The Independent’s journalism is supported by our readers. When you purchase through links on our site, we may earn commission. Why trust us?
Once upon a time, all a Virtual Private Network (VPN) did was hide your IP address. Now, with the number of cyberthreats and data breaches escalating, providers are building services that are more than just privacy tools. NordVPN’s Threat Protection feature goes beyond its core VPN offering and helps tackle malware, web trackers and intrusive ads.
Traditionally, while the best VPNs have been effective in guarding your online privacy and bypassing geographic restrictions, some have lacked comprehensive protective measures against more varied online threats. NordVPN Threat Protection intends to bridge the gap between a conventional VPN and antivirus software, ensuring that its users enjoy a safe browsing experience without needing to purchase additional protective software.
In this article, we examine the NordVPN Threat Protection feature, evaluate its impact on central processing unit (CPU) performance and provide insights into user experiences to highlight its effectiveness in enhancing online security.
Threat Protection is a security tool by NordVPN that extends the typical VPN functionalities to include features associated with antivirus software, thus enhancing online security and privacy. Developed by Nord Security, Threat Protection employs its own malware protection solution, eliminating third-party applications on users’ devices. It doesn’t collect identifiable personal data, but it does collect anonymised data to improve its performance, provided users give consent.
This robust feature is available on the NordVPN Windows and macOS applications and provides comprehensive protection to improve your digital experience. It forms an integral part of a NordVPN subscription or can be used as a standalone service on specified platforms (without requiring a VPN connection).
In addition, NordVPN offers Threat Protection Lite, a scaled-down version available on Windows, macOS, Android, iOS, Linux, Chrome, Firefox and Edge. It blocks malicious websites and intrusive ads and requires a VPN connection.
NordVPN Threat Protection offers critical advantages for online safety and privacy by:
The complete process ensures that all sensitive data remains within the user’s device, providing an additional layer of security. In addition, NordVPN Threat Protection features a URL trimming capability, which enhances browsing security.
Bundled with a top-rated VPN service, it also includes a seven-day free trial. With a 30-day money-back guarantee, users have ample opportunity to test the efficacy of the service, confirming its utility and performance in protecting against cyberthreats.
NordVPN has divided Threat Protection into “Web protection” and “File protection.” You can switch Threat Protection Lite on and off or pause the full version of Threat Protection for custom intervals, such as five minutes, 30 minutes or two hours. This functionality provides you with increased control over your online security.
Let’s look at how you can make the most of the innovative security-centred features.
NordVPN’s Threat Protection provides robust defence even when your device isn’t connected to a VPN server. Available for Windows and macOS, this feature is divided into two components:
Here’s how to activate and tailor these features to your needs:
When connected to a NordVPN server, Threat Protection Lite shields you from intrusive ads and harmful websites. Follow these easy steps to enable it:
The CPU is the brain of a device, responsible for executing a computer program’s instructions. A VPN such as NordVPN requires some CPU power to operate.
CPU usage signifies the total processing power being consumed to process data and run applications on a computer, server or network device at any given moment. This measurement is crucial for troubleshooting performance or speed issues.
On a Windows device, you can track CPU usage using the Task Manager, which provides insights into the CPU usage of different applications. For more comprehensive insights into CPU, memory and disk space usage, you can use the resource monitor option within the Task Manager.
On Linux systems, CPU usage is commonly tracked using the “top” command or its advanced version, “htop,” along with other commands such as “mpstat,” “sar” and “vmstat.” These tools provide detailed insights into system performance, including CPU utilisation.
High CPU usage can be caused by multiple background processes, malware or viruses, outdated drivers and software or data encryption in devices that don’t support hardware-based encryption. Regularly monitoring CPU usage is essential for maintaining consistent performance and preventing system failures. Advanced CPU monitoring software can offer a comprehensive view of performance metrics, enabling proactive management of system resources.
When you connect to a VPN server, your device’s data is encrypted and decrypted in real time. This process can increase CPU usage, depending on the encryption’s strength and your CPU’s speed. Typically, this increase is negligible and goes unnoticed by the user.
However, NordVPN’s Threat Protection feature, while excellent for enhancing online safety, has drawn attention due to concerns about high CPU usage. Our researchers found that some users experience spikes in CPU usage tied to the “nordsec threat protection” process, with some users reaching 100 per cent CPU usage.
The high CPU usage could result in a slower system and may cause issues such as unresponsiveness, sluggish content menus and reduced internet connection quality. We found user reports of such experiences, comparing it to operating an old laptop despite using a high-performance PC.
