Next generation intrusion prevention systems (NGIPS) must provide organizations with the ability to identify both the applications and the users on their internal networks. As with their predecessors, NGIPS must protect the enterprise user against threats. Designed to identify and block attacks against internal computing assets, a good NGIPS can provide temporary protection and relief from the immediate need to patch affected systems. The NGIPS must catch sophisticated attacks while producing as few false positives as possible.