Endpoint Protection: Only allow outbound ping requests and inbound ping responses
Last Updated January 03, 2019
You want to prevent Symantec Endpoint Protection (SEP) clients from receiving or responding to ICMP (ping) requests, but still send ping requests and receive ping responses from other computers.
Internet Control Message Protocol (ICMP) traffic is defined as a unidirectional protocol. This means that the SEP client firewall does not add an allowed outbound ICMP echo request to its state table. Any related inbound ICMP echo responses will be evaluated against the firewall rules directly. Creating a rule that allows outbound ICMP requests will not allow inbound ICMP responses to that request.
Create a SEP client firewall rule to allow outgoing ICMP type 8, and incoming ICMP type 0 traffic.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe