Hi,
I'm trying to activate Anti-Bot and Anti-Virus in Detect Only.
We already have IPS activated with Medium-/High-Confidance in Prevent Mode. To check what Traffic (AB/AV) would be prevented if activated in the same Policy, we've created a second Policy where only AB/AV are activ and all Confidance Levels set to Detect.
Sadly this does not work, as Threat Prevention only seems to use the first Policy or whichever Policy is highest. If the Policies are switched, then AV/AB works but IPS does'nt.
To summarize: Top Policy with IPS activated, Second/Bottom with AV/AB only. See Screenshot attached.
Thanks!