I have kept network analysis policies in a passive mode ( default mode) but the access control policies has default action of IPS that means if the traffic doesn't match it will pass by the IPS,
I have not enabled a network analysis policies that means a firepower is not configured properly or I can keep passive Network analysis policy and Inline IPS that makes more sense
I shld keep both inline.
A network analysis policy governs how traffic is decoded and preprocessed so that it can be further evaluated, especially for anomalous traffic that might signal an intrusion attempt.
if you put NAP policy in passive, means traffic won't be dropped by any of the pre-processors if it matches with those GIDs. (preprocessors won't affect the traffic).
We should keep both in Inline mode.