I tried to block TOR browser by ASA 5515 FirePOWEP and FireSIGHT 5.3.1 using TOR application, And there's no results and no connections view as well. Please let me know if this issue has been solved with FirePOWEP and FireSIGHT 5.4.1 or 6 version.
The IP addresses of known TOR exit nodes are included in the Security Intelligence feed. You may block connections to these IP addresses by setting the category Tor_exit_node in the blacklist column of your security intelligence settings for your applied access control policy. Setting Any as the configured zone will block connections to and from these IP addresses.
Policies --> Access Control --> Edit a policy --> Security Intelligence tab.
Hi.
The IP addresses of known TOR exit nodes are included in the Security Intelligence feed.
You may block connections to these IP addresses by setting the category Tor_exit_node in
the blacklist column of your security intelligence settings for your applied access
control policy. Setting Any as the configured zone will block connections to and from
these IP addresses.
Policies --> Access Control --> Edit a policy --> Security Intelligence tab.
Regards,
Aastha Bhardwaj
Rate if that helps!!!