A virtual private network (VPN) enables data to be sent from your device over the Internet (e.g. to a website) via an encrypted tunnel to a trusted intermediary who forwards your data. VPNs can be used to remotely access private networks, or to shield personal info like your IP address, and generally allow for added privacy and security. But note that not all VPNs are created equal, or used for the same purposes.
What types of VPNs are there?
In general, there are three types of VPNs, all based on the same technologies:
- Personal VPNs (often just referred to as “VPNs”) allow anyone to sign up. Devices connected to a personal VPN usually send all Web traffic through the VPN. A personal VPN protects your browsing data and other identifying information, like your IP address, from being collected by third parties. VPN software can run on most devices, and offer extra protection wherever you are. It’s this type of VPN we’re discussing in this article.
- Remote-access VPNs (also called client-to-site VPNs) allow devices anywhere in the world to appear to be connected to a local network. Your company or organization may have a VPN like this to allow employees to access internal servers from anywhere, as if they were physically in the office. Generally, only your traffic destined for those internal servers goes through the remote-access VPN; the rest goes directly over the Internet as usual. It’s most common to find remote-access VPNs used on workplace computers.
- Site-to-site VPNs are set up to join disparate local networks. They’re often used by businesses to connect different office or store locations seamlessly and securely.
How does a VPN work?
Generally, you access the Internet through a browser or an app. The browser or app takes your content request—things like the URL for a site, or search query entered into a search engine—and contacts your Internet service provider (ISP) with the request. The ISP then navigates the Internet to find your content and “resolves” it, or returns to you what it finds (a process called DNS resolution). In short, this means everything you do on the Internet passes through your ISP, both going and coming.
The Internet and your ISP
Typically when you use a VPN, you tell your ISP not to resolve your requests, but to instead send them to a VPN server that will handle the resolution. First, the VPN software on your device connects to a VPN server and they agree on an encryption key. Only the VPN server and your software know this key. The software then uses this key to encrypt your request and sends the encrypted request (through the ISP) to the VPN server. The VPN server decrypts your request and then navigates the Internet to find what you need. The server finds and encrypts your content, and sends it back to your device.
The encrypted legs of the trip that data takes between your computer and the VPN are called the “tunnel.” The potentially unencrypted legs between the VPN and the requested site are no different than between the ISP and the requested site. It’s the tunnel and the intermediate stop at the VPN server that creates the increased privacy. The encrypted tunnel conceals your data while it’s passing through the ISP. Passing your data through a VPN server replaces your IP address with the IP address of the VPN server, concealing your true IP address.
Routing traffic through a VPN server
Can a VPN replace my ISP?
Using a VPN can help protect your privacy from the networks and ISPs that your Internet traffic goes through, which is especially important if you don’t trust them. But note that a VPN is not a replacement for an ISP. You always need an ISP to access the Internet—your connection to a VPN still uses the Internet access that your ISP provides. The difference is that with a VPN, the ISP doesn’t get involved with locating content, and it can’t read the encrypted data you’re exchanging with your VPN server. The only thing the ISP can see is that encrypted data is passing by on its way to a VPN server.
Does a VPN make my browsing private?
There are three main ways in which a VPN protects your privacy:
- First, it hides your public IP address from Web servers. With a VPN, website servers will only see the address of one of the VPN provider’s servers. This can inhibit IP address tracking. Some VPN providers have servers in several countries, and can send your traffic through any of them, allowing you to deal with a website’s geographic restrictions. Switching servers also allows a user to improve performance when the current server is slow due to location or demand.
- Second, it encrypts the address of the site you’re visiting as it moves between your device and the VPN provider. This means that if you’re using a public or untrusted Wi-Fi network or ISP, your browsing activity is safe from anyone who’s snooping on the network, including administrators. They won’t be able to learn anything about your activity, except that you’re using a VPN.
- Although most of the data that moves through the Internet today is encrypted as part of HTTPS, a VPN adds an additional layer of general data encryption. This extra layer is helpful if the site you’re visiting doesn’t happen to be encrypted (i.e. is just an HTTP site).
Note that many VPNs won’t protect you from other forms of Web tracking, like cookie-based tracking or fingerprinting. You can protect yourself from that by using a browser—like Brave—that has built-in protections against these kinds of tracking.
How do VPNs affect access to online content?
We generally think of the Internet as available to all, but there’s plenty of content that’s only available to some people in some locations. Using a VPN can improve your access to restricted content.
Overcoming censorship, content blocks, and surveillance
Some countries take strong measures to block individuals’ access to certain Internet content. One way they do this is by manipulating the Domain Name System to omit some content that the government disapproves of. This censoring can be applied universally to anyone within the country, or on an individual basis, based on the user’s unique IP address. Connecting to a VPN server located outside the country can circumvent DNS censorship, potentially allowing access to more content on the Internet. The VPN server also masks your true IP address, so your activity can’t be controlled based on your IP address.
Even where censoring is not an issue, surveillance can be a concern. Governments can compel an ISP to track your activity and provide the information upon request. By encrypting your activity, a VPN makes it so the ISP has no browsing history to report (but they can still report you’re using a VPN).
Enhancing your gaming or streaming experience
If your ISP notices you’re consuming lots of data (which is common with streaming and gaming), they can take the step of throttling (basically limiting) your bandwidth. With a VPN, an ISP won’t necessarily know that you’re doing lots of streaming or gaming. They can still see your overall data usage, but they can’t tell any specifics. This may protect you against the ISP applying automatic rules about data usage levels on specific websites.
Note: Keep in mind that this benefit may be offset by the added latency of using a VPN, particularly with gaming.
Accessing region-specific content or services
Content providers are able to put restrictions on who can access what content. They do this by determining your location based on your IP address. By selecting a VPN server located in an approved area, you may be able to access content that you might otherwise be blocked from enjoying. This can come in handy, for example, when you’re traveling and still want to access the same content you can get at home.
How do I use a VPN?
First, you’ll need to sign up for an account with a VPN provider, such as Brave Firewall + VPN. Depending on the VPN provider, you may have to download an app and install a configuration file (each provider will give you specific instructions). Brave VPN is built directly into the Brave Browser, which means once you have the Brave privacy browser, you won’t then need to download a separate VPN app.
Once you’ve created a VPN account, you’ll need to log into the VPN app, and then connect to the VPN service. You can turn the VPN on and off whenever you want. While you’re connected to the VPN, all of your Internet traffic will be routed from the VPN provider to its destination.
Some VPN providers, including Brave, also let you switch the geographic location your traffic will appear to be coming from. This can help deal with the geographic programming that some websites have. (For example, a streaming site might show certain videos only to viewers in certain countries, using your public IP address to make that determination.)
What should I consider when choosing a VPN provider?
Using a VPN involves placing a lot of trust in the provider, because they’ll be able to see some of your Internet activity while you’re connected to the VPN. As long as you’re browsing using HTTPS, the VPN provider won’t be able to see the content of your browsing, but they may be able to tell which sites you’re on.
There are plenty of VPN providers that log your activity, and sell information about it to third parties. Free providers are especially likely to do so; operating a VPN costs money, and if you’re not paying the provider, someone else (like advertisers) must be.
Brave VPN does not log your activity or sell your information. Many VPN providers claim they have a no-logs policy, when in fact they actually do save your browsing history, often under the guise of “system performance monitoring.” Brave VPN never saves anything about your browsing activity, not even on a temporary basis.
For a deeper discussion, read our guide to choosing the best VPN provider for your needs.