VPN Glossary


Anonymity means that a person cannot be identified. Your anonymity is guaranteed if your name or other characteristics to distinguish you are withheld.

Anonymous e-mail

An anonymous e-mail address allows a sender to save their identity. Such anonymous mail services are offered online by various operators and usually redirect online letters to a sender’s real e-mail address.


A so-called backdoor is a hidden loophole that allows intruders to access your system by bypassing security and encryption measures. Such “backdoors” are implemented by developers for maintenance purposes. But they can also be used as security holes by hackers to gain access to your computer or read your encrypted data.


Bitcoin is the progenitor of all cryptocurrencies. Its special characteristics are distributed among users who utilize the so-called blockchain, which is installed on all participating computers. Transactions in Bitcoin are anonymous, transparent, and secure against manipulation.


BitTorrent is a communication protocol and client software that allows peer-to-peer file sharing, mainly popular for movies, music, and software.

Browser extension

Browser extensions are software modules that provide a web browser with additional features. Such extensions can have a variety of use cases, from ad blockers to password management to VPN usage. The majority of such extensions for the browser are available for free download.


The cache or caching, also known as cache memory, is a temporary memory that is available via the processor of a computer. Currently, user data is stored here for fast, albeit temporary, retrieval.


The cookies are small text files that are created by visited websites and forwarded to your web browser. They contain information about your computer, your identity, or your search behavior. Unfortunately, cookies make it relatively easy to find out who you are.

Dark Web

The so-called “Dark Web” is a part of the “Deep Web” – this refers to the websites that are not indexed by search engines, mainly because they can only be accessed with a password. The content of pages on the deep web, as well as on the dark web, is private and is intended to remain so. The Internet traffic in those “unmapped” areas of the web is mainly done through browsers such as Tor. While the Deep Web is also used by people with perfectly lawful intentions, the Dark Web is (also) a platform for illegal activities.


The Linux-based open-source firmware DD-WRT is an alternative firmware for routers, which is offered for numerous routers. Since DD-WRT scores with additional functions, you can, for example, install a VPN client on a router with this firmware, but only the alternative Freetz runs on the Fritzbox.


DNS is an abbreviation for Domain Name System. The so-called DNS servers are web servers that link information with the requested domain name and can, therefore, be compared with address books or telephone books. For example, on request via a DNS resolver, you can use the DNS entries on the server to convert a domain name into an IP address.

DNS leak

When you log in via a VPN, you usually want to remain anonymous in your online activities. The VPN servers stand between you and the websites you are visiting and shield your identity. However, if the VPN connection fails for a short time, you will be connected to the pages you are visiting directly via the DNS server, and your IP address can now be recognized – this is a DNS leak.

Double VPN

With the Double VPN functionality, you will not only be redirected via one VPN server but via two (VPN Comparison with double VPN). Your already encrypted activities on your computer activities are forwarded to the VPN server and encrypted again there. So you are doubly protected.


Encryption is the process of encoding information with a so-called cipher in such a way that it can only be retrieved via this cipher – the appropriate “key” is required to make the data readable again.

End-to-end encryption

With end-to-end encryption, also known as “E2EE”, the transmitted data is encrypted along the entire route; only the sender and recipient of communication can see the cleartext.

The Five Eyes

“The Five Eyes” are five countries that work closely together at the intelligence level. They include the United States, Canada, Great Britain, Australia and New Zealand.

Geographic Restrictions

Geoblocking is the deployment of geographic restrictions and can be applied in various forms – such as making online content available only in certain regions. It blocks country-specific content, for example, when streaming via portals such as Netflix and YouTube or when accessing sports programs or media channels from beyond the specified zones. But network blocking of SIM cards or censorship of content can also be done this way. With a VPN, you can bypass geoblocking and access content that would otherwise not be available in the USA. (?)


An HTTPS connection is an HTTP connection that is based on an encrypted SSL protocol and therefore is exceptionally secure. With HTTPS you can protect your data while surfing on the Internet.


IKEv2 stands for Internet Key Exchange Version 2 and is a technology for exchanging encryption ciphers within the IPSec protocol. IKEv2s is supported by numerous operating systems.

IP Address

The IP address is the abbreviation for Internet Protocol Address. Such an IP is allocated to each Internet connection. They consist of four groups, each containing one to three digits. The IP is an identification code that can be used to send data packets when you are web surfing. It is necessary for setting up Internet connections. However, third parties can also obtain information about online behavior, location, and perhaps even your identity via the IP address. IP addresses are therefore associated with high data protection risks. With a VPN, your IP address remains hidden to protect your online privacy.

IP Binding

IP binding ensures that programs on your computer are only enabled when using a specific IP address. Such an IP binding can be used to link an IP address to a VPN service, preventing unintentional direct connections to the Internet even if the VPN fails.


IPsec, or Internet Protocol Security, is a security protocol that encrypts and authenticates data before it is transmitted on the web. End-to-end encryption is also possible with IPsec tunnels.


IPv4 stands for Internet Protocol Version 4, which is currently used to create IP addresses by default. Since the WWW is growing incredibly fast, the number of IPv4 addresses that are still available is limited.


Internet Protocol version 6 or IPv6, the successor to IPv4, now it creates 128-bit IP addresses. The new protocol makes far more possible addresses. It was developed specifically to keep up with demand.


The Internet Service Provider is the vendor that provides access to the Web. It is often offered as a package: for private customers, Internet access, Internet TV, and also telecommunications.

Kill Switch

The kill switch is an emergency switch that is included in the performance of many VPNs. It closes all connections if the VPN connection drops unexpectedly because the connection via VPN servers is not completely stable. Thanks to the kill switch function, data leaks can be avoided.


The Layer 2 Tunneling Protocol is a VPN security protocol for data encryption and authentication. L2TP cannot establish a VPN connection on its own, so the protocol is often combined with IPsec.


The L2TP/IPsec protocol combination brings together L2TP tunneling and IPsec encryption. With the two protocols combined, you get a highly secure and reliable VPN connection.


Log files or protocols are files created by your computer, websites you visit, your ISP, or the VPN provider. Such log files serve various purposes – among other things, they can be used to track and identify users based on their activities. Logging creates online data protection and privacy issues.

Open-source software

In open-source software, the source code is available publicly. Usually, such software is the product of the work of a wide network of volunteer developers. Open source is considered to be preferable in terms of security and data protection since every user has access to the source code and possible backdoors or bugs.


OpenVPN is an open-source VPN protocol that is often used for encrypted VPN connections. It is considered one of the most secure protocols around.


P2P, which stands for “peer-to-peer”, denotes the exchange via downloads and uploads, usually in file-sharing or via so-called torrents. Also, it describes the characteristics of the connection between two users. This type of P2P connection does not use fixed servers for its service. In a P2P network, data transfer occurs from the sender to the receiver without server stops. The most famous P2P network is BitTorrent. In P2P networks, downloaders and uploaders are easy to find if they do not use a VPN.


PPTP, the point-to-point tunneling protocol, is a now-obsolete VPN protocol. It is considered to be insecure, even though it is used by default on some computers.


Pretty Good Privacy is an encryption protocol for email. PGP is currently considered to be the most preferred and secure method for encrypting your emails because it allows you to securely encrypt not only the text of the mail but also file attachments. However, this popular software has one shortcoming: the header of a mail is not encrypted. Since the header also contains the metadata, complete privacy protection is impossible even with PGP.


Proxy servers function as an interim connection between you and the Internet. Proxy servers allow you to change your virtual location. However, the proxy service does not encrypt your data during data transfer. Especially free proxy servers are insecure in terms of data protection.


SmartDNS is used by some VPN providers to bypass geo-blocking. The SmartDNS feature changes your virtual location using DNS servers in other countries – so you surf as if you were in that country and can remove geographical restrictions. However, SmartDNS does not encrypt the transmitted data and is, therefore, less secure than a VPN provider.


SSL, or Secure Socket Layer, is a cryptographic protocol that encodes communication between devices. This protocol is used for websites as well as email, chat, and VoIP. Its successor, TLS, is more secure though.


Shadowsocks is a SOCKS5 proxy designed to protect your privacy and shield your traffic. Since Shadowsocks socks proxy is an open-source project, the source codes are available to everyone, allowing users to modify and improve the program themselves.


TLS, the acronym for Transport Layer Security, is the successor to SSL. It provides enhanced security for digital communications. With TLS, the integrity of digital information is better secured than with the predecessor protocol SSL.


Tor, the Onion service, is an Internet network that you can access via the Tor browser. Its name makes sense because Tor is a sequence of layers, the connection nodes acting like the onion skins. Data packages are transmitted through these layers in small units. This makes it extremely difficult to intercept data or determine its origin. Tor is often associated with illegal activities, but politically persecuted people and activists also use the network. The security of the Tor network has a drawback – a slow speed. Besides, Tor has been hacked in the past.


The acronym stands for Uniform Resource Locator and refers to an alphanumeric address for websites that makes Internet browsing easier. The browser “translates” the URL into the IP address, the actual “address” of the desired website, employing a DNS server.

256-bit encryption

256-bit encryption owes its name to the length of the key used to encrypt the transmitted data. It consists of a sequence of a total of 256 zeros and ones.

Two-factor authentication

Two-factor authentication, also abbreviated as 2FA, authenticates a login using two completely independent processes – for example, by requiring you to enter a code after entering a username and a password for the first time. But this code is sent to your smartphone and not to your computer. This is supposed to make access by unauthorized third parties more difficult.

VPN Client

A VPN client is software that you use to connect to a Virtual Private Network. The client software authorizes you to connect to one of the VPN servers. Also, it selects a protocol for encrypting the transmission. Commercial VPN providers do a lot more than that – such as a free choice of servers, special servers for streaming, or a kill switch for terminating the connection to avoid data leaks.

VPN protocol

A VPN protocol is the type of encryption and authentication used for a secure VPN connection. You can choose from several protocols with a reputable VPN provider, the most important of which are OpenVPN, PPTP, and L2TP.

VPN server

A VPN server is operated by the Virtual Private Network provider for the sole purpose of enabling anonymous connections. The VPN server is an intermediary that redirects your Internet traffic and anonymizes it.

VPN Tunnel

A VPN tunnel is the encrypted, secured connection between your computer and the VPN server because this VPN gateway reliably shields your identity like a tunnel.

Wi-Fi hotspot

A Wi-Fi hotspot is a wireless public network that allows you to access the Internet. Such hotspots are often offered worldwide by hotels and restaurants but also by educational institutions, public authorities or train stations. The hotspots are convenient to use and are often free of charge. But they can also be a gateway for hackers to gain access to your system. You can browse more securely via Wi-Fi hotspots if you use a VPN connection.

Author Alexander Klein Foto

Alexander Klein

38 years, Business Analyst

Alex is responsible for the analysis and optimization of our work processes. He has a lot of practical experience and, most importantly, an ability to think strategically. Besides, Alex is aware of new trends in the field of cybersecurity and clarifies them in his spare time.