See all Security articles
See all Privacy articles
See all Performance articles
Select language
Select language
Avast Academy Privacy VPN What is a VPN & How Does it Work?

What Is a VPN & How Does It Work?

A VPN (virtual private network) is one of the best tools for ensuring your internet privacy. A VPN encrypts your connection and keeps you hidden while surfing, shopping, and banking online. Keep reading for a full VPN definition, including how VPNs work and why you need one.


What is a VPN and what does it mean?

VPN stands for "virtual private network" — a service that helps you stay private online.  A VPN establishes a secure, encrypted connection between your computer and the internet, providing a private tunnel for your data and communications while you use public networks.

Hamburguer menu icon

This Article Contains:

    While VPNs were once novel tech solutions, they are now necessary tools. At the basic level, VPNs protect your privacy online so you cannot be targeted or discriminated against based on location.

    If you’re still a bit unclear on what VPN means, you can try to visualize it. Imagine that the internet is a real highway, and we zip around it on motorcycles. We visit our favorite locations (websites), make purchases in shops, check our stock portfolio, read the news, play games, and more.

    Sitting on a motorcycle, you’re completely visible. Anyone with a mind to do so can follow you along these digital highways, see who you are, and peek into your private life. To view your online activity, who you are, where you like to visit, and more, all anyone has to do is look. Worse, they can follow you home. You’re traceable.

    Instead of riding on the wide open internet highway, you can use a private tunnel instead: a virtual private network. A VPN acts as your own personal tunnel that encircles you, masking you in anonymity and blocking anyone from seeing where you’re going or what you’re doing. To abandon the metaphor, a VPN encrypts your connection and hides your IP address.

    What does a VPN hide?

    VPNs work on the operating system level, so they reroute all your traffic through other servers. That means all of your online traffic, along with your physical location, stays hidden while you surf the web. When you access a site through a VPN server, the source of your connection is shown as one of the many VPN routers — called a proxy server — not your own. So the owners of the site, and anyone else trying to spy on you, cannot deduce who you are.

    A VPN is the closest you can get to true anonymity online without using the Tor network, which bounces your connection around a widely distributed network of volunteer relays, basically keeping your web activity in constant motion so nobody can focus on it. VPNs do not use this (very slow) protocol, but they do offer sufficient — and essentialprotection as you cruise through today’s deregulated and hacker-lined cyber highways.

    When it comes to online privacy solutions, VPN, Tor, and web proxies are all options — but a VPN offers the best balance of comprehensive security and speed.

    Whether you want to stay safe on public Wi-Fi, protect your online banking info, or disguise your location from content providers and advertisers, a VPN will keep you private.

    How do VPNs work?

    The Virtual Private Network was first developed by Microsoft in 1996 as a way for remote employees to securely access the company’s internal network. Once it doubled company productivity, other companies began to adopt the practice. Corporate VPNs that allow remote work are now a standard feature of the global business landscape.

    Developers then realized that this secure “tunnel” could be utilized by average people who wanted to securely connect to the largest network on the planet: the world wide web. VPNs are now the cornerstone of online privacy in the consumer sector.

    What does a VPN do?

    Instead of sending your internet traffic (e.g. your online searches, uploads, and downloads) directly to your Internet Service Provider (ISP), a VPN first routes your traffic through a VPN server. That way, when your data is finally transmitted to the internet, it appears to come from the VPN server, not your personal device.

    Without a VPN, your IP address — a special number unique to your home network — is visible to the web. A VPN masks your IP address by acting as an intermediary and rerouting your traffic. It also adds encryption, or a tunnel around your identity, as you connect. The combination of the VPN server and the encryption tunnel blocks your ISP, governments, hackers, and anyone else from spying on you as you navigate the web.

    A diagram showing how VPNs work to encrypt and route data securely, preventing tracking or surveillance.

    How does the encryption tunnel work?

    Encryption is a method of changing normal text into an unreadable jumble of code. A key, or decryptor, unscrambles the text and renders it back into readable information. When you use a VPN, only your device and the VPN provider contain the decryption key. Anyone else trying to spy on you would only see a mess of characters.

