Global Rules

is this OK? what do I have to Add/Remove to have the best security?
by the way i DISABLED SANDBOX feature…

Default global rules (cisv3 proactive mode) are set as follows excepting the first two lines relevant to my local network, and the last one forbidding ping.

You should remember that:

-rules are read from top to bottom: your second rules forbids the third and fourth ones; if you really want to write such a rule, it should be after the 2 ICM in rules.
-there’s no point in globally denying icmp, icmp is a needed protocol.