Network Security
Next-Generation Firewall (NGFW)
Also known as: NGFW
Definition
An advanced firewall that combines stateful inspection with application awareness, integrated IPS, user-identity controls, and TLS inspection to enforce richer policies.
Examples
- A Palo Alto NGFW blocking BitTorrent regardless of port using App-ID.
- An NGFW decrypting outbound TLS and quarantining a download flagged by its built-in IPS.
Related terms
Firewall
A network security device or software that monitors and controls inbound and outbound traffic based on a defined ruleset, separating trusted from untrusted networks.
Deep Packet Inspection (DPI)
An inspection technique that examines the full payload of network packets — not just headers — to identify applications, content, and threats.
Intrusion Prevention System (IPS)
An inline security control that detects malicious traffic and actively blocks, resets, or scrubs it in real time.
Web Application Firewall (WAF)
A reverse-proxy filter that inspects HTTP/HTTPS traffic to block web attacks such as SQL injection, XSS, and bot abuse before they reach the application.
Stateful Firewall
A firewall that tracks the state of active connections in a connection table and allows return traffic that matches an established session.
Zero Trust Network
Zero Trust Network — definition coming soon.