    There are three main types of encryption: hashing, symmetric cryptography, and asymmetric cryptography. Each type has its own nuanced strengths and weaknesses, but they all succeed in scrambling your data and metadata so that it is useless in anyone else’s hands.

    Different VPN providers offer varying degrees of encryption strength. Avast SecureLine VPN uses a combination of hashing, symmetric cryptography, and asymmetric cryptography for 256-bit AES encryption — the same standard that banks and the military rely on.

    Avast offers an extra layer of protection with our own DNS resolution system. The DNS (domain name system) is what translates numerical IP addresses into their more memorable text-based URLs. The DNS is what allows you to type in a site name like Avast.com rather than a long string of numbers. Cybercriminals can monitor DNS requests to track your movements online, but a VPN’s DNS resolution system is designed to thwart them with further encryption. We make sure all IPv4 traffic coming from your device is firewalled and also disable IPv6 requests.

    VPN apps are legal in most countries, especially democratic countries. Even China allows some amount of VPN use, though the government doesn’t love them.

    Different types of VPN

    There are two basic types of VPNs. A remote-access VPN allows users to connect to another network, be it the internet or their company’s internal system, through a private encryption tunnel.

    A remote-access VPN allows you to connect to a company's internal server or the public internet.

    The other type, a site-to-site VPN, is also called a router-to-router VPN. This type of VPN is mostly used within corporate environments, specifically when an enterprise has headquarters in several different locations. The site-to-site VPN creates a closed, internal network where the various locations can all connect with each other. This is known as an intranet.

    A site-to-site VPN is used to create an intranet.

    There are several VPN protocols, or methods of security. The oldest is PPTP, point-to-point tunneling protocol, which is still in use today but widely considered one of the least secure. Others are IKEv2, L2TP/IPSec, SSL, TLS, SSH, and OpenVPN. As an open-source protocol, OpenVPN is amongst the most secure because any vulnerabilities in its programming will quickly be noticed and patched.

    Why use a VPN?

    Do you really need a VPN? Short answer: yes. There are several important reasons why you need a VPN, the two main purposes being privacy and access.

    Public Wi-Fi networks, such as those found in coffee shops, airports, and other public areas are incredibly risky. All it takes is one hacker connected on the same network, and they can easily spy on all your activity. A VPN acts like an invisibility cloak, hiding everything you do on your phone or computer and protecting you even from evil twin attacks.

    And why use a VPN at home? VPNs also allow you to hide from your internet service provider (ISP), governments, and advertisers… so you can avoid censorship, price discrimination, and geo-blocks on media.

    In 2017, the US abandoned net neutrality — the principle that ISPs should treat all internet data equally — and various lawsuits continue over the issue. The complete elimination of net neutrality would free ISPs to collect and sell your personal data, including your browsing history, physical location, health info, and even your social security number. It would also permit ISPs to slow down your connection if you do a lot of downloading and streaming, and otherwise discriminate against certain internet users. A VPN blocks your ISP from seeing your browsing history and other personal data.

    Additional benefits of a VPN

    • Stream from anywhere: If you’re abroad and you try to access a streaming account you use in the US, you may find some shows are not available in that region. But if you choose a US-based IP address, all your favorites are at your fingertips, just as if you were home.

    • Access blocked websites: Certain institutions — schools, libraries, companies — restrict access to specific web pages such as social media, but the encrypted connection provided by your VPN will tunnel right through.

    • Avoid censorship: Every government has an agenda, and some go to extremes to control information. While circumventing government restrictions could certainly be considered illegal in some of these countries, we believe in unadulterated free speech.

    • Beat price discrimination: Price discrimination can hit you two ways. One is by your location — people in San Francisco or New York have a higher cost of living and therefore higher incomes. Clever businesses know this and program their sites to display a higher cost of goods, such as airline tickets, to users based in those areas.

      The other way you can experience price discrimination results from your ISP tracking your purchases and preferences. As it learns you regularly buy a specific product, it can sell the product manufacturer your info, and you may see that product’s price go up for you, because they know you’re going to buy it. The privacy and anonymity of a VPN keeps you free of this kind of targeting.

