We have a separate intrusion policy for ingress trafffic from the internet to our DMZ servers. When I run Firepower Recommendation on this policy, it suggests changing dozens of old browser vulnerability snort rules from Disabled to Generate Event and Drop. I'm trying to figure out why it thinks these are needed. Can anyone shed some light on this?