Which feature is NOT available in Partial Enforcement mode?

In Partial Enforcement mode, the primary focus is on monitoring and controlling devices with limited enforcement capabilities compared to full enforcement. The feature that is not available in this mode is threat protection, as it typically requires more stringent measures to ensure full control and mitigate threats effectively.

Threat protection generally involves actively blocking or eliminating threats in real-time through means such as quarantining devices, enforcing security policies based on the threat level, and comprehensive vulnerability management. Since Partial Enforcement mode does not execute these robust measures, this feature is not supported.

In contrast, other features such as switch-based control actions, network monitoring, and virtual firewall functionalities can still be implemented at a limited capacity, allowing administrators to maintain some level of oversight and control over the network. This emphasizes that while Partial Enforcement mode offers some capabilities, it does not encompass the full spectrum of threat protection available in more stringent modes.