Description
This article provides a general guide to block anonymity networks in order to comply with some regulatory compliance requirements.
Sometimes customers need to block access to server and/or services from anonymity networks (like TOR network) in order to comply with some local or international regulations.
Solution
There is a predefined address object that can be used to achieve the blockade of anonymity networks which is under the type of 'Geographic'.
Create a new address object selecting 'Geography' as the type and then select 'Anonymous Proxy' in the country list.
Once the new address object (geography type) is created, it can be used as source on any firewall policy to block that traffic to any or all the published servers/services.
Check the next URL for further reference about the networks contained in the 'Anonymous Proxy' list:
https://www.maxmind.com/en/geoip2-anonymous-ip-database
This article provides a general guide to block anonymity networks in order to comply with some regulatory compliance requirements.
Sometimes customers need to block access to server and/or services from anonymity networks (like TOR network) in order to comply with some local or international regulations.
Solution
There is a predefined address object that can be used to achieve the blockade of anonymity networks which is under the type of 'Geographic'.
Create a new address object selecting 'Geography' as the type and then select 'Anonymous Proxy' in the country list.
Once the new address object (geography type) is created, it can be used as source on any firewall policy to block that traffic to any or all the published servers/services.
Check the next URL for further reference about the networks contained in the 'Anonymous Proxy' list:
https://www.maxmind.com/en/geoip2-anonymous-ip-database
