NordVPN is a popular VPN provider. The company releases new features for its VPN clients regularly, and one of the latest features that it introduced is Threat Protection.
Threat Protection is a beta feature right now. The client may notify customers of the feature, but it is turned off by default. A click on the Shield icon in the Nord VPN client displays the available options.
Threat Protection blocks "ads, trackers, malicious websites and files" according to NordVPN; this is a core difference to the previously supported CyberSec feature of the NordVPN client, which blocked ads and malicious websites only using DNS filtering.
The CyberSec preference is no longer available under General in the Settings, and some customers may wonder whether it has been removed completely in favor of Threat Protection.
It appears, that NordVPN moved the feature to the Threat Protection preferences page. There, users find two options that they may enable. The full Threat Protection feature, or a Lite version; the description of the Lite version sounds similar to what CyberSec offered.
The full Threat Protection feature goes beyond the blocking of resources on the DNS level. It blocks ads and tracking on the web, but also malicious websites and files:
Block malware-ridden websites -- browse without a fear of accidentally catching malware.
Avoid malicious ads -- elevated your browsing experience and enjoy a cleaner web.
Stop web tracking -- experience a whole next level of privacy.
Protect your device from infected files -- get rid of malicious files before they do damage.
According to NordVPN's description on its website, Threat Protection protects a user's browsers even without active VPN connections. NordVPN achieves this by installing certificates in the browsers. The current version supports Chrome, Safari, Edge and Firefox. For Firefox, it is necessary to restart the browser before it can be used after the certificate has been installed.
The installation of certificates gives NordVPN a high level of control of the supported browsers and activity.
Threat Protection will scan executable files that do get downloaded automatically. These may be uploaded to the cloud for checking, but only if they have a size of 20 Megabytes or less.
Threat Protection is a beta feature at the time of writing. NordVPN needs to provide additional information on the inner workings of the feature, as the two setup pages in the client and the informational page on the NordVPN website lack details, for instance, whether it is using its own scanning capabilities for uploaded files or using third-party services.
The client does not explain how Threat Protection is installed, only what it does once it is enabled. Installing certificates in browsers gives NordVPN a lot of control over data in the browser, and users should at least be aware of this before they hit the turn on button in the interface.
Most NordVPN customers may want to stick with the lite mode feature, or keep everything disabled in the client and use other solutions, e.g., content blockers such as uBlock Origin and antivirus solutions, to keep their devices secure.
Now You: Would you use Threat Protection on your devices?