How to block ICMP flood

Does anyone have a good practice to be configured on the FortiGate? Jefeson Alves

Within IPS create a dos sensor with icmp_flood enabled, action pass, and set some threshold. Enable logging to see it matches. Try to play with the threshold until it hits when you want it to and then change action to block. You might also start blocking it right away, but when you guessed the wrong threshold, this might lead to unexpected problems like dropping " normal" traffic ;-) Use the dos policy under firewall -> policy -> dos policy

It' s recomended disable ping on the interface? Thanks Jefeson Alves