changes, meaning the VPN connection won’t drop if you switch from mobile data to WiFi, for example.
- L2TP/IPSec — provides good security and fast speeds, but many people consider it less secure than OpenVPN, WireGuard, and IKEv2/IPSec.
2. VPN Protocols You Don’t See Often
Most VPN providers do not offer these VPN protocols:
- PPTP — provides very fast speeds and good cross-platform compatibility. But, its security is weak since its encryption can be cracked. Also, it’s easy to block PPTP connections. Most top VPNs like NordVPN and ExpressVPN have dropped support for PPTP.
- SSTP — has good security and speeds, but is mainly available on Windows since it was developed by Microsoft. There are ways to set up SSTP on macOS and Linux.
- SoftEther — an open-source protocol that provides excellent security and speeds. Many VPNs don’t offer it because integrating it into their service is difficult.
- IPSec — IPSec can be used as a standalone VPN protocol, which provides good speeds and security. But it’s mostly used on its own by corporate VPNs. Commercial VPNs usually pair it up with IKEv2 or L2TP for better speeds.
3. Proprietary VPN Protocols
These are protocols developed and owned by specific VPN providers, so you can’t use these protocols with every VPN service. There are tons of proprietary protocols, but here are some popular examples:
- NordLynx — this is NordVPN’s proprietary protocol. It’s a modified version of WireGuard that’s designed to offer better privacy.
- Lightway — ExpressVPN’s proprietary protocol, which provides excellent security and very fast speeds. Lightway is almost as fast as WireGuard.
- Chameleon — VyprVPN’s protocol that’s designed to be used in restrictive countries. It uses OpenVPN encryption but hides OpenVPN metadata to make the VPN connection look like a normal internet connection.
How to Pick the Right VPN
Here are the metrics you can use to pick the best VPN:
- Strong security — a good VPN should have top-notch security features. This includes 256-bit AES encryption, a no-logs policy, a kill switch, and protection against IPv6, DNS, and WebRTC leaks.
- VPN protocols — the VPN should offer access to popular protocols like WireGuard, OpenVPN, and IKEv2/IPSec. This gives you control over your connection’s security and speed.
- Large server network — a VPN should have hundreds or thousands of servers worldwide. This ensures you don’t use overcrowded servers, which slow you down. You can also connect to nearby servers for faster speeds.
- Fast speeds — a good VPN should keep your speeds fast, even with encryption. It shouldn’t slow you down by more than 40–50%.
- Unlimited data — VPNs should not limit your data use. This lets you surf the web, download files, and watch movies without restrictions.
- Streaming support — a good VPN should work with popular streaming sites like Netflix and Amazon Prime. This lets you watch your favorite shows anywhere.
- Torrenting support — a VPN should allow torrenting on all servers or dedicated ones. It should also work with apps like qBittorrent and Vuze without problems.
- Ease of Use — a VPN provider should have apps for Android, iOS, Windows, macOS, and Linux. Its apps should be easy to use.
- Simultaneous connections — good VPNs let you use their service on many devices at once. The average is 5–7 connections. Some, like Surfshark, offer unlimited connections.
- Additional features — it’s great if a VPN offers extra features. This includes split-tunneling, a speed test, double VPN connections, or an ad blocker.
- Pricing — a VPN should have affordable prices and flexible plans. It should also offer a 30-day money-back guarantee. Some even have a free plan to test before buying it.
How to Install and Use a VPN
Here’s how to easily install and use a VPN in just 6 steps:
- Sign up for a good VPN — we recommend NordVPN.
- Download the right VPN app for your device.
- Install the VPN app — just follow the on-screen instructions.
- Open the VPN app.
- Connect to a VPN server.
- That’s it — you can now surf the web securely.
How to Set Up a VPN Manually
You can manually set up VPN connections on different operating systems. You can do it either by using the operating system’s built-in VPN support or a third-party VPN app, like the OpenVPN GUI. You’ll still need a VPN subscription, though, since you’ll have to use the provider’s servers.
For example, on Windows 10, you can open the start menu, type VPN, and select VPN settings. Next, pick Add a VPN connection and fill in the necessary info:
- VPN provider — pick Windows (built-in).
- Connection name — name the VPN connection whatever you want.
