Prerequisites for Network Analysis and Intrusion Policies
To allow the Snort inspection engine to process traffic for intrusion and malware analysis, you must have the IPS license enabled for the Threat Defense device.
You must be an Admin user to manage network analysis, intrusion policies, and perform migration tasks.