Give us a way to bypass the IPS based on source and/or destination. We have clients who pay for vulnerability scanning, pen-testing, web app auditing, etc. and currently there is no way to bypass the IPS if the rules are numerous without duplicating each rule where the first rule has the IPS turned off.
AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented
Can't you just create one rule with IPS turned off for the sources and/or destinations you want to exclude? Why do you need to duplicate every FW rule?