We want to allow MS Teams from a top Firewall Rule

Hello!

I am not sure how you would like to achieve that in a FortiGate.

Once the policy is matched, the application control will give the verdict : either allow(monitor) or deny. There is no configurable action to pass the scanning to another policy, because this has already been matched

Actually I am facing a lot disconnection sometimes on MS Teams and now think that I should allow only Teams without applying any AV, IPS or other Security Profile on Firewall Rule for MS Teams.

In short I don't want to apply any Security Profile against only MS Teams application

Understood now. Check if this App Control profile helps as TOP policy.

You can also deny MSTeams in all previous policies, and use this as a bottom policy.

(deep inspection may be required)

App control profile

I would also take a look at these three links as they mention Teams dropping calls behind a FortiGate.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Microsoft-Teams-calls-dropping/ta-p/230203

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-Microsoft-Teams-with-DOS-Policy/ta-p/251599

Then a general common issues link one of the other links provided, links to

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-The-most-common-issues-with-FortiGate-and/ta-p/190635

You can't use app control profiles to globally restrict access to applications.

You'll probably need to use ISDB instead of app control here...

But also it might be better if you can give us more details as to what exactly you are trying to accomplish?

You can enable Internet Service in the Top Rule with all MS-TEAMS service.