Latency-Based Performance Settings
By default, the system takes latency-based performance settings from the latest intrusion rule update deployed on your system.
The latency settings that are actually applied depend on the security level of the network analysis policy (NAP) associated with the access control policy. Generally, this is the default NAP policy. However, if custom network analysis rules are configured, and if any of these specify a NAP policy that is more secure than the default NAP policy, then latency settings are based on the most secure NAP policy among the custom rules. If the default NAP policy or any custom rules invoke a custom NAP policy, then the security level used in the evaluation is the system-provided base policy on which each custom NAP policy is based.
The above is true regardless of whether the effective threshold and/or network analysis configurations are inherited or configured directly in the policy.