Adding Anonymity Networks

FortiSIEM provides two default (system-defined) groups for Anonymity Networks: 

  • Open Proxies: A set of open proxies in the internet. This is a static group.
  • Tor Nodes: This group is dynamically updated from https://check.torproject.org/exit-addresses. You can schedule regular updates for this group by clicking on the group name, then click Update and provide update scheduling information. 

Follow the procedure below to add Anonymity Networks:

  1. Go to RESOURCES> Anonymity Network folder on the left panel. 
  2. Select Open Proxies or Tor Nodes folder or click + to add a new group.
  3. Click New.
  4. Enter IPPort, and Country information about the anonymity network. 
  5. Click the Calendar icon to select the Date Found and Last Seen.
  6. Click Save.

Adding Anonymity Networks to Watch Lists

You can easily add an anonymity network IP address to your watch lists. Hover you mouse cursor over the anonymity network IP address until the icon for the Options menu appears, and then select Add to Watchlist.