EANTC AG NetSecOPEN This document provides benchmarking terminology and methodology for next-generation network security devices including next-generation firewalls (NGFW) and next-generation intrusion prevention systems (NGIPS). The main areas covered in this document are test terminology, test configuration parameters, and benchmarking methodology for NGFW and NGIPS. (It is assumed that readers have a working knowledge of these devices and the security functionality they contain.) This document aims to improve the applicability, reproducibility, and transparency of benchmarks and to align the test methodology with today's increasingly complex layer 7 security- centric network application use cases. As a result, this document makes RFC3511 obsolete.