====== Next Generation FireWall (NGFW) ======

In the application layer on the [[OSI]] model 

Examines all traffic and then make forwarding decisions based on the applications that are open

For example, you can let people view twitter but not post to twitter

Often part of an [[IPS]], intrustion prevention systems, or may be the IPS itself. 

Allows for content filtering, control website traffic by category, e.g., block all gambling sites, or do a catchall filter for a website