VPN's dictionary

That is VPN knowledge base

The services of providers may differ in their additional functions, protocols or encryption levels. If you do not know exactly what a given functionality or concept means, you can check it on the following page.


Glossary of terms

No activity and connection logs

This is the VPN provider's assurance that its servers do not collect and therefore cannot share your connection data such as IP addresses (source or VPN), browsing history, DNS queries, etc. However, service providers may collect statistical data that does not identify addresses or connection source, such as the dates of your connections or the amount of data transferred.
No activity logs mean it won't log your destination or your traffic content.
No connection logs mean no connection timestamps, session duration, your source IP address, or the VPN address you received.
It is a key functionality that determines the level of privacy.


Emergency stop

This is a type of security that in the event of a VPN connection failure, all traffic from your device will be immediately blocked and will not pass through the standard route through your internet service provider.
This is to prevent your real IP from leaking out to the websites or services you connect to, and to prevent those sites' addresses from being passed on to third parties (e.g. ISPs).
It is the most desirable and necessary functionality.


Split Tunneling

Split tunneling allows you to designate applications or websites to which traffic will be routed through your standard IP address, bypassing the VPN. It can be useful for websites that cannot be connected via VPN, e.g. connection to a workplace or requiring high-speed transfer.
Usually, it is also possible to set up reverse tunneling, i.e. designate applications that are to connect via VPN. In this case, all others will use your original IP address.


Dedicated IP address

Some providers allow you to buy a permanent IP address (for one selected country), which will be assigned only to you. It is useful for people who want to use the advantages of a VPN (e.g. access geographically restricted content) and at the same time use a unique address that will allow you to configure services for this IP, e.g. access to cameras or home network.
Dedicated IP address will make the website always identify you with the same IP address, which means that they will not require additional verification, e.g. by SMS, captcha, etc.


Private DNS

To change the domain name to its IP address it is necessary to use the DNS server. In this case, the provider of this service obtains information about the page you intend to visit and has the option of blocking or modifying this information (which is happening e.g. in China). The use of private, encrypted DNS servers and non-logging servers solves this problem and ensures complete anonymity.


Country of jurisdiction

VPN service providers must obey the laws of the country in which they are based. The laws of some countries may therefore provide more privacy and anonymity than others. Therefore, the location of the seat of the service provider VPN may be important for some users.


Alliance 5/9/14 eyes

It is an agreement of countries to collect and share all information - including network traffic. The alliance includes the following countries: Great Britain, the United States, New Zealand, Canada, Australia (5 eyes alliance), France, the Netherlands, Denmark, Norway (9 eyes alliance) and Belgium, Germany, Italy, Sweden, Spain (14 eyes Alliance)


VPN Protocols

OpenVPN

OpenVPN is one of the most popular VPN security protocols. It is open source, which means its code is available to everyone. The result is that possible security holes can be quickly identified and resolved, making OpenVPN one of the best protocols in terms of security.
It runs on TCP or UDP protocols. Simply put, the TCP protocol guarantees reliability at the expense of lower speed (the receiver must confirm receipt of each packet, otherwise it will be sent again), and UDP can transfer data faster but with the risk of unreliability.

Advantages:
- Ensures high security
- Transparency (open source)
- Versatility - compatible with most platforms
Disadvantages:
- may require manual configuration for some vendors



IKEv2

That is a fast, reliable and secure IKEv2 protocol with IPsec encryption, created by Microsoft and Cisco. Its main application concerns mobile devices, where it is characterized by extremely high stability, e.g. in the event of a network change.

Advantages:
- Ensures high security
- Speed ​​
- High stability in case of breaking connections

Disadvantages:
- Slower than OpenVPN
- Only on UDP protocol (which can be blocked)
- Not available on some devices



WireGuard®

A modern open source protocol that surpasses OpenVPN and IKEv2 in terms of speed and ease of implementation. Perfect for streaming or online gaming.

Advantages:
- Ensures high security (based on cryptographic key routing)
- High speed and efficiency
- Light source code (which makes it easy to verify)

Disadvantages:
- Still under development
- Had problems with stability



L2TP/IPsec

A replacement for the legacy PPTP protocol, paired with IPsec encryption. It uses double encapsulation which adversely affects its speed.

Advantages:
- Acceptable security (Man-in-the-Middle protection)

Disadvantages:
- Only on UDP protocol (which can be blocked)
- Pretty slow
- Less secure than the above.



Lightway (from ExpresVPN)

Built from the ground up by ExpressVPN. Establishing a connection to a VPN is extremely fast and, in addition, remains very stable, even when your device changes the network.
When it comes to security, Lightway uses wolfSSL which has been checked and verified during security audits. Lightway's source code was published on GitHub under an open-source license, which ensures transparency. It runs on TCP or UDP protocols.

Advantages:
- Ensures high security
- Speed ​​(one of the fastest)
- Great stability
- Transparency (open source)
- Light source code