In version 5.4.x the latency preprocessors' settings were moved to the advanced settings of the AC policy along with the other "global" preprocessors. In version 5.4.0 there is no option to disable these preprocessors. When you upgrade to 5.4.0 from 5.3.x it will take the settings from the intrusion policy of the default action for the preprocessors that have moved to the advanced settings of the AC policy. For any AC policies that have either the latency rule or latency packet handling preprocessors disabled, these will be force enabled and the thresholds will be set very high.
For example example if the latency packet handling preprocessor was disabled in 5.3.x and you upgrade to 5.4.0, the preprocessor will now be enabled and the threshold will be set to 2000000. Having the threshold set to 2000000 is essentially the same as having it disabled but not exactly. This may also cause confusion since there is no indication as to why this happens.
In version 5.4.1 the option to disable these preprocessors was added but it will not automatically revert the changes from the 5.4.0 upgrade; so once the DC is upgraded to 5.4.0 the preprocessors will be enabled until you manually go into the policy and disable them (after updating the DC to a newer version of 5.4.x). As long as the AC policy is not applied before updating to 5.4.1 or higher and disabling these preprocessors then this will not impact the policy that is applied to sensors.
