Is it overkill to have threat detection scanning on an ASA 5516 with Firepower services? Can I get the same and better protection from Firepower only?
The reason for my question is that I get several tickets a day to un-shun VPN users. It's not always the same users, but there are a handful that are frequent callers. I can never catch when they get shunned and there seems to be no common trait. And rather than white-list the VPN IP Pool, I'd like to know if I lose some security if I disable threat detection on the ASA?