I keep my NIC card disabled in the OS (and virus protection disabled) by default.  If I ever need internet connectivity to authorize software or upload / download something, I enable my NIC, ensure I only visit websites I'm confident are safe, then once done, I disable my NIC again. 
 
This has given me the best of both worlds.

Kev999
On my DAW PC, I keep the network card disabled and only ever enable it for brief periods whenever some software needs to be authorised.  There is no antivirus software running.

 
+1
 
That's the best way to do it. You'd be surprised how much high priority I/O time the network stack eats up in the background.
 

karma1959
If I ever need internet connectivity to authorize software or upload / download something, I enable my NIC...

On my DAW PC I never even launch a web-browser unless it is unavoidable.  Downloading, registering, etc. can usually be done  elsewhere.

I recently updated my DAW since the oldest family computer is crapping out and if I'm gonna spend money on a new computer I'm dang sure gonna get me a nice one for music and use my old DAW for family internet/homework/office use.
 
I just spent about 3 hours trying to figure out why I can't get the NIC card running until I realized I had disabled it and the on board audio in BIOS.
 
I'm frankly tired of running back and forth from machine to machine authorizing software. I'm leaving the on board wireless adapter installed, but it, the antivirus and firewall are disabled while in "music mode".

I built a dedicated DAW rig as well, and never put it on-line.
 
My older smaller DAW rig is now the internet/office computer, and I use a USB flash drive to authorize & register stuff.
 
Many like Native Instruments, Izotope, IK, offer an off-line method for this.
 
But the suggestion about only going on-line only if absolutely necessary, then disabling or even unplugging the cable, [Cat 5 in my case], makes sense too. 
 
So far for me, not needed. I have a lot of plugs & programs, and yet I've been able to download, register & activate everything off-line anyways. 

I was getting fed up running from machine to machine in order to effect offline authorizations, so I bought a wireless dongle which plugs into the front USB port of my DAW.
 
It's a HUGE timesaver (as well as being a lot more streamlined & effective) and the chance of picking up something nasty for that brief time is vanishingly small.
 
The routine is:
 

• Enable AV (MSE)
• Plugin dongle
• Authorize software
• Remove dongle
• Disable AV

Couldn't be simpler

The next generation are showing a preference for phone and tablet/iPads for internet access.
 
DAW and plugin companies will need to take note of this trend.
 
But serious companies have, in my experience, always provided a way to register offline. And if not, the choice in plugs is so vast, I have never been stuck for an alternative.
 
As far as Addictive Drums is concerned, it turns out it has a proprietary file format, so we cannot use our sounds anyway. We will stay with Dim Pro for drums.

PS: It's not just viruses.
 
Updates may introduce new bugs, side effects or workflow changes that you really don't want to be surprised by when you have the artist in front of you.
 
For this reason I try everything on a test PC for some time before installing on our mastering PC.
 
 

PPS: When we upgraded from FM7 to FM8, NI changed their registering system using flash. Their program messed up the standard browser flash installation. The fix involved manual registry changes and re-downloading flash.
 
So the lesson I learnt was: DAW/Plug manufacturers are experts at audio software, not online installation and registering.
 
Every program that accesses the internet is has its own unique set of security exposures ready for someone to learn to exploit. And it's not how long you are online, it happens before you know it.

Bristol_Jonesey
I was getting fed up running from machine to machine in order to effect offline authorizations, so I bought a wireless dongle which plugs into the front USB port of my DAW.
 
It's a HUGE timesaver (as well as being a lot more streamlined & effective) and the chance of picking up something nasty for that brief time is vanishingly small.
 
The routine is:
 

• Enable AV (MSE)
• Plugin dongle
• Authorize software
• Remove dongle
• Disable AV

Couldn't be simpler

I used to do exactly the same thing. But after a while and some unscientific testing, I found that just leaving the DAW connected had no meaningful impact on performance or stability, so nowadays I just leave the dongle in place. Windows Security Essentials seems very benign as far as AV software goes.