R80.x management separates IPS from Geo policy and Inspection Settings and they can be enforced even when IPS blade is off.
R80.10 gateways and above will not have this issue.
This problem was fixed. The fix is included in:
Check Point recommends to always upgrade to the most recent version (IPS).
If you do not wish to upgrade, then a workaround is available.
1. Open SmartConsole
2. Go to SECURITY POLICIES -> Shared policies -> Geo Policy-> Policy
3. Create new Geo policy named No_Geo_Protection
4. Go to Gateways view under Geo Policy and assign the newly created policy to all relevant gateways
5. Go to SECURITY POLICIES -> Shared policies -> Inspection Settings -> Profiles
6. Create new profile named No_Inspection_Setting_Protection
7. Go to Gateways view in the Inspection Settings window and assign the newly created profile to all relevant gateways
8. Publish & install the policy on the modified gateways.
For Solution on the Security Gateway: sk121152 - "ips stat" command shows IPS blade is enabled on R76SP.XX / R7X Security Gateway managed by R80.X Management Server, although IPS blade is disabled in the Security Gateway object
Note: there is no need for both solutions
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.