The invention discloses a network intrusion protection system, which comprises a network engine module for obtaining external data exchange through a multi-core hardware platform, carrying out behavior analysis, association analysis, protocol anomaly detection, flow anomaly detection, intelligent protocol identification and deep protocol analysis on the obtained data, and constructing a file feature library, a website reputation library and an attack feature library; a management module, used for carrying out user management, configuration management, strategy management, time management, logmanagement and system monitoring on the data and the user state analyzed by the network engine module, generating related management files and configuring related management information; and a security response module, used for starting a corresponding processing instruction after the network engine module detects network intrusion. Intrusion protection, data leakage protection, advanced threat protection, botnet discovery, virus protection and flow control of a computer network can be completed, potential safety hazards of all levels can be automatically coped with, and the deep attack defense capability can be provided for users.