Do you connect to VPN before you access your office network? Is it one of those mundane mindless tasks that you do ( But don't know why)? What if I tell you that there are a lot of interesting things which happen when you connect to VPN via your home computer.
The goal of this post is to explain VPN in the simplest way possible.
Let me start with a simple idea shown in below cartoon. Let's say Alex wants to secretly drive from A to B location. You must be thinking what do I mean by secretly? Is the source location secret or the destination secret or the person (Alex) secret? Let's take the last case i.e. everyone knows that someone is travelling from A to B but have no clue it is Alex!
With the intent to keep Alex identity secret, travelling in a black-windowed car is a solution to escape onlookers. Thus, Alex gets his car windows tinted black and achieves the goal of privacy! Simple, right?
With the above picture in mind, let's step into the technical world. Replace Alex in the above cartoon with a data packet on the internet as shown in below figure.
The green region is the whole internet. The onlookers are other points on the internet which can read the content of your transmitted package. The goal to be met is simple: Do NOT show onlookers internet packet content. What VPN provides is the opaque casing for your internet package (just like the black-windowed car for Alex) to meet this goal. This opaque casing is in the form of encoding data so that only a computer with the right decoder will be able to read and use it. To explain this in detail, let me go through what happens at the backend when you connect to VPN to access your office network.
As shown in the above figure, as soon as you connect to office VPN, your internet traffic starts getting encrypted and is sent to X server which lies in a private network configured by your corporation. What is a private network is a story in itself. For now, it can be considered a haven where there are no government/cybercriminals / Internet Providers sniffing your data.
Once the packet reaches X, it is filtered, monitored and decapsulated before it reaches the desired destination i.e. an office resource within this haven. Since there are no onlookers in this haven[Orange Region], data can freely move (without the need of encryption) in it. The flow is repeated in the opposite direction when traffic is sent from office resources to your home computer. In this scenario, X encrypts the data, sends it to your home computer where it is decrypted. Only your home computer and X server knows how to decrypt the data hence, keeping the corporation's data secure! In other words, your home computer has become a member of this haven. The extension of haven (Private Network) via internet (i.e. virtually) gives the name as Virtual Private Network.
The process of encrypting the data packet is called Tunneling in technical term. There are various encryption algorithms about which you can read here. To be honest, the story about the VPN does not finish here. In fact, it barely starts. For instance, a VPN is used not only to hide the content of the data packet but also to misinform onlookers about the source/destination location. Clever, right? Let me leave you with this food for thought on how it would be happening (Think about it/ Discuss in Comments below before googling it, Readers!).