How can I block TOR and .onion sites?

Because DNSFilter operates on DNS traffic, we cannot stop TOR traffic. However, we categorize TOR and .onion sites on the clear web under “P2P & Illegal” content. We can prevent users from getting to these sites and getting to the download pages of these sites but if someone already has the TOR browser installed on a device then they can bring it onto the network. There are ways to block tor traffic through firewalls, we recommend looking at the manufacturer's documentation on how to achieve this.