A Next Generation Firewall is a system aimed at providing network level controls to application data. Since all traffic is going through 80 we need deeper insight into that traffic than a traditional packet filter provides. An NGFW allows control at the application layer, providing the means to block applications as well as profile the applications that are in use on that network. This talk will demonstrate the newest addition to Snort – the open source intrusion detection system. The new addition, OpenAppID, releases application detection as an open source project for the entire community to use. I will show how to get it up and running, what kind of application data we can collect, and how to write simple Snort rules to block unwanted applications.