Forum Discussion
Anonymous/Tor as filter/condition
Hello again 🙂 is there the possibility to use Anonymous Ips/Tor Network as a condition or a filter for a rule ? In the built in anomaly detection policy, I see we have one rule "Activity from ano...
Hello siastolf
please look the website
https://argonsys.com/microsoft-cloud/library/cloud-app-security-block-tor-browser-anonymous-ip/
if you liked it mark the answer with a like.
if you thought this answer helped in any way please mark it as best answer
please look the website
https://argonsys.com/microsoft-cloud/library/cloud-app-security-block-tor-browser-anonymous-ip/
if you liked it mark the answer with a like.
if you thought this answer helped in any way please mark it as best answer
Hi thank you for the suggestion.
It seems anyway that it's not 100% working.
So putting an access control policy using as filter "Ip address -> Tag ->Category->Risky Ip
does not completly work, indeed once I tested it connecting with a TOR browser to a monitored powerapps, nothing was logged/blocked.
I made it working using a different filter, so IP address -> Tag -> Equals-> Tor, Anonymous proxy
in this case I got an alert once a user tried to connect to the powerapp with a Tor browser.
It seems anyway that it's not 100% working.
So putting an access control policy using as filter "Ip address -> Tag ->Category->Risky Ip
does not completly work, indeed once I tested it connecting with a TOR browser to a monitored powerapps, nothing was logged/blocked.
I made it working using a different filter, so IP address -> Tag -> Equals-> Tor, Anonymous proxy
in this case I got an alert once a user tried to connect to the powerapp with a Tor browser.