What Is a VPN? | NOC.org

What Is a VPN?

A VPN (Virtual Private Network) creates an encrypted tunnel between your device and a remote server, routing all your network traffic through that tunnel. To the outside world, your traffic appears to originate from the VPN server's IP address rather than your own. This provides two core benefits: privacy — your ISP and local network cannot see what sites you visit — and security — your data is encrypted and protected from interception, even on untrusted networks like public Wi-Fi.

VPNs were originally developed for businesses to allow remote employees to securely access internal corporate networks over the public internet. Today, VPNs are used by millions of individuals and organizations for privacy, security, remote access, and bypassing geographic restrictions.

How VPNs Work: Tunneling and Encryption

A VPN operates by encapsulating your network packets inside an encrypted wrapper before sending them over the internet. This process is called tunneling. Here is how it works in practice:

• Your device establishes a connection to a VPN server using a VPN protocol.
• The VPN client on your device encrypts all outgoing traffic and wraps it in an outer packet addressed to the VPN server.
• The encrypted packet travels across the public internet. Anyone intercepting it sees only encrypted data headed to the VPN server — not the actual destination or content.
• The VPN server decrypts the packet, reads the original destination, and forwards the request to the target website or service.
• The response follows the reverse path: the VPN server encrypts it and sends it back through the tunnel to your device, where the VPN client decrypts it.

Modern VPNs use strong encryption algorithms — typically AES-256 for data encryption and RSA or elliptic curve cryptography for key exchange. This makes the encrypted tunnel effectively unbreakable with current technology.

VPN Types

VPNs fall into two primary categories based on their use case:

• Remote access VPN — Connects an individual device to a private network. This is the most common type, used by remote workers accessing corporate resources and by consumers using commercial VPN services for privacy. The user runs a VPN client application that establishes the encrypted tunnel to the VPN server.
• Site-to-site VPN — Connects two entire networks together over the internet. A company with offices in New York and London can use a site-to-site VPN to link their local networks, allowing employees at either location to access resources at the other as if they were on the same LAN. Site-to-site VPNs are configured on network gateways or routers rather than individual devices.

VPN Protocols

The VPN protocol determines how the encrypted tunnel is established and maintained. The most widely used protocols today include:

• WireGuard — A modern protocol designed for simplicity and speed. WireGuard uses state-of-the-art cryptography, has a minimal codebase (roughly 4,000 lines of code), and delivers significantly better performance than older protocols. It is now built into the Linux kernel and is rapidly becoming the preferred choice for both commercial VPN services and enterprise deployments.
• OpenVPN — An open-source protocol that has been the industry standard for over a decade. OpenVPN is highly configurable, runs on virtually every platform, and can operate over TCP or UDP. It is well-audited and trusted, though it is slower than WireGuard due to its larger codebase and older cryptographic design.
• IPSec (with IKEv2) — A protocol suite built into most operating systems. IKEv2/IPSec is particularly well-suited for mobile devices because it handles network transitions (switching from Wi-Fi to cellular) gracefully without dropping the VPN connection. It is commonly used in enterprise environments and in the native VPN clients of iOS, macOS, and Windows.

VPN and DNS

One often-overlooked aspect of VPN security is DNS handling. When you connect to a VPN, your DNS queries should also route through the encrypted tunnel. If DNS queries leak outside the tunnel — a problem called a DNS leak — your ISP or local network can see which domains you are visiting even though the rest of your traffic is encrypted. Quality VPN implementations force all DNS queries through the tunnel and resolve them using the VPN provider's own DNS servers or a trusted third-party resolver.

VPN vs. Proxy

VPNs and proxy servers both route traffic through an intermediary, but they differ in scope and security. A proxy typically handles traffic for a single application (like a web browser) and does not encrypt the connection. A VPN encrypts all traffic from your device at the operating system level — every application, every protocol, every DNS query passes through the encrypted tunnel. For securing remote connections and protecting sensitive data, a VPN provides far more comprehensive protection than a proxy. However, a WAF or reverse proxy at the server side serves a different purpose entirely — protecting your infrastructure from inbound threats rather than protecting outbound user traffic.