The following link is where new ideas for SEP enhancements should be posted for our security products.
https://www-secure.symantec.com/connect/security/ideas
I do think this would be a good enhancement to our firewall component.
Just out of curiousity, how do you currently have the firewall rules configured in relation to this diagnostic program?
Firewall rules don't necessarily need to have a fingerprint applied to them if the executable name does not change. Having a fingerprint however would allow only a specific executable to run which would be more secure.