Stateful, Layer 4 firewalls still have plenty of game left, but our readers know that application-aware network security is essential in a world where people both work and play on Facebook. In 2012, we reported that next-generation firewalls had finally hit the mainstream. Palo Alto Networks, which blazed the trail here, took a bow by rolling out an initial public offering on Wall Street. And so we're in a brave new world where next-generation firewalls are a magic bullet, right? Well, not quite. There's still plenty of work to be done. Plus, some familiar problems are cropping up. After all, who's going to manage all these application-specific firewall rules? Do we really need a rule on the firewall that blocks Friendster? Come on.