A Next-Generation Firewall (NGFW) is limited to stateful packet inspection and does not provide application-level inspection or intrusion prevention system capabilities.
The statement is incorrect because Next-Generation Firewalls, or NGFWs, are specifically designed to offer more than just stateful packet inspection. In addition to traditional firewall capabilities, NGFWs include advanced features such as application-level inspection, intrusion prevention systems (IPS), and sometimes even threat intelligence. These additional layers of security allow NGFWs to effectively identify, control, and block sophisticated cyber threats by inspecting the traffic for specific applications and taking proactive measures to prevent attacks.