This paper proposes that any Signature Based Passive Network Intrusion Detection (NID) deployment is incomplete without an 'In-line' 'Packet Level Normaliser' [1]. A number of published papers will be selectively reviewed, assessing their contribution to the development of this field. Focusing on...