VPN stands for “virtual private network,” a method of secure communications that protects your connection while you’re using the internet. It makes your browsing private, hides your IP (Internet Protocol) address, and ensures your internet service provider (ISP) doesn’t track you.

You need a VPN to:

  • Stay secure when using public Wi-Fi hotspots.
  • Mask your IP (Internet Protocol) address.
  • Encrypt your internet traffic, making your browsing more secure and private.
  • Access more internet content and bypass restrictions such as government censorship.
  • Ensure that your internet traffic isn’t tracked and recorded, later to be sold by your internet service provider (ISP), ad brokers, or snoops.
  • Make price discrimination work for you. 
Start your journey towards better internet privacy today

Get Surfshark

Table of contents

    How does a VPN work?

    When you connect to the internet via a VPN, it establishes a secure virtual tunnel (i.e., a secure connection) between itself and one of its servers. This tunnel is then used to transfer all your apps and website internet traffic.

    Using the tunnel also changes your IP address (like a home address for your device) to the server’s. This means that websites and services consider you to live in and connect from the server’s location, hiding your actual IP. 

    But the VPN connection goes a step further. To ensure the tunneling process is secure, the VPN client and the VPN server encrypt your data (English: turn into scrambled, unreadable code) using a shared key.

    how does a vpn work

    The “Blind Post Office” analogy:

    Imagine a post office that doesn’t know your first or last name or address. The clerk in this office receives and sends letters containing only one piece of information about you – your customer ID. The post office generates this ID for you and keeps it confidential.

    When you receive a letter, the clerk identifies you using this ID and forwards the mail directly to you. All this happens through a super-secret pipe that connects your house and the office.

    In the same way, you can ask this clerk to send a letter to anyone in the world. They will take your letter, attach your customer ID to it, slap the post office’s address on it, and ship it. As far as the receiver is concerned – the letter came from the post office and not from you (unless you signed it).

    To protect the contents of the mail and your ID, these letters are translated into a language only you and the post office clerk can understand. So even if anyone got hold of your mail – they couldn’t read it.

    What is VPN tunneling? 

    VPN tunneling is what VPN protocols do to establish a connection between the VPN client (app) and the server. As the name implies, it allows obfuscating and even hiding data. 

    To put it plainly, tunneling relies on encapsulation, which hides VPN communications on the public internet. Anyone checking your internet connection will see that you are using a VPN, but not what you’re doing. 

    Of course, to establish a tunnel, a lot has to happen: the client and server have to make contact, confirm that they are what they say they are, determine the method of communication, and establish an encrypted mode of connection. 

    There is more than a single way to do it, and that’s why multiple VPN protocols exist. But whichever VPN protocol you choose and whatever they do, tunneling is a vital part of it. 

    What is a VPN server?

    A VPN server is just a standard server configured with VPN software. This ensures that only people with VPN client software can connect to it.

    If you try to connect to a VPN server, it will ask for authentication (proof) that you have a VPN client. Once you’re in, all your traffic goes through this server. Anyone watching from outside can only see a mess of random internet data going in and out of the server. Hence, your whereabouts remain unknown.

    So, what can a VPN do for you?

    what does a vpn do

    Still following? Great. We’ve covered the basics of how a VPN works. Now, let’s take a look at what all that technical mumbo jumbo means for you!

    A VPN protects you on public Wi-Fi

    Free public Wi-Fi may be handy when you’re on the go. Sadly, it is really unsafe and makes you vulnerable even to basic cyberattacks. A VPN encrypts your online data and helps secure your personal information when you use Wi-Fi in airports, coffee shops, or other public places. It’s useful for hiding your web activity when you want to access sensitive information in public, like online banking, emails, or BitCoin and other crypto assets.

    A VPN masks browsing 

    Masking your IP address is essential to secure online privacy. A Virtual Private Network ensures that your location and browsing history aren’t directly linked to your identity. This way, you can surf with peace of mind without any third parties trying to steer your choices.

    A VPN unlocks blocked and censored websites

    Access to various websites is restricted in many countries due to geoblocking and censorship. You can unblock sites by connecting to a VPN server based in a different country. This allows you to bypass internet censorship and various georestrictions for content, social media, whistleblowing, or even research purposes.

