VPN marketing loves a bit of jargon. Half of it is real and worth understanding, and half of it is a feature dressed up in a name that came out of a meeting. This glossary covers the terms you will actually run into while shopping, explained the way I wish someone had explained them to me. If a word in a review sent you here, you should be able to read its entry and get straight back to your decision.
If you want the bigger picture first, start with my guide on what a VPN actually is, then come back for the specifics.
A to Z of VPN terms
AES-256
The encryption standard most VPNs use to scramble your data. The “256” refers to the key length, and in practical terms it means nobody is brute-forcing their way into your traffic. When a provider says “military-grade encryption,” this is usually what they mean, and AES-256 is the honest, boring name for it.
Bandwidth and throttling
Bandwidth is how much data your connection can move at once. Throttling is when your internet provider deliberately slows down certain traffic, such as streaming or torrents. A VPN hides what you are doing from your provider, which can stop that kind of targeted slowdown.
DNS and DNS leak
DNS is the system that turns a website name into the numeric address your device connects to. A DNS leak happens when those lookups slip outside the VPN tunnel and go to your internet provider instead, quietly exposing which sites you visit even though the rest of your traffic is protected. Good VPNs run their own DNS and block leaks; it is one of the things worth testing.
Encryption
The process of scrambling your data so that anyone who intercepts it sees gibberish instead of your messages, passwords, or browsing. Encryption is the core of what a VPN does. Everything else is plumbing around it.
Five Eyes, Nine Eyes, Fourteen Eyes
Names for groups of countries that share intelligence with each other. The Five Eyes are the US, UK, Canada, Australia, and New Zealand; the wider alliances add several European nations. The relevance for you is simple: a VPN headquartered inside one of these alliances sits under a legal regime that can compel data sharing, which matters more if the company keeps logs in the first place. See jurisdiction.
Geo-blocking and geo-spoofing
Geo-blocking is when a service restricts content based on where you are, which is why a streaming library looks different in Tokyo than it does in Toronto. Geo-spoofing is what a VPN does about it: by routing you through a server in another country, it makes services treat you as if you are sitting there. This is the whole reason a lot of travelers buy a VPN in the first place.
IP address
The numeric label that identifies your device on the internet and roughly reveals your location. When you connect to a VPN, websites see the server’s IP address instead of yours, which is how a VPN masks where you are and who your internet provider is.
Jurisdiction
The country whose laws a VPN company has to follow, usually where it is legally based. It matters because some jurisdictions can force a company to hand over or retain user data. Privacy-focused providers often pick places like Switzerland, Panama, or the British Virgin Islands for exactly this reason. A strong no-logs policy matters more than jurisdiction, but the two work together.
Kill switch
A safety feature that cuts your internet the instant the VPN connection drops, so your real IP address and traffic are never exposed during the gap. If you care about privacy at all, you want this turned on. On flaky hotel WiFi it has saved me from leaking my real location more times than I would like to admit.
Logs and no-logs policy
Logs are records of what you do online. A no-logs policy is a provider’s promise not to keep records that could tie activity back to you. The promise only means something when an independent firm has audited it, so look for providers whose no-logs claims have been checked by an outside auditor rather than just asserted on a homepage.
Multi-hop (Double VPN)
Routing your connection through two VPN servers instead of one, so your traffic is encrypted twice and exits somewhere different from where it entered. It is slower, and most people do not need it, but it adds a layer for anyone with a genuine reason to want extra distance between themselves and their traffic.
Obfuscation (obfuscated servers)
A technique that disguises VPN traffic so it looks like ordinary internet traffic. This is what lets a VPN keep working in places that actively try to detect and block VPNs. If you travel to or live somewhere with heavy network filtering, obfuscation is the feature that decides whether you get online at all.
OpenVPN
A long-established, open-source VPN protocol with a strong security reputation. It is slower than newer options but battle-tested and widely trusted, and it is good at slipping through restrictive networks. Many apps still offer it as the reliable fallback. See protocol.
P2P and torrenting
P2P (peer-to-peer) is the technology behind file sharing, including torrents, where you download from other users rather than a central server. A VPN hides your IP address from the rest of the swarm. Not every provider allows P2P on every server, so if this matters to you, check for dedicated P2P servers.
Port forwarding
A more advanced feature that opens a specific path through the VPN to your device, used mostly to improve torrent speeds or reach a device remotely. Most people never need it, and a shrinking number of providers still offer it, but power users tend to ask.
Protocol
The set of rules that decides how your VPN connection is built and secured. The protocol is the single biggest factor in the speed-versus-compatibility trade-off. The names you will see most are WireGuard, OpenVPN, and IKEv2, plus a few provider-specific variants built on top of them.
RAM-only servers
Servers that run entirely in memory and store nothing on a hard drive, so every reboot wipes them clean. The privacy upside is that there is no long-term data sitting on a disk for anyone to seize or recover. Several major providers have moved their whole networks to this design, and it is a genuine point in their favor.
Server network
The collection of servers a VPN runs, usually described by how many there are and how many countries they cover. More locations means more options for spoofing your location and, often, a nearby server for better speed. Raw server count is the stat providers love to wave around, but coverage in the places you care about matters more than the headline number.
Split tunneling
A feature that lets you choose which apps or sites go through the VPN and which use your normal connection. Handy when you want your banking app to see your real location while your streaming app routes abroad, or when a VPN connection slows down something that does not need protecting.
Tor and Onion over VPN
Tor is a free network that bounces your traffic through several volunteer-run relays for strong anonymity, at the cost of speed. Onion over VPN is a feature some providers offer that routes you into Tor through their servers, combining the two. It is overkill for everyday use and excellent for the rare moments you genuinely need it.
Tunnel
The encrypted connection between your device and the VPN server. Picture a private, sealed channel running through the public internet: your data travels inside it where nobody else can read it. Most VPN features are really just different things you can do with that tunnel.
VPN
A virtual private network. It encrypts your internet traffic and routes it through a server somewhere else, hiding your real IP address and shielding your data from your internet provider, network owners, and anyone snooping on the same WiFi. That is the entire idea; everything in this glossary is a detail of how it is done. If you want the long version, read what is a VPN.
WireGuard
The modern VPN protocol that most providers have adopted as their default. It is fast, has a small and easily audited codebase, and is the reason VPN speeds have improved so much in recent years. When a provider ships its own protocol with a brand name, it is usually WireGuard underneath. See protocol.
Still deciding which VPN to get
Knowing the words is half the battle. For the rest of it, the best VPN lists turn all of this into an actual recommendation, and the reviews dig into how each provider handles the features above in real use.