TOR

Are any of your organizations trusted network assets behaving as TOR relays, bridges, or devices?

To find out, enable Asset Manager to ingest NetFlow v9 (or netflow from a similar flow-collection infrastructure and also enable a threat intelligence feed containing TOR intelligence data such as iDefense.

Note: The standard Asset Manager requirements are not inclusive of this integration. Additional storage may be required to index a TOR feed.

Configure the TOR feed as follows:

1. On Asset Manager's main menu, browse to Settings > Integrations > Open Source Feeds > TOR.
2.  Enable the threat feed by sliding the toggle button to On.
   
   
   
3. Input a Polling Interval to indicate the time that should elapse between fetching the latest feed data. Input 24 to poll daily,, for example, of 12 to poll twice a day,.
4. Click Submit. 
   Feed is configured.