    A VPN fights the sales of personal data

    Your browsing data is valuable to data brokers, marketers, and others, even without knowing the exact details of your messages and such. Even your ISP can be in the business of selling your browsing data to marketers. But if you connect with a VPN, you leave a lot less of this data behind, making it less attractive to all sorts of business entities. 

    A VPN helps stream Netflix privately

    With a VPN, you can remain safe when streaming Netflix and other services like Hulu, Disney+, and HBO Max. Our ultra-fast servers and unlimited bandwidth will ensure a throttle and buffer-free experience. This way, you can stay private when streaming your favorite shows and movies! Learn more about VPN streaming here

    Disclaimer: Surfshark does not encourage using a VPN in any way that would potentially violate the Terms of Service of streaming service providers.

    A VPN helps you avoid price discrimination

    Websites and services use your location and cookies to tailor prices for their goods and services. With a Virtual Private Network, you can avoid such marketing practices and save a buck when shopping online or buying airplane tickets.

    Start gaining VPN benefits

    Get Surfshark

    Does a VPN make you anonymous?

    does a vpn make you anonymous

    No, a VPN does not make you anonymous. And don’t believe anyone who tells you otherwise.

    Let’s set one thing straight, no sugar-coating – internet anonymity is a fantasy. Yes, you’ve read it right. There is no way you can be anonymous on the web. 

    However, a VPN enhances your online privacy greatly. While it doesn’t hide all the traces of your internet use, it hides a lot. 

    What does a VPN hide? 

    A VPN hides a lot, but not everything. In fact, the only way to hide everything is to never go online in the first place. But to explain the subject further, we have prepared the following table:

    With a VPN
    Without a VPN
    IP address
    Browsing habits
    Internet traffic
    E-mail you use to register
    Credit card information used for purchases
    Googling when signed in to your Google account
    Information you put on social media
    Targeted ads
    Very frequent

    Those are the basics of how a VPN can keep you more private online. If you’d like to know more, read our article What does a VPN hide?

    What is an IP address, and why can others see it?

    An Internet Protocol (IP) address is a digital label used to achieve communication between networks. It serves the purpose of identifying:

    • The host (you);
    • Your location in the network, so it knows where to send you the information.

    This means that without a VPN, the data packets traveling over the internet display your IP address at all times. It is visible to most online services, allowing websites to gather information about you.

    A VPN hides your IP address and location because you’re accessing the internet through a VPN server. And this server is where the information goes before it gets encrypted and reaches you through a trusted tunnel.

    What is encryption, and how does it work?

    how does a vpn encryption work

    I’ve mentioned encryption several times already, but let’s take a look at how it works.

    Encryption is what VPNs use to encode and secure your data. To anyone else, an encrypted message would look like complete gibberish unless they had a shared key to decipher it.

    The VPN client and server generate and exchange this key when you first connect to a VPN.

    Every time your data travels through the encrypted tunnel – it’s scrambled and later unscrambled using this key.

    So how powerful is encryption? Well, it depends on your encryption algorithm and the VPN protocol (discussed below) you pair it with.

    The AES 256-bit cipher is considered the best encryption algorithm and is used by the US government, the NSA, and the more reliable VPN service providers, including Surfshark.

    So, how secure does this make a VPN?

    Short answer – very secure.

    Long answer – it gets more interesting.

    Most security measures bank on making themselves too tedious to crack. For example, an encrypted session could take up to trillions of years (depending on the computer used) to decrypt by trying to “brute force,” i.e., guess the right key. 

    And even if someone managed to crack it, many VPN providers like Surfshark have implemented something called Perfect Forward Secrecy (PFS). This means that a VPN client generates a new key every 7 minutes or so.

    With PFS in place, cracking an encrypted session would only reveal what happened during those 7 minutes. After a new key is generated, you’d need to crack it again.

    In other words – scammers and hackers wouldn’t bother cracking an encrypted connection. They prey on people who don’t protect themselves online and on public Wi-Fi hotspots.

    What are the types of VPNs?

