How does a VPN work?


Using a virtual private network, or VPN, can help protect your online privacy and data. Here’s how.

The internet is not a very private place. If you use public Wi-Fi networks for things like shopping and banking, you could have your online privacy invaded or your data taken. Using a virtual private network — VPN, for short — can help.

A VPN can hide information about your IP address and allow you to go online anonymously. How? A VPN works by encrypting your communications on whatever device you’re using, including phone, laptop, or tablet. It sends your data through a secure tunnel to the VPN service provider’s servers. Your data is encrypted and rerouted to whatever site you’re trying to reach.

VPN basics

A VPN enables you to connect to the internet in an encrypted fashion. Encryption adds security and privacy, which is especially important when using public Wi-Fi. That’s because hackers and other cybercriminals often target public Wi-Fi to steal the personal information you send and receive while on those types of networks.

It gets worse. You may think you’re using the free public Wi-Fi provided at an airport, hotel, or coffee shop. But you may have logged on to a Wi-Fi network that only appears to be legitimate. But guess what? A cybercriminal may have constructed the network to steal your data.

How VPN works: It allows you to use inherently non-private public Wi-Fi by creating an encrypted tunnel through which your data is sent to a remote server operated by your VPN service provider. The VPN server then sends the data to the site you’re seeking to connect with, encrypted and safe from the prying eyes of hackers and other cybercriminals.

VPNs can sometimes slow your computer’s performance. That can happen if the VPN’s servers are geographically distant. For best performance, consider a VPN with servers located around the world. That way, your data can be routed through a closer location.

Some VPN services limit your usage. For instance, they may limit the amount of data you can send in a single connection, over a period of time, or limit the speed of the data. This can be common with free VPN services.

Types of VPN security protocols

VPNs use a variety of different protocols. Older protocols, such as PPP and PPTP, are considered less secure. Here are some of the types of security protocols.

  1. IP Security (IP Sec). Internet Protocol Security is a popular protocol that protects data through either a transport mode or a tunnel mode. Both provide encryption. It’s considered highly secure and is useful for securing inbound and outbound traffic. But it can require a lot of processing power, and that can affect device performance. Also, some of the security algorithms used in IPSec in the past have been hacked by cybercriminals. Newer versions of IPSec use stronger, more complex algorithms.
  2. Layer 2 Tunneling Protocol (L2TP)/IPSec. L2TP is a VPN protocol that doesn’t encrypt data by itself. That’s why it’s paired with IPSec encryption. One of its primary advantages? It’s available on most devices and operating systems and provides a high level of security. The downside? It can result in slower connections. That’s because it uses the double encapsulation process.
  3. Secure Sockets Layer (SSL) and Transport Layer Security (TLS). SSL was the encryption protocol VPNs generally used before 2015. It has evolved into TLS for encryption of data traveling to an SSL VPN server. One of the reasons that SSL has been largely replaced in VPNs is due to the large number of vulnerabilities discovered in the protocol.
  4. Point-to-Point Tunneling Protocol (PPTP). PPTP was the earliest of security protocols and first released in Windows 95. It’s fast, but that’s because the protocol provides a low level of encryption.
  5. Secure Shell (SSH). The SSH protocol isn’t considered especially user-friendly and doesn’t automatically encrypt all of your data. It’s more difficult for users to configure. Plus, fewer providers use this protocol, which limits your choices. 
  6. Secure Socket Tunneling Protocol (SSTP). This Microsoft-developed protocol is considered highly secure and easy to use, but it doesn’t work as well on platforms other than Windows.
  7. Internet Key Exchange, Version 2 (IKEv2). This protocol is based upon IPSec. It’s considered quite secure and fast. One downside? It can be blocked by firewalls.
  8. Open VPN. This is perhaps the most popular VPN protocol. It combines high security and speed. Because it’s open source, numerous third parties maintain and update the technology. Norton360 uses this protocol for its VPN, Norton Secure VPN

Why do I need a VPN?

A VPN helps transform your connection to the internet into a safer and more secure experience. It can enhance the security of your personal information and your online privacy. These are the main benefits of a VPN.

For instance, consider the dangers of using public Wi-Fi. Cybercriminals may be able to access personal data you send and receive, even if the network you’re on is password-protected. In some cases, the data can be used to steal your personal information to access your online accounts. A VPN can help protect your data in two ways. For one, it can help prevent data from being stolen through a phony public Wi-Fi set up by a cybercriminal. It can also help protect data being passed on a legitimate public Wi-Fi that’s been hacked by a cybercriminal.

What’s more, your internet searches on a VPN remain private. And while third parties may only be using this information to target you for advertising, there are other risks

For example, your information could be accessed in a data breach. Criminals might use the exposed information to create spear-phishing emails. If you click on one of these bogus emails, you could become a victim of a ransomware attack.

Spear-phishing emails are often specifically tailored to your interests. They attempt to lure you into clicking on links containing a variety of malware. That includes keystroke logging malware, or ransomware that can lock and encrypt your computer’s data, making it inaccessible to you unless you pay a ransom.

The enhanced privacy provided by a VPN is also a reason for considering the use of a VPN for your devices at home even when you are not on public Wi-Fi.

In short, here’s what the benefits of a VPN look like. VPNs offer protection by helping:

  1. Encrypt your web activity.
  2. Hide your physical location.
  3. Add to your web anonymity.
  4. Secure the personal information you send and receive while on public Wi-Fi.
  5. Protect your online data from being used to make you vulnerable to spear-phishing.

What is a no-log VPN?

no-log VPN is one that doesn’t collect and use the data that you send through the VPN, such as the websites you visit or your downloads.

Because people use VPNs to enhance their privacy, you might think all VPNs would be no-log VPNs. Not so.

Some VPN providers do collect a minimal amount of user information, such as their email address, but these exceptions to the rule should be available in the VPN provider’s privacy policy. Norton Secure VPN does not keep logs.

You can find out more in the Norton Privacy Notice. Here’s what it says. Norton Secure VPN collects subscriber information for communication purposes, mobile device data, and aggregate bandwidth usage. It’s important to note that Norton Secure VPN does not log information about where you go on the internet.

VPN vulnerabilities and red flags

Nothing is perfect. For instance, not all VPNs protect you from cookies found on the websites you visit. Also, VPNs have been hacked through vulnerabilities that have not yet been discovered, or which have not yet been patched. That’s one reason why it’s essential to download the latest security updates when they’re made available.

VPNs come in many varieties. Some are free, and others have monthly fees.

Free VPN services often collect information about you. They target you with ads related to your interests. Those are determined by the information gathered by your computer or mobile device use.

That’s not all. Some free VPNs sell your data to third parties over which you have no control. Cybercriminals have even set up free VPNs to harvest your information.

Protect yourself with Norton Secure VPN

Norton Secure VPN is an excellent no-log VPN that uses the Open VPN protocol, is faster, more secure, and operates on Windows, Mac, and Android devices. Norton Secure VPN also helps block ad-tracking cookies, which helps stop annoying ads and enables faster browsing.

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.