We have several Sonicwalls and recently upgraded them to the latest firmware. Soon after the units began receiving a flood of port scans. Discussed with Sonicwall thinking there was a firmware problem, however they state there are no other customers with this problem and it may be a coincidence that the port scans occured around the time of the upgrade.
The situation is that there are many scans on a wide range of ports. Some of the IPs are legitimate web sites, some we cannot trace. I don't know all the applications running here and cannot determine what ports need to be open. Already know about the common ports and what they are used for, also know about the port lists available on the web.
Does anyone have any ideas on what to do about this situation? I was considering creating a rule to block port ranges and go from there.