As the firewall market continues to evolve, other security functions such as network intrusion prevention systems (IPS), application control, full stack inspection, and extra firewall intelligence sources have found their way into security appliances. Many vendors refer to these products as next generation firewall (NGFW) or unified threat management (UTM). NSS considers this category to include devices that can, at a minimum, perform firewall and IPS functions together and that can operate in conjunction with a centralized management system (CMS). This also includes Secure Sockets Layer (SSL) virtual private network (VPN) devices, as most vendors have merged this functionality into the firewall.

This methodology describes how NSS will evaluate NGFW products to provide an objective and fair assessment of the technology.