Comprehensive Security and VPN Terminology Guide

A VPN creates a private, encrypted channel across the internet. Websites detect the VPN server’s address, keeping your true location and IP concealed.

• Encrypts data so cafés, hotels, or ISPs cannot intercept it.
• Conceals your IP address to block straightforward location tracking.
• Works best with a kill switch to prevent leaks if the connection fails.

An IP address is your device’s public internet identifier. VPNs replace it with the server’s IP, making apps believe you’re in a different location.

• Public IP: visible to streaming services and online stores.
• Private IP: assigned by your home router to devices.
• Geo-spoofing: select a country to access content or pricing.

A tunnel is the encrypted route linking your device to the VPN server, keeping data secure and unreadable.

• Encrypted channel for your data transmission.
• Blocks Wi-Fi spying in cafés, airports, and hotels.
• Compatible with modern protocols such as WireGuard and OpenVPN.

The handshake is a rapid key exchange establishing a secure encrypted tunnel.

• Agrees encryption keys to prevent interception.
• Employs protocols such as WireGuard or TLS within OpenVPN.
• Occurs within milliseconds before data transfer begins.

A kill switch disables your internet if the VPN disconnects, preventing data leaks.

• Automatically halts traffic if the VPN tunnel breaks.
• Blocks IP and DNS leaks during short disconnections.
• Crucial for public Wi-Fi use or torrenting.

DNS leak protection ensures your website queries stay within the VPN tunnel, hiding them from your ISP.

• Directs DNS queries via the VPN server.
• Stops your ISP from recording visited websites.
• Check for leaks using an online tool after connecting.

A no-log VPN keeps no record of your activity. Leading providers verify this through independent audits.

• No records of browsing or connection history are stored.
• Audit reports validate these claims.
• Privacy-friendly jurisdictions limit data requests.

Split tunnelling allows selection of apps to use the VPN while others access the local network directly.

• Route work apps via VPN; local devices connect directly.
• Lowers network load while securing important traffic.
• Use cautiously to prevent exposing sensitive apps.

Latency is delay time; bandwidth is data capacity. Nearby servers and modern protocols maintain good speeds.

• Latency depends on distance and congestion; choose nearby servers.
• UDP is quicker for streaming; TCP offers reliability for banking.
• MTU: correct packet size avoids fragmentation and loss.

Servers unlocking libraries and SmartDNS help maintain access to shows and sports while travelling.

• Geo-blocking restricts content by country; VPN servers bypass this.
• Specialised streaming routes reduce buffering.
• Always-on VPN on mobile safeguards when switching Wi-Fi networks.

Multi-hop sends traffic via two VPN servers for added privacy.

• Introduces a second encrypted stage before reaching the internet.
• Enhances privacy but may slow connection.
• Suitable for activists or investigative purposes.

Ping measures delay; jitter measures delay variation. Both impact smooth streaming and gaming over VPN.

• Lower ping improves responsiveness; select nearby servers.
• High jitter causes interruptions in calls and streams.
• Reliable protocols and close servers minimise jitter.

WireGuard is a lightweight, fast VPN protocol featuring modern cryptography and a compact codebase.

• Quick reconnections and low latency.
• Compact codebase facilitating easier audits.
• Ideal for mobile use and switching Wi-Fi networks.

OpenVPN is a well-audited VPN protocol employing TLS to secure tunnels.

• Proven and widely supported.
• Versatile: operates over UDP or TCP.
• Robust community audits and plugin support.

Authentication verifies your access rights. VPNs combine passwords or keys with certificates and may include MFA.

• Certificates prevent fake servers.
• HMAC verifies message integrity.
• MFA provides an additional authentication layer for administrators.

Site-to-site VPNs connect whole office networks, making them function as a single LAN over the internet.

• Securely links branch offices.
• Ideal for shared drives and printers across locations.
• Depends on routers or gateways rather than individual device apps.