The answer seems to be: Whatever the vendor wants it to mean. Many of today’s NGFWs boast that they have Intrusion Prevention System (IPS) functionality – but is it good enough?
Those who market IPS systems obviously don’t think so; see this argument that “a firewall is not an IPS – even if it is Next Generation” on McAfee’s blog:
http://blogs.mcafee.com/enterprise/a-firewall-is-not-an-ips-even-if-it-is-next-generation
Both sides have a vested interest in their positions. What do you think? Is a next gen firewall all you need, or should you have a dedicated IPS as well?