"A class of firewalls designed to filter network and Internet
traffic based upon the applications or traffic types using specific
ports. The application-specific granular security policies provided
by Next Generation Firewalls help them detect application-specific
attacks, giving them the potential to catch more malicious activity
than more traditional firewalls.
"Next Generation Firewalls (NGFWs) blend the features of a
standard firewall with quality of service (QoS) functionalities in
order to provide smarter and deeper inspection. In many ways a Next
Generation Firewall combines the capabilities of first-generation
network firewalls and network intrusion prevention systems (IPS),
while also offering additional features such as SSL and SSH
inspection, reputation-based malware filtering and Active Directory
"Manufacturers of enterprise-grade and commercial-grade NGFWs
include Barracuda Networks (Barracuda NG Firewall series), Juniper
Networks (AppSecure Suite), Palo Alto Networks and WatchGuard."