Tunnel endpoints must be authenticated before secure VPN tunnels can be established. User-created remote-access VPNs may use passwords, biometrics, two-factor authentication or other cryptographic methods. Network-to-network tunnels often use passwords or digital certificates. They permanently store the key to allow the tunnel to establish automatically, without intervention from the administrator.
Websites using Google Analytics and various advertising networks can very well track and identify visitors based on a variety of different inputs with their browser (see browser fingerprinting). Therefore it’s best to use a VPN in conjunction with a secure browser configured for more privacy. See my guides: secure browser (an overview of different browsers) and also Firefox privacy, which deals with privacy configurations, tweaks, and add-ons.
Virtual LAN (VLAN) is a Layer 2 technique that allow for the coexistence of multiple local area network (LAN) broadcast domains, interconnected via trunks using the IEEE 802.1Q trunking protocol. Other trunking protocols have been used but have become obsolete, including Inter-Switch Link (ISL), IEEE 802.10 (originally a security protocol but a subset was introduced for trunking), and ATM LAN Emulation (LANE).

A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network.[1]

They even offer the most generous simultaneous connection count, with six simultaneous connections through their network, where everyone else offers five or fewer. NordVPN's network isn't as large as some of their competitors, so if you're trying to obfuscate your tracks, you might want a company with more servers. Otherwise, this company is clearly providing a winning offering.