- Server name or address — enter the address of the VPN server you’ll use.
- VPN type — pick the VPN protocol you want to use. Make sure the VPN provider supports it, though.
- Type of sign-in info — most commercial VPNs will require a username and password .
- User name — add the VPN account username.
- Password — add the VPN account password.
To connect to the VPN, click the Network icon, select the VPN connection, and hit Connect. If prompted, enter your username and password.
Most top providers have step-by-step tutorials for manual setups. Their guides usually cover different operating systems and third-party apps. So make sure you check out your provider’s support section if you need help.
Can You Create Your Own VPN?
Yes — to do that, you’ll need to rent a virtual private server from a data center. Next, you need to manually set up VPN software on the server, so that it encrypts your data when you connect to it. When you’re done, connect to the server from your device, and then surf the web using it.
But you should only do this if you’re an advanced user since it requires a lot of technical knowledge — like using virtual machines and command lines. If you only want to surf the web securely and access streaming sites, you’re better off getting a commercial VPN like NordVPN. It’s cheaper and much easier to use.
Are There VPN Alternatives?
There are a few online services that work as VPN alternatives, depending on what you want to do with them. Based on our research, the best VPN alternatives are proxies, the Tor network, and Smart DNS tools:
Proxy
How it’s similar to a VPN: like a VPN, it routes your traffic through a server, called a proxy server. That server acts as a middleman between you and the internet. So a proxy also hides your IP address.
Why it’s not as good as VPN: proxy servers either use weak encryption or don’t use any encryption at all. While they can hide your IP address, they can’t secure your traffic or prevent your ISP from throttling your bandwidth.
Read more on Proxy vs VPN.
Tor
How it’s similar to a VPN: Tor is a privacy network that hides your IP address and encrypts your traffic. Unlike most VPNs, Tor is free to use — you only need to download and use the Tor browser.
Why it’s not as good as VPN: Tor sends your traffic through at least 3 servers instead of just 1 server like a VPN. The added layers of encryption significantly slow down your speeds. In our tests, we experienced 70–80% slowdowns with Tor, while top VPNs only slowed down our speeds by about 30–35%. In addition to that, Tor also has security issues since it can suffer IP leaks and malicious actors can run and operate Tor servers. Tor will only encrypt your Tor browser traffic — everything else remains unsecured.
Smart DNS
How it’s similar to a VPN: a smart DNS also allows you to unblock geo-restricted sites because it prevents websites from seeing your geo-location.
Smart DNS it’s not as good as VPN: smart DNS tools hide your geo-location by spoofing your DNS data, not your IP address. What’s more, smart DNS services don’t use encryption. Due to that, you don’t get any security or privacy, as you do with a VPN. The lack of encryption also means that a smart DNS can’t prevent bandwidth throttling.
Virtual Private Network FAQs
These are the most common questions we have seen people asking about what VPNs are, how they work, what VPN stands for, and so on. If you have more questions, just leave them in the comments.
What Are VPNs?
VPNs are online apps that hide your IP address, masking your location, and encrypt your traffic, making it unreadable. People use VPNs to protect their data on the web, bypass censorship, and access geo-restricted sites and content. To use a VPN, you only need to download and install an easy-to-use app on your device.
Can I Use a Free VPN?
Free VPNs are available, but we don’t normally recommend using them. Most free VPNs lack important features like a kill switch. They also have slow speeds, bandwidth limits, and poor customer support. Plus, they don’t work well with streaming sites or allow P2P traffic.
Still, if you insist on using a free VPN, try AtlasVPN’s free plan. It’s one of the few free VPNs that allow unlimited connections and torrenting. You also get good security and fast speeds. But, the free plan limits you to 10 GB of data per month and only offers servers in the US and the Netherlands, without streaming support.
How Much Do VPNs Cost?
On average, a VPN’s monthly plans will cost anywhere from $5 to $13 per month. However, long-term plans can save you a lot of money. With a long-term plan, you pay around $2–$6 per month, which is much more affordable.
Plus, many top VPNs add free months of service to your subscription if you get their longest plans. And with most top providers, you buy with no risk because they have generous money-back guarantees. The industry average is a 30-day money-back guarantee — if you’re not happy with the service, you simply ask for a refund.
