Networks often require a significant effort to be protected against viruses and other malicious code. Many networks also require a wide range of different antivirus products to ensure full protection of all servers and clients. A full range of protection is expensive, both when it comes to purchase and maintenance. It could also, if not configured and maintained properly, be open to attacks. Standard solutions are still no guarantee that every potential security risk is covered, and virus infections and outbreaks may still occur. If one or more networked computers are not updated correctly or someone plugs an unprotected laptop into the office network, the entire network can be exposed to a virus outbreak. What are the challenges?  Mobile computing and advanced communication technology challenge the fortress style of network defense with a secure single point of entry and a perimeter-defense based on huge walls to make access impossible. The secure single point of entry can no longer be classified as secure because any port and any protocol can be used to inject malware into the network, and tunnelling of network traffic circumvents firewall technology.  In addition HTTP is now the universal transport protocol and HTTP traffic flows freely through the main gate.  A firewall provides some protection against malicious code, but does not distinguish between different types of data content. It is more concerned about point of origin and direct access to services within the network. The new threat picture Back in the old days of computer networks the threats were from external source. Today the threats are coming from both from the inside and the outside. Most likely a computer is infected with malware when used on a visiting network or when downloading malware inadvertently or intentionally. Twenty percent of enterprises endpoint is unsecured Malware is a generic term for software, which damages your system in one way or another. An antivirus application is an important component in a defense strategy. Unfortunately the advancement in malware technology and the nearly impossible task to keep the computer population free from malware require a new security model. According to Gartner Group 20% of the endpoints in a large network are not managed, and of the rest a high number has not been maintained properly. The question is not if your network will be infected, but when. The price you have to pay is downtime and expensive rescue operations at best. Today’s LAN protection methods have some disadvantages A company’s network can be protected in a number of ways. For example: Proxy server – any data-stream entering the LAN is intercepted and scanned before it is passed on to the destination machine  Firewall – access to certain network addresses and/or services is restricted according to tables of rules configured in the firewall. The main disadvantage when using a proxy server for scanning incoming streams is that it needs to gather the entire stream before it is scanned. The data is not passed on to the recipient until the entire stream has been scanned and declared virus free, and this may cause delays. Proxy Norman Network Protection Traditional proxy solutions have several drawbacks, but the latency effect is the most important one. The latency effect means that the proxy holds back the entire data stream until it has received all the data and analyzed it in its entirety. NNP avoids this problem since it does not hold back more data than necessary. It takes a few packets from the stream and reassembles them locally as a file. When the scanner receives the requested amount of data, the packets are duplicated in NNP and the originals are passed on. The stream is scanned as it passes through the system, and as soon as something malicious is found, it is stopped. Proxy servers require quite a bit of configuration on both servers and clients. The proxy solution also needs maintenance when running in the network. NNP is transparent to the network operation and requires no network adaptation and very little maintenance to keep running. Since NNP works on the packet level, the system has full control over the network flow.