A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS).
Security information and event management (SIEM)
Security information and event management (SIEM) is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. The underlying principles of every SIEM system is to aggregate relevant data from multiple sources, identify deviations from the norm and take appropriate action.
Endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).
We would like to point out that the tools you use for pen-testing can be classified into two kinds – In simple words, they are scanners and attackers. This is because; by definition, pen-testing is exploiting the weak spots. So there are some software/tools that will show you the weak spots, & some that show, and attack. Literally speaking, the ‘show-ers’ are not pen-testing tools but they are inevitable for its success.