Next-Generation Firewall (NGFW) functions such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS), Antivirus buit-in-option, sandbox etc etc, if we will talk about the application layer or transport layer where data is encrypted, and then how will the (NGFW) will inspect the data , what is it in packet , because everything is encrypted, even firewall will not know the packet is related to video or audio or else, so how will (NGFW) will know and detect suspicious data or malware,
(SSL Or TLS done on transport layer where only host to host encryption and decryption accruning )
How it does ???