As can be seen from the name Next Generation Firewall (NGFW), this is the next generation of firewalls that, in addition to the functions of classic firewalls such as packet filtering and the NAT process, can perform further security functions such as deep packet inspection ( DPI), intrusion detection system( IDS) or malware filtering.
The security functions are hardware or software integrated and provide better protection against complex attacks and APT attacks, Advanced Persistent Threat (APT), at the transport and application-oriented layers 4 to 7 of the OSI reference model. As for the enhanced feature set of NGFW firewalls, intrusion prevention system( IPS) capabilities are built into these firewalls. Identity capabilities have been enhanced to include application control for individuals and groups. In addition, NGFW firewalls support Quality of Services( QoS), Intrusion Prevention ( IP), Deep Packet Inspection (DPI), and Secure Socket Layer ( SSL) and Secure Shell( SSH).