    While there is no hard-and-fast ISO-approved classification of VPN types, here are the currently agreed-upon definitions: 

    Remote access VPN

    Remote access VPN allows the user to connect to a remote  network securely. It helps simulate the level of security you’d have by connecting to that network from a safe location. You’ve probably encountered it during the work-from-home boom if you needed to access the company intranet outside of the office. 

    Site-to-site VPN

    Site-to-site VPNs connect intranets to networks. This is useful for large companies with offices all over the world. So while the office intranets are spread out all over the place, the site-to-site VPN connects them into a single, seamless network that employees can use without having to configure and connect to other networks – or worse, have to ask colleagues in other offices to forward the data. 

    Personal VPN

    Personal VPNs – or consumer-grade VPNs – are meant for individual users. Instead of connecting to a different network, it connects them to a VPN server in a secure, encrypted manner. The benefit of this is that when a user accesses a website or service via a personal VPN, said website or service thinks they’re connecting from the VPN server. Surfshark et al are personal VPNs. 

    VPN protocols

    vpn protocols

    An important part of VPN security is protocols. They make your connection to the VPN server possible. They are the sets of rules that determine how your VPN connections work from start to finish. 

    Contrary to popular belief, VPN protocols do not have a huge impact on your connection’s speed, stability, and security. However, protocols can prove useful in different situations and perform differently on every device! Here are some that you may come across:


    OpenVPN is an open-source VPN protocol. It’s fast, secure and compatible with many routers. Because it is open-sourced, its code has been examined through and through by cybersecurity experts worldwide. Generally, it performs worse than IKEV2 and WireGuard.

    Available on: Windows, macOS, Android, iOS, Linux, and BSD.

    Supported by Surfshark: Yes 


    WireGuard® is a relatively new protocol built to surpass OpenVPN and IPSec in power use and performance with only 4,000 lines of code.

    Available on: Windows, macOS, Android, iOS, FreeBSD, NetBSD, OpenBSD, and others.

    Supported by Surfshark: Yes


    Internet Key Exchange version 2 (IKEv2) is on par with WireGuard’s quality. It can outperform other protocols in terms of speed when switching networks and at shorter distance connections, making it popular among mobile users.

    Available on: macOS, Android, iOS, Linux, Blackberry, Unix, and others.

    Supported by Surfshark: Yes

    PPTP and LT2P/IPSec

    Both are severely outdated tunneling protocols, and I highly recommend avoiding them. Albeit fast, they can offer neither the security nor reliability of OpenVPN, IKEv2, or WireGuard.

    Available on: Windows, macOS, Android, and iOS.

    Supported by Surfshark: No


    SSTP is a tunneling protocol rather than a VPN protocol, meaning that it lacks the functionality of OpenVPN, IKEv2, and WireGuard. While considered relatively safe and easy to use, its code was never audited, and it has issues working on other operating systems like Mac OS.

    Available on: Windows, Linux, and BSD.

    Supported by Surfshark: No


    Shadowsocks is not a VPN protocol but a tunneling proxy. However, it can run as a protocol on VPN clients. It was created for the sole purpose of bypassing The Great Firewall of China. It is fast, hard to detect, and can be used to skirt government-imposed censorship.

    Available on: Windows, macOS, Android, iOS, and Linux.

    Supported by Surfshark: No

    How to pick a VPN service

    Let’s say, hypothetically, that I have awakened a deep yearning for a VPN in your soul. The question is, then, how do you choose one?

    Here are the essential things to look out for before choosing a VPN service provider: 

    • Server coverage. A strong VPN provider should have good worldwide VPN server coverage. This will give you more locations to choose from and will decrease server load.
    • VPN encryption. A secure VPN encryption algorithm is essential. Make sure to look for the AES-256 cipher – a current standard in the industry.
    • Server load. If there aren’t enough servers to balance the user load, connection speeds will suffer and become slow.
    • VPN protocols. Protocols are vital to a VPN’s security, and you can use different ones based on your preference. I recommend you look for services that offer OpenVPN, IKEv2, or WireGuard.
    • MultiHop. It is a VPN feature that directs your traffic through several servers simultaneously. It is not essential, but it can give your online security an extra kick.
    • Obfuscated VPN servers. When obfuscated (a fancy term for making something obscure), a VPN server will make your traffic seem like regular internet traffic. This helps to bypass VPN blockers and win hide-and-seek against your internet provider.
    • Device support. Before purchasing a VPN, make sure it supports the device you wish to secure. It happens. We’ve all been there.
    • RAM-only servers. These are becoming a staple for any VPN service. When running on RAM, servers automatically wipe all the data whenever turned off.
    • The Privacy Policy. It is one of the most important parts of any VPN service. It’s an immediate red flag if your VPN provider does not have a Privacy Policy or if they’re logging sensitive information without any stated reason.

