Views:

Use the IPXfer Tool to move agents to Trend Vision One Standard Endpoint Protection.

Follow the instructions below to connect your Apex One as a Service or Apex Central on-premises products to Trend Vision One Endpoint Security and move selected endpoints from your Apex One server to Standard Endpoint Protection.
Important
Important
The IPXfer tool can only move one agent at a time and you must have administrator access to the endpoint device where the agent is installed.
To move more than one agent at a time, see Moving Agents with the Apex One Server Console.
Note
Note
  • After moving agents to Standard Endpoint Protection, you cannot move them back to Apex One as a Service or Apex Central using the Trend Vision One console. If you need to move agents from Trend Vision One, you must use the IPXfer tool.
  • When moving agents using this method, the agents automatically inherit the settings of the parent group or domain. They do not retain their settings from the source Apex One server.
  • To move the agents using the IPXfer tool, please note the following requirements:
    • You must download the IPXfer tool from the target server.
    • The certificate (OfcNTCer.dat) must be downloaded from the target server.
    • For 32-bit devices, use IpXfer.exe.
    • For 64-bit devices, use IpXfer_x64.exe

Procedure

  1. (Optional) Export Apex One Security Agent policies to Standard Endpoint Protection.
    1. On the Apex Central web console, go to PoliciesPolicy Management.
    2. Select the type of product settings from the Product list.
    3. Select one or more policies and click Export Settings and save the file.
      • If you exported a single policy, the resulting file has the extension *.CMPOLICY.
      • If you exported several policies, the resulting file is a compressed (.ZIP) file containing the individual .CMPOLICY files.
    4. In the Trend Vision One console, go to Endpoint SecurityStandard Endpoint Protection.
      If you have more than one Standard Endpoint Protection instance, select the instance you want to use for the evaluation.
    5. In the target instance, go to PoliciesPolicy Management
    6. Click Import Settings and locate the policy file to import.
      • You can import a .ZIP file containng several policy files, or import individual .CMPOLICY files.
      • If the selected policy already exists, a confirmation prompt appears, asking if you want to overwrite the existing policy.
        Click OK to continue.
  2. In the Trend Vision One console, go to Endpoint SecurityStandard Endpoint Protection.
    If you have more than one Standard Endpoint Protection instance, select the instance you want to use for the evaluation.
  3. In the target instance, go to DirectoriesProduct Servers
  4. Copy the first six characters of the server FQDN before manage.trendmicro.com.
    For example, if the target server address is https://exampl.manage.trendmicro.com:443/officescan, then copy exampl.
  5. Open a new tab in your browser and use the following links to download the necessary files.
    Replace <FQDN> with the six characters copied in the previous step.

    URL
    Description
    https://<FQDN>.manage.trendmicro.com:443/officescan/hotfix_pccnt/Common/OfcNTCer.dat
    Target server certificate
    https://<FQDN>.manage.trendmicro.com:443/officescan/hotfix_admin/utility/ipxfer/ipxfer.exe
    IpXfer tool for 32-bit devices
    https://<FQDN>.manage.trendmicro.com:443/officescan/hotfix_admin/utility/ipxfer/ipxfer_x64.exe
    IpXfer tool for 64-bit devices
  6. Transfer the files to the target endpoints you want to move to Trend Vision One Endpoint Security.
    Note
    Note
    Make sure the IPXfer tool and certificate files are in the same folder.
  7. On the target endpoint, run Command Prompt with administrator permission in the folder where the IPXfer tool is located.
  8. Type the following command and press ENTER.
    <TOOL> -s <FQDN>.manage.trendmicro.com -p 80 -sp 443 -e ofcntcer.dat -pwd <unload password>
    • <TOOL> is the IPXfer version, ipxfer.exe for 32-bit devices, ipxfer_x64.exe for 64-bit devices.
    • <FQDN> is the six characters from the target server address.
    • <unload password> is the unload password of the Apex One agent on the endpoint.