    • Don’t be tracked: It bears repeating as its own section — don’t let yourself be tracked by hackers, cybercriminals, corporations, the government, or even your own ISP. Keep yourself free from repression, targeting, and discrimination.

    Avast SecureLine VPN will make your connection secure, no matter if you’re at home or on public Wi-Fi. Use our VPN on all your devices to get real digital privacy. Access blocked websites, avoid price discrimination, and keep your private matters private.

    VPN disadvantages

    As with any type of technology, there are also some disadvantages to using a VPN.

    • Potentially slower speed: Your web traffic goes through more steps than usual when connected via VPN, so there could be a perceptible slowdown. Since this has always been the #1 complaint about VPNs, developers have taken notice. Many have had success optimizing speed and performance, so much so that their VPN users can stream and game fluidly without a hiccup. Plus, see our extra tricks to speed up your VPN connection.

    • QoS challenges: QoS stands for “quality of service” and describes the performance of a service or network. VPNs do not yet have a standard in place to gauge and report such measurements. With no metrics to analyze, you need to rely on professional reviews and word-of-mouth to learn what’s most reliable.

    • VPN blocks: Some businesses are getting wise to the fact that VPNs give their users carte blanche to access content. To fight back, companies are beginning to block access from known VPN IP addresses. Not to be so easily defeated, VPNs can simply turn on new IP addresses to trick them again.

    • No cookie protection: While the VPN does its job of keeping you private and encrypted, it’s not possible for a VPN to block cookies, some of which are necessary to make sites work properly. The bad kind of cookies, tracking cookies, can still be stored in your browser and identify who you are. Luckily you can delete tracking cookies easily. Or better yet, use a private browser like Avast Secure Browser that prevents tracking cookies from following you around the internet.

    • Not total privacy: While a VPN blocks your ISP, governments, hackers, and other snoops, the VPN provider itself can see your internet activity if they want. That’s why it’s so important to choose a trustworthy provider that doesn’t keep logs, such as Avast (we never track the sites you visit, apps and services you use, or content you consume).

    Despite the above disadvantages, VPNs are definitely worth it if you care about online privacy.

    Can I use a VPN on any device?

    Any device that connects to the internet will benefit from the privacy VPNs provide. Most VPN providers offer their services on multiple platforms. Avast SecureLine VPN will cover up to five devices — PC, Mac, Android, and iOS — with one account. If you have a smart TV running Android TV, Avast’s VPN works there as well.

    VPNs work on all PCs, tablets, and mobiles.

    Computers, tablets, and phones can all connect individually to a VPN, but it’s not so easy with smart devices (other than the smart TVs mentioned above). For other IoT devices, the best option is to set up your router with VPN protection. Then, all devices that connect through that main hub will be protected. Certain routers are sold with VPN software already built in.

    You can use a VPN on your router to protect your privacy on all connected devices.

    It’s quite easy to set up a VPN — most VPN services guide you to download the VPN app via their download page. For example, after you download Avast SecureLine VPN and launch the app, it will start working with the touch of a button.

    What to look for when choosing a VPN

    There are many VPN providers out there — how do you choose just one? The first thing to keep in mind is that free VPNs services are low-quality and should be avoided. There are many problems with free VPNs, including:

    • Poor security: Many free options employ weaker security protocols, such as PPTP, instead of secure protocols like WireGuard and OpenVPN.

    • Fewer servers: Your speed can slow to a crawl when there aren’t enough servers to cover the necessary bandwidth of many users.

    • Annoying ads: Some free VPNs rely on ads to generate revenue on their free VPN app.

    • Download limits: Free services usually put harsh limits on how much you can download or even upload.

    Many good paid services offer a free trial, allowing you to take it for a test drive before commiting. A paid VPN service is essential for secure, reliable VPN use — but how do you know which provider to choose? There are many factors to keep in mind when selecting the perfect VPN app:

    • Speed: You want to make sure the VPN offers sufficient speed, as many providers struggle to stay fast enough for streaming or downloading.

