We have a situation where R80.10 Mgmt/GW we have created multiple Threat Prevention (TP) rules, each rule with different blade (Profile) enable,
Rule 1- IPS
Rule 2 - AV
Rule 3 - Threat Prevention
Isn't Check Point supposed to go through each and every rule and execute all blades?
What we see it just hits the first rule (IPS) blade and other rules has no hits, for example TP has no hits or files uploaded to CP cloud for analysis, same with AV
If I edit the first rule and configure it enable all the blades it works.
Is this normal behavior?