Cisco Firepower Threat Defense (FTD) is the industry-first threat-centric Next-Generation Firewall (NGFW). What makes it different from basic stateful and legacy NGFW products? While other security products pivot around permitting or denying connections based on a relatively static access policy, a threat-centric solution is built to also continuously inspect the permitted traffic for such malicious activities as intrusion attempts and malware infiltration. FTD still delivers nearly 100% efficacy on blocking malicious flows with the main access policy, and it guards the network against threats in the otherwise permitted traffic toward users and application – which is what most attackers target.
You can watch this video also at the source.