I will suggest you to create signatures as per your requirement instead of adding whole list of signatures.
Lets say you have webserver in the internal network, add only the signatures related to http, https, sql and related signatures.
This will prevent your firewall to load complete signature list again which is not required in your case.
Under LAN to WAN policy keep the IP policy with 14K signatures, as we are not sure what type os attack we may come accross.
Kindly check and keep us posted