Some users might use tor browser to bypass the control of company firewall, and makes your firewall useless. In this topic, I will guide you to block tor browser traffic in your network with WFilter ICF(internet content filter).
1. Define tor browser protocol
New a “torbrowser” protocol in “System Settings”->”Protocols”.
New pattern, choose “TLS2″ type, “Offset” as “0″, “Pattype” as “Regular Expression”. Patterns: “\x01\x02\x02\x02\x03\x00\x0F\x00\x01\x01$”.
Save settings and apply the changes.
2. Deploy a tor blocking policy
Add a blocking policy, set “Torbrowser” to “Deny” in “applications”.
Apply this policy to certain client devices.
3. Test and checking
After above steps, the tor browser shall not be able to establish a tor network connection.
In “live connections” of WFilter, you can see “tor browser” being blocked.