Overview

A virtual private network (VPN) is a combination of technologies and practices that lets computers, networks or individual devices communicate over an intermediate public or shared network as though they were connected by a private link. In practical terms a VPN encapsulates and often encrypts data so remote endpoints appear to be on the same local network, even when traffic traverses the wider internet or other carrier infrastructure. The concept separates the private logical network from the physical carrier network so users and applications see a direct trusted connection.

Core principles and properties

VPNs are designed around a few fundamental security and networking guarantees. These include:

  • Confidentiality: Data carried across the public carrier is transformed so that intermediate routers cannot read its contents. Implementations rely on cryptographic mechanisms and trusted endpoints to preserve secrecy. See general infrastructure considerations at underlying infrastructure and the role of encryption at encryption.
  • Authentication: Endpoints and users must identify themselves before joining the private network; this can involve credentials, certificates, or tokens. Authentication helps prevent unauthorized access and is sometimes described as sender authentication.
  • Integrity: Protocols include checks that detect whether messages were altered in transit, commonly referred to as message integrity.

History and development

VPNs emerged in the 1990s as enterprises sought secure ways to join geographically separated offices and to allow remote employees to access corporate resources. Early solutions used dedicated leased lines; later approaches layered cryptographic tunnels over the public internet to reduce cost while maintaining security. Over time standards matured, implementations diversified, and both open source and commercial products became widespread. The technology has continued to evolve in response to higher performance expectations, new encryption methods, and shifts in how people work and access cloud services.

Common uses and examples

Organizations and individuals use VPNs for several reasons. Businesses commonly deploy site-to-site VPNs to connect branch offices into a single administrative domain when a direct private link would be impractical. Remote-access VPNs let employees reach internal applications and internal-only websites from home or while traveling—resources that would otherwise be inaccessible from the open internet; examples include corporate intranets and internal file servers described at work websites. Individuals also use VPNs to protect their privacy on public Wi‑Fi, to reduce online tracking and provide a measure of anonymity, or to access content that may be restricted in their region. VPNs are commonly used in situations where censorship or blocking limits normal access, for example to circumvent national restrictions in places such as China.

Protocols, types and notable variants

VPNs can be implemented with many protocol families and products. Common protocol examples include modern open-source and standardized solutions such as OpenVPN, widely used TLS- and SSL-based tunnels; enterprise clients like Cisco AnyConnect; and industry standards such as IPsec, which supports secure site-to-site and remote access in many routers and firewalls. Other designs include SSL/TLS VPNs that operate through a web browser, lightweight layer-2 overlays that emulate a local network, and modern wire‑guard style protocols focused on simplicity and high performance.

While VPNs provide strong protections when configured correctly, they are not a panacea. Endpoints must be trusted and kept secure; a compromised device may leak credentials or decrypt traffic after it leaves the tunnel. Performance depends on the gateway and encryption overhead and some services may still detect or block VPN connections. Additionally, laws and policies in some jurisdictions restrict or regulate VPN use. Organizations must balance convenience, security configuration, logging practices and compliance when deploying VPNs for employees or offering services to the public.

For further reading, authoritative resources cover the technical mechanics of tunneling, cryptographic choices, deployment patterns and best practices; search vendor documentation, standards texts, and security guides at infrastructure resources or protocol pages such as OpenVPN and IPsec.