search cancel

Endpoint Protection: Only allow outbound ping requests and inbound ping responses


Article ID: 173285


Updated On:


Endpoint Protection


You want to prevent Symantec Endpoint Protection (SEP) clients from receiving or responding to ICMP (ping) requests, but still send ping requests and receive ping responses from other computers.


Internet Control Message Protocol (ICMP) traffic is defined as a unidirectional protocol. This means that the SEP client firewall does not add an allowed outbound ICMP echo request to its state table. Any related inbound ICMP echo responses will be evaluated against the firewall rules directly. Creating a rule that allows outbound ICMP requests will not allow inbound ICMP responses to that request.


Create a SEP client firewall rule to allow outgoing ICMP type 8, and incoming ICMP type 0 traffic.