Is a VPN Safe to Use?
Yes, VPNs are safe to use provided they come with essential security features:
- Strong encryption — makes your traffic unreadable.
- No-logs policy — prevents the VPN from logging your data.
- Kill switch — protects you from traffic leaks if the VPN disconnects.
- Leak protection — to prevent DNS, IPv6, and WebRTC leaks.
Some VPNs include advanced security features such as audited no-logs policy or RAM-only servers, meaning every server reset wipes all data.
If you want to test if the VPN is safe to use, do a leak test. Connect to a VPN server, then open ipleak.net and check the results — if you do not see your IP and DNS addresses, the VPN is not leaking your data and is safe to use.
Are VPNs Legal?
VPNs are legal in most countries, though some places ban VPNs. If you live in or travel through a restrictive country, we recommend researching the local laws to make sure it’s 100% safe to use a VPN. Keep in mind that using a VPN to engage in criminal activities is definitely against the law.
Can You Be Tracked If You Use a VPN?
VPNs prevent ISPs, hackers, and governments from tracking your internet browsing. That said, a VPN cannot provide 100% anonymity, so there are still ways you can be tracked online even if you use a VPN. For example, VPNs can’t prevent sites from using browser fingerprinting to track things like your device’s data.
What Are the Disadvantages of Using a VPN?
These are the most common drawbacks of using a VPN:
- It might slow down your speeds due to the encryption process and the distance between you and the VPN server.
- It might increase mobile data usage.
- Your bank might block your VPN connection.
- It can’t protect you from direct malware infections.
What Does a VPN Protect You from?
Here’s what a VPN protects you from:
- Government and ISP surveillance.
- Government censorship.
- Cybercriminals snooping on your traffic.
- ISPs sharing your browsing data with advertisers.
- Advertisers spying on your online preferences.
Do VPNs Work on Mobile?
Yes, most top VPNs have dedicated apps for iOS and Android smartphones, which you can get from the app store. Good VPNs like NordVPN have mobile apps that are designed for phone screens. They are very easy to navigate and use with your finger.
Do VPNs Work in Browsers?
Yes, many VPNs have extensions for popular browsers like Chrome, Opera, and Firefox. VPN browser extensions are usually proxies, not VPNs. They hide your IP, but don’t encrypt your traffic. Still, some VPN browser extensions can be configured to use SSL encryption, which can use the very secure AES-128 cipher.
What Is a VPN Used for?
Here’s what you can do with a VPN:
- Unblock geo-restricted streaming sites and content.
- Unblock censored sites in restrictive countries.
- Hide your P2P traffic.
- Hide your IP address.
- Encrypt your traffic to make it unreadable.
- Lower your ping while gaming.
- Get surprise discounts on plane tickets, car rentals, and more.
Does a VPN Make You Anonymous?
A VPN can protect your privacy on the internet, but it can’t make you 100% anonymous. A VPN will only encrypt your traffic, making it unreadable. It will hide your IP address, so that nobody can track your location and digital footprints.
However, a VPN can’t stop sites from seeing the payment info you share with them. Also, even if you use a VPN, your ISP still knows who you are — they’re the ones who assigned you your IP address, after all.
What Does VPN Mean?
The acronym VPN stands for Virtual Private Network, meaning the service creates a private network over the web when you use it. By “virtual private network,” we mean the VPN creates a secured connection over the internet that makes your data unreadable.
What Is a VPN Service?
A VPN service is a subscription-based online service you can purchase from a commercial VPN. It provides you with access to a VPN app, which lets you connect to VPN servers to securely browse the web and unblock geo-restricted sites. NordVPN is an example of a VPN service.
What Is a VPN Connection?
A VPN connection, also called a VPN tunnel, is a secure connection established between a VPN app and a VPN server. Any data that passes through the VPN connection is encrypted, meaning nobody can spy on it.
References
The Bottom Line
A VPN is an online service that lets you securely browse the web. It also provides access to censored content and geo-restricted sites. We did our best to cover everything related to VPNs in this in-depth guide. But if you think we missed anything, please let us know in the comments.
Also, we’d love to hear what your favorite VPNs are — please tell us what you like about them and what you use them for.
VPN and Privacy Expert