Ever since we moved to the new NGFWs, the way our ACPs are setup and ordered, outside scans show ports open because of the way FTD processes rules. Due to it processing a layer 7 rule, it passes the traffic to SNORT for evaluation and therefore it l...