Blowing past all the comments and heading straight to the bottom...  ha.--------------
Built my own machine largely based on specs from a Cakewalk approved vendor... only a bit faster.  Running Win7 64bit.
No connection to internet.....and I LOVE IT.  Machine boots up in a heartbeat and is stable as can be.  xfers via me stick. No virus software to step in and slow processes....  Also, somewhere long ago I posted a whole slew of things that you can do to streamline the Windows system (eliminating CAC readers, core parking etc.).... much faster.
So, yeah... applies to a desktop running Windows, I know.... But life so far is good.

I have what could be regarded as a fairly old machine now (good specs through) and it runs fine.
Internet is always on via LAN cable.
I have antivirus plus malwarebytes running.
I manually run updates everywhere once a month (win update, drivers, bios, chipset etc). Nothing is scheduled automatically except the antivirus updates.
Modem is firewalled and so is the PC.
I have optimized the OS so only essential services, processes and tasks run.
I only install DAW related software.
I have a backup strategy with Acronis.
I've only run into a few issues which weren't too hard to resolve.
Recording experience is fine.

Ta

Acronis is a wise choice.

Connected 24/7. Rarely turn my computer off except for restarts. Browse anywhere, all the time. Record from this computer as well with, currently, Sonar X3e. Occasionally, FL Studio. Using AVG Free at present as my AV. When I get paranoid I scan with Malwarebytes as well as AVG. Sometimes I use Norton with a deep scan. Have had malware a few times but that's the business I'm in (technical website). All my important data is on a separate drive. I also backup very important stuff (not as regularly as I should). If I get real crazy and paranoid I format my main drive and reinstall everything. A headache as I get older. Used to format at the drop of a hat and reinstall.

Sit behind a NAT firewall/router and all should be well.
 
By default, any incoming connections are refused which means that nasties can only get onto your computer by virtue of dodgy outgoing connections that you make as a user.  This means don't follow suspicious links, disable browser pop-ups, don't click on any links in suspicious emails etc.
 
Run some AV software (I use M$ Security Essentials which is pretty good) and keep its definition files up to date.  Perform regular full system scans.
 
Note that connections are only established for as long as it takes to download the information (for example, a web page).  Unless you're streaming something or downloading a web page, there will be no outgoing connections from your computer to the internet even if you 'are connected'.  Some pages may download and run scripts which e.g. perform refreshes of the page, but I generally disable javascript and the like on the grounds that it's a massive security hole.
 

I am an IT technician (business owner) by trade and have been for about 20 years.  I see all manner of viruses every week, some more obnoxious than others.  I've tried to infect machines and can't manage to get them as messed up as some folks can do.  Not even sure what they do to get them that bad.
 
Security Essentials/Windows Defender on Win8 is fine for someone who is savvy and careful, but it IS baseline protection.  The av-comparatives.org site IS quite useful at showing what the protection levels are.  MSE comes in at around 80% protection.  We generally recommend ESET NOD since it has a good catch rating, has a pretty low footprint, and has a good server based console for monitoring our business office clients.
 
Having a virtual machine is a good idea for web surfing.  I don't do it personally, but if you have the extra hardware to handle a virtual machine, it definitely keeps your web browsing in a walled garden-like atmosphere.
 
Because I spend most of my time on my home machine doing all sorts of things and a relatively small amount on actually using it as a DAW, it's connected all the time.  I use it for web development, which by nature of the things I have to work on requires it to be always connected.  I don't have the extra funds to have a dedicated system nor do I have the overhead on the system to have a VM for web browsing/email/etc.
 
I just consider myself quite fortunate that I've only ever had one infection - gotten by searching for a recipe for baked shrimp scampi! 
 
Bottom line: shellfish are more dangerous than Microsoft.
 
Hope this helps.

Just one thing. If you really want to go down the virtual machine route for surfing (tad excessive for me) make sure the service is turned off when using Sonar. And if you are using a virus scanner plus Malwarebytes (if you aren't using a virus scanner you are potty in my opinion whether you have internet or not sorry to be blunt) either of them will need to be perfectly configured to ignore certain folder paths or processes (google it)./ta

Blades

Because I spend most of my time on my home machine doing all sorts of things and a relatively small amount on actually using it as a DAW, it's connected all the time.  I use it for web development, which by nature of the things I have to work on requires it to be always connected.  I don't have the extra funds to have a dedicated system nor do I have the overhead on the system to have a VM for web browsing/email/etc.
 

I have a similar scenario, you don't need a separate PC. I multiboot into various OS's for DAW, development, Linux etc (no VM just via bootloader). I wouldn't dream of installing visual studio alongside sonar for instance.

Anderton
I see some people here are very nervous about connecting to the internet due to the nasty stuff floating around, and others who aren't concerned at all. I'm going to describe what I do, and those who really know their stuff can tell me whether I'm doing anything wrong, if there are other steps I should be taking, etc. Ideally, this thread will become "The Complete Guide to How to Keep Your Music Computer Virus-Free Yet Still Use the Net When Needed."
 
1. My computer usually isn't connected. I connect only when I need something, and go to sites I trust like Cakewalk - I don't surf around.
2. I have Microsoft Security Essentials installed, so I figure that will catch anything excessively weird.
3. If I get any kind of notification, e.g. an update to Adobe Flash is available, I never click on it. Instead I go to the Adobe site and download the update from there.
4. I don't download anything unless it's something I've sought out to download, and only from company sites I trust (e.g., driver update from the TASCAM site, Windows update, new trial version plug-in from Universal Audio, etc.).
5. I have an older Mac running Snow Leopard that I use for general-purpose surfing and downloading. It's Intel, though, so probably not as safe as PPC (although it seems most browsers are incompatible with it anyway).
 
 
 

Oh C'mon Craig man.
You know the title of this thread should really be:
 
Hey guys! We're thinking of making Sonar subscriptionware! What do you think? Are you connected at your DAW?
 
-- If Sonar goes subscriptionware many including me will be off to elsewhere and you will wish you all hadn't.
 
I don't believe for a second that you need to be educated.
 
That said: Thanks for Electronic Projects for Musicians.
 
:Ron
 
 
 
 
 
 
 

I can understand withholding from updating your pc although you don't have to be disconnected from the net to do so. As for the rest, I guess it depends on what you are prepared to click on. As I said, never had a problem, never put myself in a position to have one, though I gotta say a viral shrimp recipe is sheer bad luck. What was the recipe like?