    How to set up a VPN

    Setting up a VPN couldn’t be easier. We recommend downloading native apps, but you can always opt for a manual setup if you’re more tech-savvy.

    In conclusion: you need a VPN 

    Now that you know what a VPN is and what it does, you just need to get one. I will, of course, suggest Surfshark VPN. It has all the features mentioned in this article and constantly strives to deliver the best user experience. 

    And if you want to learn more about Virtual Private Networks, security, and privacy, check out our blog for more cybersecurity content.

    Be in total control of your online privacy

    Buy Surfshark


    What devices are VPNs compatible with?

    Device compatibility always depends on the VPN provider. Surfshark supports apps and plugins on most computer and mobile devices, smart TVs, and consoles.

    What is a no-logging or a no-log VPN?

    No-logging means handling users’ data without keeping any logs or records of their online activity. In short, a no-log VPN will not collect the following information about your internet activity:

    • Your IP address;
    • Your network traffic;
    • Your browsing history;
    • Your bandwidth information;
    • Connection timestamps;
    • Session information.

    Are VPNs legal?

    The short answer is yes – VPNs are legal in most countries. However, it is still against the law to use a VPN for illegal activities.

    Some countries ban VPNs for political and legislative purposes like internet access control and stunting freedom of speech. Yet, most countries do not forbid their use.

    What is a VPN web browser? Can I use it?

    A VPN browser is a web browser with a built-in VPN protocol that protects a user’s browser resources. Not everything that is advertised as a VPN browser actually is one. Some are just privacy browsers.

    Can a VPN make my internet connection faster?

    In some cases, yes. If you’re streaming or downloading something, your ISP may throttle, i.e., slow down your internet connection. They do this to save on and distribute bandwidth across their internet users. But since a VPN hides your traffic, your internet service provider lacks the necessary information to throttle you.

    However, in most other cases, a VPN will not make your connection faster because it adds extra steps to accompany your connection. By default, the prolonged process may slow your connection, but it would hardly be noticeable.

    How much does a VPN product cost?

    VPN prices vary across different VPN providers. To illustrate this, here is a table of price comparisons from some of the better-known VPNs:

    Time period
    Nord VPN
    Express VPN
    Private Internet Access
    3 years
    2 years
    1 year
    6 months
    1 month

    Can’t I just use a free VPN?

    You can, but you shouldn’t. Here’s why.

    A VPN uses servers to reroute your information. Thousands of these servers are scattered across the world, costing money to set up and maintain. The same goes for developers and everyone else that works to keep the VPN functioning.

    In other words – free VPNs don’t exist because no VPN services are free to maintain. It’s all a question of where the VPN service is getting its funding. Mainly there are three ways to do this:

    1. Setting up a subscription;
    2. Bombarding the user with ads;
    3. Collecting and selling the user’s information.

    A “free” VPN often does numbers two and three simultaneously. So, be careful when choosing a VPN service provider!

    Is VPN safe?

    Yes, as long as it’s not a free VPN.

    Do I really need a VPN at home?

    You need a VPN at home to prevent cyber tracking and throttling and enjoy the other benefits. 

    What happens if you don’t use a VPN?

    When not using a VPN, you are easier to track, the ISP can get  your internet browsing history, and you may experience bandwidth throttling. 

    What makes your data valuable?

    Your Internet Service Provider (ISP) and websites can monitor, log, and later sell the information connected to your browsing, e-shopping, and other habits. This data is valuable to ad brokers and service providers because it reveals patterns in your actions, such as likes, hobbies, and interests. This can later be used to make product offers you’re more likely to buy.