SSH tunneling is jus like secure vpn in which you can tunneling your application traffic through ssh protocol. From network security point of view, firewall admin can only see ssh tunneling running on port 22 in traditional firewall (port based control). Using NGFW, we can decrypt ssh protocol, and once ssh tunneling detected, we can block it right away.