Restricting ICMP and Traceroute response to specific IP's or IP ranges.
Would like to see the sophos be able to restrict ICMP or trace route responses from the UTM to only specific IP address or ranges.
This would prevent unwanted potential hackers or BOT IP ping sweeps from detecting equipment on a network from the internet.
As of now the sophos ver 9 firmware UTMs only allow global "on/off" settings for ICMP and traceroute.
Sonicwall firewall provide the ability to restrict ICMP responses to specific IP's using a WAN-to-WAN access rule. I would like to see this option available in sophos UTM's
that's already possible. You should disable global icmp settings and create simple firewall rules as you need.
Timothy Garner commented