Duplicate SAM rules exist in the SAM database on the Security Gateway. Therefore, clicking on the "Remove" button removes only one rule instance.
Note: By the current design, since the Enforced Suspicious Activity Rules window provides a display of the currently enforced rules, if the system administrator adds a rule that is shadowed by another rule, the shadowed rule remains hidden. For example, if a rule was defined for dropping all HTTP traffic and an additional rule is defined for rejecting HTTP traffic, then only the drop rule, which is the dominant rule, will be displayed.