Testing IP reputation filtering on a FortiGate 2200E, I managed to get it working alright. My finding being, that packets that didn't meet the specified reputation level will fall through and hit the implicit deny or, in case of, a lower level explicit deny rule (instead of a direct drop).
The only thing I find missing, is a simple log entry indicating that IP reputation has been triggered. Does anyone know if an IP reputation trigger even produces a log entry? Any help is much appreciated!