Forum Discussion
1) "Browser Verification" takes some time, that is why if we execute it in "Verify Before Access" mode, then valid client can be stuck for several seconds before calculation of all system JavaScript will be done on his side. It can be critical for some customers, that is why "Verify After Access" mode was introduced. In this mode we bypass first request to server (we didn't execute "Browser Verification" for it), but in response we send system JavaScript to client, because of this change "Browser Verification" process will go smoothly for valid clients in "Verify After Access" mode, while real prevention for invalid clients (requests) will start from second request.
2) Difference between Verify After Access (Blocking) and Verify After Access (Detection Only) in prevention - in first mode we block illegal requests, while in second mode we just detect them. Pay attention that both modes doesn't work in transparent, because in transparent mode we don't want to inject any JavaScript to client. So, "Detection Only" mode is needed to run browser verification for request, but don't block it in any way. It can be used for additional classification of traffic or for additional mitigation based on the results