I have a security policy - from-zone Internet to-zone Internal application idp
Does it make sense to also have a policy - from-zone Internal to-zone Internet?
I am afraid there is right or wrong answer to this question. It is the general practice to have IDP inspect traffic coming from untrusted sources since the chances of malicious traffic in that direction is more. Having said that you can apply IDP in other directions as well, but do keep in mind that IDP is a CPU intensive process. More traffic you parse through IDP more CPU it will consume. So base your decision on the amount of traffic you have and amount of detection you want and hardware you are running.
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too .....