Skip to main content

How does a VPN work?

how does a vpn work
(Image credit: Future)

In simple terms, a VPN (or Virtual Private Network) offers a secure way to connect to the internet, encrypting the data you send over the connection to protect it, while also giving you better levels of privacy online.

VPN technology has been around for years, but there has been a spike in interest over recent times. This has been fuelled by various factors, including increased concerns about governments monitoring online activities, ISPs potentially reselling user data, more people working at home, and of course those ever-present hackers looking to intercept data for nefarious deeds.

So it’s not surprising that many people are turning to a VPN to defend themselves from these looming dangers. An understanding of how this software works will assist users in deciding if and when to use this technology, the types of threats it can protect them from, and any limitations therein.

Consumer VPN

Broadly speaking, there are two basic types of VPN: corporate and consumer.

The first type is the consumer VPN, which is the variety that most folks think of these days when the term is mentioned. With a consumer VPN, the user is connected to the private network via an encrypted tunnel, which is known as a VPN tunnel. The data transferred via the tunnel is encrypted to keep it private and prevent it from being intercepted.

With the user transmitting encrypted data to the VPN server via the virtual connection, which then hooks up with the worldwide web, it keeps the user’s activities more anonymous and secure. The ISP cannot see the data transferred, but only that the user is connected to a private server.

Consumer VPNs have many uses contributing to their current popularity. Some common uses include:

Methods of setting up a VPN for a home user include at the level of the computer, or at the router. Setting one up individually on a PC offers the advantage of simplicity, and it is easier to try out a new service without committing fully to it. While desktops and laptops can be configured this way, and even Android and iOS phones, not all devices – like smart TVs or media boxes – will have the capability to connect to a VPN service.

On the other hand, having the VPN at router level offers the advantage of having the whole network on the VPN without individually configuring each device, meaning that the aforementioned devices like smart TVs will be covered.

A crucial component is the tunnel that connects the user to the VPN server, which is the key to keeping the data private. At this point, remember that to send and receive data over the internet requires it to be divided up into packets. To keep each data packet secure, it gets wrapped in an outer packet which is encrypted through a process known as encapsulation. This outer packet keeps the data secure during the transfer, and forms the basis of the VPN tunnel. Upon arrival at the server, the outer packet is removed, to access the data of the inner packet, and this requires a decryption process.

Corporate VPN

Corporate VPN, also known as remote access VPN, is a method to allow an off-campus employee to connect to the private corporate intranet in a secure fashion while offsite. Security is maintained via a password, and in some cases via a security token or smartphone app that generates one-time passwords.

There are two essential pieces of a corporate VPN. The first is the remote access server (RAS), also called the network access server (NAS, but this term gets confusing as NAS is also an acronym for network attached storage), which is the server that a user connects with over the internet to access the corporate network. The second component is the VPN client software, which establishes the connection to the RAS, and ensures privacy through the encryption process.

This technology is useful for offsite workers, or workers on the road who still require access to resources on the private internal network of the business. After the remote worker is authenticated, they are connected to the corporate intranet via an encrypted tunnel; in other words, a private connection gets established over the public internet. Corporate VPN has enabled remote workers to collaborate with their colleagues using services such as desktop sharing. 

For larger businesses with multiple campus locations, and in turn multiple LANs, an even more robust solution is required. This is site-to-site VPN, which facilitates employees at multiple locations sharing corporate resources by securely connecting geographically separate campuses together.

VPN artwork

(Image credit: Shutterstock)

Performance issues

A VPN connection is generally speaking slower than a non-VPN connection. This is due to three factors:

  • The encryption process
  • The transmission to the VPN server which is geographically further away, often in another country
  • The decryption process

VPN is a technology with plenty of useful applications, as well as limitations. With an understanding of how a VPN achieves privacy via the tunnelling process, users can successfully leverage the tool to good use, thereby enhancing their internet experience.

For users who value their anonymity and security online, it is well worth choosing, configuring and maintaining best VPN service (there are even quality free VPNs, too) to keep internet traffic encrypted and safe.

Read more: