AVG Signal Blog Privacy VPN What Is a VPN and How Does It Work?

Written by Ivan Belcic & Christina Edwards
Published on March 1, 2023

What does VPN stand for?

VPN stands for virtual private network.

  • A VPN is virtual because it creates a digital tunnel — there isn’t a physical cable that reaches from your device directly to the VPN server.

  • A VPN is private because it encrypts your data and hides your IP address.

  • A VPN is a network because it creates a connection between multiple computers — your device and the VPN server.

This article contains :

    Strictly speaking, the VPN meaning refers only to the private network connection itself — the actual software app that manages your device’s VPN connection is technically called a VPN client — but the two cybersecurity terms are often used interchangeably.

    How does a VPN work?

    A VPN works by using encryption protocols to funnel all your internet traffic through an encrypted tunnel — a virtual private network —between your computer and a remote VPN server. This hides your IP address and secures your data, preventing others from intercepting it.

    When not hooked up to a VPN network, all your internet traffic is potentially exposed to your ISP, the government, advertisers, or other people on your network. That’s why VPN connections are crucial to your online privacy and security.

    A VPN funnels your internet traffic through an encrypted tunnel between your computer and a VPN server.A VPN funnels your internet traffic through an encrypted tunnel between your computer and a VPN server.

    What is VPN tunneling?

    VPN tunneling is the process of securing your device’s connection with a VPN server. A VPN server is a typical internet server configured with VPN software. Before being sent over the internet, all data is split into packets. At the core of VPN tunneling is a process called encapsulation. A VPN wraps an outer packet (a protocol) around the original data packet, encrypting it so it can’t be intercepted.

    The level of protection you receive when using a VPN depends on the type of tunneling protocol used. It also depends on whether you use full or split tunneling — the main difference is defined by what traffic goes through the VPN. A full tunnel means all data goes through the VPN tunnel, whereas a split tunnel sends only traffic that you, or your employee, want to be protected (for example, Instagram activity could be exempt).

    How do VPN servers operate?

    Once the VPN tunnel is established, your device sends the VPN server encrypted information such as a website you want to visit. The VPN server decrypts this, hides your true IP address, and sends the data to the website’s server.

    To the website, your IP address will appear to be the one attached to the VPN server. The VPN server then encrypts the data sent back by the web server and sends it on to you. When the website data arrives back at your device, your VPN client (VPN app) decrypts the data.

    What does a VPN do?

    VPNs hide your IP address behind a different IP address (often in another country) provided by the VPN server. VPNs work by adding a layer of encryption to the data that passes through your internet connection. There are many benefits of using a VPN — VPNs let you:

    • Encrypt your internet connection.

    • Secure your data over public Wi-Fi networks.

    • Stream freely and get around location-based content blocks.

    • Access blocked websites.

    • Avoid internet censorship.

    • Evade ISP tracking.

    • Prevent price discrimination.

    Not only does a VPN connection encrypt your browsing and other web traffic, it can give you access to a freer internet by letting you configure your settings to alter your virtual online location. This combination of security and flexibility makes VPNs extremely versatile. Some people even use a VPN for gaming.

    Having explained the VPN basics, let’s discuss what a VPN is used for in more detail. VPNs strengthen your personal security and privacy online because they help you do the following:

    Encrypt your internet connection

    VPNs establish a secure connection to the internet by encrypting all your online traffic and routing it through a point-to-point connectionbetween your device and the VPN server. Establishing an encrypted, private network is exactly what a VPN connection does — and this encrypted layer offers an array of security, privacy, and performance benefits.

    When you’re hooked up to an encrypted VPN network, not only is all your internet data shielded from hackers and sniffers, but your true location and identity remain hidden from your internet service provider (ISP), the government, marketers, or anyone else who may be snooping on your local network.

    Secure data transfer

    If you log into your bank account, check your email, or use social media over an unsecured connection, hackers may be lurking, waiting to snap up your login credentials. And any messages you send or personal data you transmit can be intercepted and used for blackmail or identity theft.

    Because a VPN connection encrypts your communication with its server, anyone trying to eavesdrop on the network will see only gibberish. That’s how a VPN ensures that no one can access your data. In fact, the original purpose of VPN technology was to connect remote workers with corporate networks, so that sensitive information could be shared safely.

    Securing your data with a VPN is particularly important for staying safe on public Wi-Fi networks. Despite their convenience, there are many risks of public Wi-Fi, since anyone can hop onto an unsecured Wi-Fi network, and there’s no way to know exactly who’s connected at any given time (or what they’re doing). It’s all too easy for a hacker to sit on a public Wi-Fi network and intercept all the traffic flowing through it, which is known as a man-in-the-middle attack. Likewise, you should also use a VPN if you visit the dark web.

    Stream from anywhere

    Due to licensing restrictions, streaming platforms feature different content libraries in different countries around the world — this is known as geo-blocking. If you’re traveling abroad and want to keep up with your favorite shows from home, you may find that they’re unavailable in your current location.

    A VPN lets you bypass location-based content blocks when watching TV online by letting you connect to the best server location to suit your needs. If you’re traveling and pick your home country from the server list, you’ll be able to access all the content you normally would. And you can even equip your mobile device with a VPN, meaning you can stream from anywhere, as well as prevent phone tracking.

    A VPN lets you get around geo-blocking so you can stream content freely.A VPN lets you access shows from your home country when you’re traveling abroad.

    Access blocked websites

    You may find that certain websites are blocked for certain reasons or because you’re in a particular location — such as while you’re at school or at work. VPNs help you get around content blocks so you can access blocked websites, even if you’re somewhere that restricts access to certain sites.

    Your encrypted VPN connection tunnels right through any restrictions to bring you the websites and services you want, regardless of the content blocks on your network.

    Avoid censorship

    Many countries limit internet access. China blocks Google and Facebook and all their associated services, such as Gmail, Google Maps, WhatsApp, and Instagram. A VPN connection can get you around censorship blocks in the same way it can circumvent content geo-blocking and website restrictions by reconfiguring your virtual IP address.

    Evade ISP tracking

    Without a VPN, your ISP can track all your online activity: the websites and services you use, when you use them, and how long you use them for. And ISPs can use that information to throttle your bandwidth depending on your usage.

    Many people don’t understand how much leverage your ISP has over your data. In the UK, your ISP will store your online history for a year — that’s everything you read, watch, view, and click. And in the US, your ISP can store and sell your browsing history to the highest bidder — such as an advertising network, data broker, or subscription service — without your consent.

    Because of how a VPN works, it protects you from this kind of invasion of privacy. Since VPNs encrypt your device’s internet connection, your ISP can’t monitor exactly what you’re doing online, and they can’t see your browsing history.

    Prevent price discrimination

    Price discrimination, also called dynamic pricing, happens when ecommerce sites offer different prices for the same product to different people based on their location or perceived ability to pay. Online retailers use a variety of criteria to calculate the prices for visitors to their websites — device type along with demographic information and your location.

    Airlines are frequently accused of price discrimination, with flight prices changing depending on when you buy, where you are, and other factors. As well as allowing you to shop online more safely, using a virtual private network to give yourself an IP address in another country means you can counteract location-based price discrimination.

    VPNs help you avoid price discrimination.By keeping you anonymous, a VPN can shield you from price discrimination.

    Why you should use a VPN

    VPNs offer the best protection against online snoops and hackers, and you should use one if you want to browse privately. As well as encrypting your internet traffic, and keeping your online activity hidden, a VPN prevents anyone from finding your IP address by showing the public internet the IP address of the VPN server you’re using instead of your own.

    Your public IP address links your device to your ISP as well as to your geographic location, which enables geo-blocking, censorship, price discrimination, and other content restrictions. Pair IP masking with encryption, and a VPN helps keep your online activities fully private from ISPs, hackers, and government surveillance. As more people are becoming aware of this, VPN usage is on the rise.

    Here’s a list of folks who would benefit from using a VPN:

    • People who use public Wi-Fi
      Public Wi-Fi doesn’t usually feature strong Wi-Fi security protocols, so whether you’re commuting or in a coffee shop you should use a VPN connection. Cybercriminals can all too easily intercept unsecured traffic, meaning your computer or phone could be hacked without you realizing it.

    • Businesses and employees
      All businesses need to protect themselves from risks like costly ransomware attacks and other cyberthreats. And businesses need to protect the communications and data of remote workers.

    • Journalists and whistleblowers
      Journalists who need to protect their sources, access secure data or records, or protect themselves from unwanted attention use VPNs to keep their digital activity private.

    • Citizens living under repressive regimes
      Those who live in undemocratic states or in illiberal systems can use VPNs to access information more freely and get around government censorship.

    • Gamers
      VPNs might help stop your ISP from throttling your bandwidth, which limits your internet speed. Or, you can use a VPN to access a game that isn’t available in your country.

    • Anyone accessing secure information
      Whenever you access or enter sensitive data on the internet, from online banking to tax returns, keep your information private.

    • People traveling
      Whether you’re overseas on business or vacation, you may want to access or stream content from your home country.

    • People who use ecommerce sites
      Protect yourself from price discrimination, especially if you’re buying big-ticket items like flight tickets.

      Use a VPN to stay safe on public Wi-Fi, unblock content, bypass censorship, stop ISP tracking, and pay fair prices.

    AVG Secure VPN enhances your privacy by masking you and other VPN users behind a single, shared IP address. That makes it extremely difficult for anyone to link your web activity back to you, since multiple users are sharing the same IP at any given time. It’s just one of the many ways AVG Secure VPN keeps you safe online.

    How to use a VPN

    Here’s how to set up a VPN connection to instantly encrypt your data and hide your IP address:

    1. Download and install AVG Secure VPN.

    2. Open the VPN app on your computer or mobile device.

    3. Choose a VPN server and connect.

    To benefit from VPN protection on your MacBook or iPhone, check out our guide to setting up a VPN on Mac devices or mobile phones.

    What is VPN encryption?

    VPN encryption is the process of using data encryption (encryption protocols) to create a secure tunnel for your data to travel through. If anyone examines your VPN connection, they’ll see scrambled data. Only your device and the VPN server you’re using can encrypt and decrypt, or unscramble, your data.

    While many encryption methods, or algorithms, exist, most VPNs use the 256-bit AES (Advanced Encryption Standard) algorithm. This level of encryption is so secure that it’s used by banks and governments worldwide — as well as by AVG Secure VPN.

    What are VPN protocols?

    A VPN protocol is the set of rules or instructions that create the connection between your device and the VPN’s proxy servers. Each VPN protocol is a combination of encryption methods and transmission protocols. You can change your VPN protocol in the settings of your VPN app.


    Popular for its speed and security (it uses 256-bit encryption), OpenVPN is one of the leading VPN protocols. As an open-source protocol, anyone can verify its source code.

    If exploitable vulnerabilities are found, they’re addressed quickly by the community of developers that support it. VPN connections that use open-source code also allow anyone to verify that the developers aren’t doing anything suspicious themselves.


    IKEv2 (Internet Key Exchange version 2) is an efficient protocol usually combined with IPsec (Internet Protocol Security). Like OpenVPN, IKEv2 uses 256-bit encryption and provides a fast connection. IKEv2 is especially popular with phones because it can easily switch between mobile data and Wi-Fi networks. But unlike OpenVPN, it isn’t open-source.


    Developed by Microsoft to create a VPN over dial-up networks, PPTP (Point-to-Point Tunneling Protocol) is an antiquated and far less secure protocol that's still popular with free VPN services. While it's easier to set up than more advanced options, PPTP is full of known security flaws and should be avoided if you want a secure connection.


    L2TP (Layer 2 Tunneling Protocol) was developed by Microsoft and Cisco as the successor to PPTP. Responsible for creating the VPN connection, L2TP is often combined with IPsec for security.


    Microsoft developed SSTP (Secure Socket Tunneling Protocol) to further enhance security and bypass proxies and firewalls that L2TP couldn’t. SSTP uses TCP Port 443, which means it works in most instances, even in countries and companies that block VPN connections. It’s encrypted with the AES cipher and is considered very secure. One limitation is that support is limited for operating systems other than Windows.


    Originally created for Linux, WireGuard now works with Windows, macOS, iOS, and Android. It’s simple to set up and one of the fastest protocols. By default, WireGuard stores IP addresses on the VPN server, which raises a potential concern about user privacy. But it depends on how the VPN provider addresses this, as they can use their own software to make sure IP addresses aren’t stored.


    Shadowsocks isn’t a VPN protocol but a tunneling proxy. It was created by a Chinese programmer to circumvent internet censorship and bypass firewalls. Shadowsocks will help you access restricted content but it won’t hide your IP address or encrypt all of your data, which is what a virtual private network does.

    Types of VPN

    There are three main types of VPNs: site-to-site, remote, and personal. Site-to-site and remote VPNs are typically used by organizations and businesses. Personal VPNs are intended for individuals who want a secure connection online.

    Site-to-site VPN

    A site-to-site VPN connects two or more private intranets at different sites. This is used by larger organizations or businesses so that employees can access the same private network and information regardless of the city or country they’re in. This type of VPN is difficult to set up and maintain, and the configuration of networks at all sites is necessary.

    Site-to-site VPNs don’t work for an employee at home or in a coffee shop, because the company has no control over these networks — a remote access VPN is needed for this.

    Remote access VPN

    A remote access VPN lets employees connect to a remote network securely using dedicated software. The employee’s “host” computer needs a client application to set up the connection. With this type of setup, you can work from anywhere and it gives you the same level of security as if you were on-site.

    Personal VPN

    A personal VPN, or consumer-grade VPN, is for individuals. It connects your device to your VPN provider’s server, providing a secure connection so websites can’t see your location and no one can track your online activity or communications.

    It’s the simplest way you can set up a VPN connection — you download a VPN app to your device and turn it on when you want to use it, or leave it on all the time.

    Use a secure VPN you can trust

    AVG Secure VPN keeps your data safe with 256-bit AES encryption — the same military-grade encryption that banks and governments use. Our lightning-fast servers located around the world will get you the content you crave while hiding your identity behind a shared IP address, making it almost impossible for anyone to link your activity back to you.

    Secure your Wi-Fi network, protect up to 10 computers and mobile devices with a single account, and stay anonymous online with AVG Secure VPN. Try it for free today.


    What does VPN mean?

    A virtual private network (VPN) is, by definition, a service that establishes a secure and private connection to the internet. A VPN creates an encrypted tunnel to protect your personal data and communications, hide your IP address, and let you safely use public Wi-Fi networks or connect remotely to a private network like your office.

    VPN services also help you bypass censorship, get around content blocks, and unlock website restrictions. By encrypting your internet traffic, VPNs hide your IP address and physical location, so that no one can tell who you are, where you are, or what you’re doing online. That’s why VPN means virtual private network — it’s a private tunnel through the internet.

    When should I use a VPN?

    You can’t lose by keeping your VPN on at all times. The most important time to turn on your VPN is if you’re about to connect to an unsecured public Wi-Fi network. Without VPN protection, it’s possible someone else on that network can see what you’re doing and access your data. Rather than ask, “what can I do with a VPN?” you should ask, “what data am I potentially exposing without a VPN?” And the answer is a lot.

    Is there a free VPN?

    Yes, there are free VPNs, but their services and features are more limited than premium VPNs. Free VPNs typically replace subscription fees by displaying ads or even by collecting personal data. And free VPNs usually don’t allow multiple simultaneous connections, meaning you can’t connect to your VPN from several devices at once. Other problems with free VPNs include bandwidth limits, slow connection speeds, and fewer server locations.

    Are VPNs safe and secure?

    A VPN service is as secure as its protocol. VPN services using the OpenVPN protocol leverage the same method of 256-bit encryption trusted by banks and governments around the world. But a VPN is not the same as an antivirus tool. While VPNs secure your internet connection, they’re not designed to detect, block, or scan and remove malware.

    You shouldn’t plan on using a VPN to protect against viruses, malware, zero-day attacks, ransomware, spyware, or phishing attacks.

    Can I be tracked while using a VPN?

    A VPN does prevent others from tracking your online activity based on your IP address, but it can’t block other web tracking methods such as cookies and browser fingerprinting. And once you log into an account online, the site can still track your activity even if you’re using a VPN.

    Security and privacy extensions for Chrome and dedicated private browsers can block cookies and protect you against browser-based web and ad tracking, while a VPN insulates your data and hides your IP address.

    Is using a VPN legal?

    VPNs are legal in most countries, but not all. Some countries restrict VPN usage, while others forbid certain types of content. But no matter where you are, using a VPN for criminal purposes is always illegal. While you’re unlikely to get into legal trouble for streaming through a VPN, your streaming content provider may block your account if you violate the service’s terms and conditions.

    How do I connect to a VPN?

    If you want to secure your personal connection over a VPN, you need to download and install a VPN app on your device — if you have an IPv6 address versus an IPv4 address, check that the VPN supports this first. You can then go into the app and choose a VPN server to connect to.

    Encrypt your connection and access content with AVG Secure VPN

    Free trial

    Encrypt your connection and access content with AVG Secure VPN

    Free trial
    Ivan Belcic & Christina Edwards