    • Reputation: To get a good sense of how the VPN performs, read both consumer and professional reviews. Also, since the issue of net neutrality rose to the forefront, many fake VPNs have popped up, so make sure you’re looking at a real one.

    • Shared IP addresses: Choose a VPN that offers shared IPs. Being among multiple anonymous users adds another layer of privacy to your browsing.

    • Servers: When it comes to performance, more servers equals better browsing, because each server will be less crowded. Also, the closer you are to a server, the faster and more reliable your connection may be.

    • Encryption: Look for AES-256 (advanced encryption standard), which holds the highest encryption standard to date. It’s virtually impossible to crack, as it has more combinations than there are stars in the universe.

    • Protocol: Avoid weaker security protocols like PPTP, and go for the more reliable OpenVPN.

    • Data logs: Choose a VPN service that does not keep data logs (basically, its own account of your internet movements). Read the VPN policy to see if it collects your info.

    • Customer support: The best VPNs have customer support standing by in case anything goes wrong.

    • Features: Keep in mind what’s uniquely important to you, and be sure the VPN you choose is compatible with what you need. For instance, some VPNs don’t allow you to use BitTorrent, while others do. Some VPN download allowances are limited to a certain number, while others are not. Some offer ad-blocking, firewalls, kill switches, simultaneous connections, or the ability to change your IP address and server location at will. Find what works best with your online lifestyle.

    • Free trial: Many VPNs offer free trials, and it’s a good idea to try them out first. Test the ease of use and the performance of the VPN before you decide whether you want to purchase it.

    A VPN you can trust

    Wondering how to download a VPN? We can help with that! Avast SecureLine VPN offers breakneck speeds and top-of-the-line features. With servers in 55 locations across 34 countries (including USA VPN servers, UK VPN servers, Australian VPN servers, and more), we’ll keep your online activity hidden.

    You can bypass content blocks while avoiding advertisers tracking your location and hackers snooping on you via public Wi-Fi. Avast SecureLine VPN gives you the most powerful security with AES-256 bank-grade encryption, the OpenVPN protocol, and no logging of your browsing. Give it a spin now with our free trial.


    How do I set up a VPN?

    Getting a VPN is easy, with VPN tools available for PC and all other major platforms, including Mac VPNs, Android VPNs, and iOS VPNs. To set up a VPN, select a VPN service from a trusted vendor, download the app, and launch it to get started.

    Are VPNs legal?

    VPNs are totally legal in most countries, including countries with the best server locations. But of course, anything that’s illegal without a VPN — such as pirating copyrighted content — is still illegal even with a VPN. Unblocking websites with a VPN is not illegal, but doing so to stream geo-restricted content may break a website’s terms of use.

    What is the best VPN?

    The best VPNs offer advanced AES-256 encryption (or other advanced encryption protocol), a wide range of geo-optimized servers, and lightning-quick connections with no download or bandwidth restrictions. You can get all this and more with Avast SecureLine VPN.

    Are VPNs better than Tor?

    The Tor browser is very secure, but it offers a slow browsing experience. Likewise, proxy servers offer many of the benefits of a VPN, but without the same level of security. When comparing VPNs, proxies, and Tor, VPNs combine performance with privacy for the best all-around solution.

    Can I still be tracked on a VPN?

    With your true IP address hidden, and your internet traffic encrypted, top-quality VPNs make it very difficult for ad trackers — or anyone else — to track you online. Websites won’t be able to find your IP, and while your ISP may see that you’ve connected to a VPN, they won’t be able to see the traffic itself. To cover your tracks even more thoroughly, ensure that your VPN kill switch is enabled, and use a private browser like Avast Secure Browser.

    Who needs a VPN?

    A VPN is an essential tool for staying secure online. Routinely using a VPN to connect to the internet prevents cybercriminals from hacking into your network, and stops web trackers following your activity online. By encrypting your data, VPNs don’t just unblock websites, they protect your privacy and help you stay safe on public Wi-Fi.

    Connect privately on your Android

    with Avast SecureLine VPN


    Connect privately on your iPhone

    with Avast SecureLine VPN

    Charlotte Empey & Nica Latto