1 of 1 people found this helpful
I just wanted to let you know that I understand your confusion here. Those two are actually different types of GTI. To understand why those two options are different, let me give you a little background:
The option for "Perform GTI filtering on inbound mail" was the first type of GTI (known as TrustedSource back then) that the Firewall Enterprise supported. As you can see, it is very limited as you can only scan inbound mail (Sendmail specifically) and there are not many options to adjust (threshold is the only one).
This featire works great, but after some time we came up with the "new" GTI on the Firewall Enterprise that supported pretty much any proxy or server traffic. This is the GTI that is configured in the rule, and this is the GTI that shows up in the dashboard. As you can tell, there are options for whitelisting, changing the audit level, etc.
In summary, I think the idea is that we will eventually move away from the "Perform GTI filtering on inbound mail" configuration option, but it is still in there for legacy configuration.
Hope this helps.