Several users pointed out that the Threat Protection service was the culprit, with CPU usage falling back to normal after disabling the service. This high CPU usage issue seems to occur sporadically and is not tied to any particular system specifications, as even devices with powerful processors, such as the Intel Core i9 11900K, experienced this issue.
In the NordVPN 7.5 release, Threat Protection was divided into two individual features: Web protection and File protection. This update was designed to improve user experience and make it possible to have the two options switched on and off individually and independently, reducing the impact on CPU performance. Also, NordVPN 7.5 reportedly solved the problem that was causing excessive CPU usage and network issues.
In early 2023, there were high CPU usage issues associated with the Threat Protection feature on Windows. These CPU usage spikes exceeded 80 per cent and were potentially caused by an update from the Chrome browser that conflicted with the Threat Protection feature.
Tests carried out by our researchers indicate the problem has been fixed, and the CPU usage associated with NordVPN Threat Protection is now below 1 per cent.
Balancing robust cybersecurity measures with smooth system performance is crucial. If you’ve been experiencing high CPU usage due to NordVPN’s Threat Protection, follow the steps below:
NordVPN’s Threat Protection offers an advanced security solution that blocks ads and malicious websites, fends off tracking attempts and protects your system from malware. Let’s assess its effectiveness based on its features, performance and user feedback.
NordVPN’s Threat Protection excels in offering comprehensive cybersecurity features. It operates on Windows and macOS to prevent threats even without a VPN connection. It actively blocks intrusive ads and trackers, providing a seamless and private browsing experience. Additionally, it scans downloaded files for malware, removing any harmful content before it damages your device.
The service also comes with the Threat Protection Lite version, designed to work when connected to a VPN and available on a wider range of platforms, including mobile devices and browsers.
Threat Protection performs exceptionally well in its primary function: preventing cyberthreats. However, some users reported increased CPU usage when utilising the feature. To address the issue, NordVPN introduced Threat Protection Lite, providing a light yet secure alternative that addresses the performance issues.
NordVPN Threat Protection user reviews reflect a mixed bag of experiences. Many laud the service, praising advanced features such as File protection and Web protection. They see these tools as a comprehensive solution to online security, making other ad-blocking tools unnecessary.
“Had a problem with threat protection, contacted customer support, immediately got on live chat with a representative (Del), explained my issue, received a solution to the problem, followed the instructions, solved the problem! Great service, thank you!”
“I feel safer having Nord VPN after discussing it with my IT friends. Sometimes websites take longer to download so I will pause Nord for five minutes to move things along. I also have ESET as added protection so the two programs may be getting in each other’s way for a bit but it’s not a big deal. I use Threat Protection Lite mode. I was having an issue of logging in and then after doing so another login window would pop up. I logged in on Nord’s website and notice a Complete Setup option. When I executed that my login problem went away.”
“I think NordVPN is the best service available today. It includes innovative features like File Protection and Web Protection, so say goodbye to adblockers.”
However, some users express dissatisfaction with the service. Issues range from high CPU usage resulting in system lag to concerns about the efficacy of the malware protection feature.
“Real-time protection makes your PC a laggy oversized table but eating as much CPU as it can”
NordVPN has extended its services beyond those of a traditional VPN with the launch of its new Threat Protection feature. This tool is designed to protect users from malware, web trackers and intrusive ads, bridging the gap between VPNs and antivirus software. It’s available as part of a NordVPN subscription or as a standalone service.
NordVPN Threat Protection blocks malicious websites, scans downloads for malware, prevents user tracking and blocks malicious ads. Although some users experienced high CPU usage when using this feature, NordVPN addressed the issue, and CPU usage now remains below 1 per cent.
Most users find the extra security layer provided by Threat Protection highly valuable despite the CPU usage concerns. They appreciate NordVPN’s efforts in resolving these issues, whether through software updates or the introduction of the Lite version.
NordVPN Threat Protection operates by blocking dangerous websites, intrusive ads and malicious threats, ensuring safer browsing. It uses advanced filters and security measures to provide real-time protection from online threats.
NordVPN Threat Protection may slightly increase CPU usage because it continuously scans and blocks threats. However, this impact is typically minimal and should not significantly affect performance on most devices. During tests, our researchers established CPU usage of less than 1 per cent associated with NordVPN Threat Protection.
High CPU usage while using NordVPN Threat Protection might occur due to intensive web activity or background processes. Increased usage occurs as the feature continuously filters out online threats and malicious websites.
Yes, you can disable NordVPN Threat Protection to potentially reduce CPU usage. However, turning it off could leave your device vulnerable, so it’s generally not recommended unless necessary.
Yes, NordVPN Threat Protection is effective at protecting against online threats. It uses advanced technologies to identify and block threats, providing real-time protection to secure your online activity.
