United States - Firewall Exceptions

Service

FQDN

Description

Assessment Service

https://assessment-us1.mgcp.trendmicro.com

Back-end server

https://release-us1.mgcp.trendmicro.com

Assessment tool download

https://cti-us1.mgcp.trendmicro.com

Windows CTI rules download

Download Center

download.xdr.trendmicro.com

Download center for XDR customer

Endpoint Basecamp

api-us1.xbc.trendmicro.com/

Endpoint Basecamp API gateway

cdn-api-us1.xbc.trendmicro.com/

The CDN location

wsc-us1.xbc.trendmicro.com/

Custom domain for WSC persistent connection

tgw-us1.mgcp.trendmicro.com/

Cloud endpoint telemetry agent API Gateway

release-us1.mgcp.trendmicro.com

Download center for endpoint release package

support-connector-api.manage.trendmicro.com

For SCP API connection

supportconnectorpacks.manage.trendmicro.com

Download center for SCP package

rpcollectedthings.manage.trendmicro.com

To upload SCP result

Endpoint Inventory

cloudendpoint-us1.mgcp.trendmicro.com

Agent Portal API Gateway

release-us1.mgcp.trendmicro.com

Download center for endpoint release package

supportconnectorpacks.manage.trendmicro.com

Download center for iES tool and LogCounter

Endpoint Response

er-ws-ue1.xdr.trendmicro.com/

API Gateway

era-installer-ue1.xdr.trendmicro.com

Download center for endpoint response release package

era-ue1.xdr.trendmicro.com/

ELB FQDN

Endpoint Policies

endpointpolicy-cdn-us1.xbc.trendmicro.com

Policy content download Cloudfront CDN

Endpoint Sensor

https://files.trendmicro.com

Download center for XDR Linux Sensor Kernel Module

Feedback Service

matomo.xdr.trendmicro.com

User feedback collection

IDP

tm.login.trendmicro.com

iamservice.trendmicro.com

www.google.com (Google Recaptcha)

www.gstatic.com (Google Recaptcha)

Trend Micro login service for Trend Micro Vision One and Customer Licensing Portal

IDP (Legacy)

tm.xdr.trendmicro.com

SSO authentication service (Legacy, redirect to tm.login.trendmicro.com)

IDP (UIC)

login.xdr.trendmicro.com

SSO authentication service

In-App Guides

data.analytics.trendmicro.com/

Provides in-app guides and customer feedback data

content.analytics.trendmicro.com

Guide content

Log Receiver

xlogr-ue1.xdr.trendmicro.com

XDR log receiver service

Mobile Security

portal.mobile.trendmicro.com

Application gateway FQDN for Mobile apps

rest-g.mars.trendmicro.com

Mobile application reputation smart query for mobile enterprise security

mint.mars.trendmicro.com

Mobile OS vulnerability query for mobile enterprise security

rest-g-au.mars.trendmicro.com

Mobile pattern update for mobile enterprise security

Network Inventory

api-ni.xdr.trendmicro.com/

DDI registration to Network Inventory

portal-01.dddxdr.trendmicro.com

portal-02.dddxdr.trendmicro.com

portal-* for traditional DDD cloud console and DDI registration

Portal (UIC)

portal.xdr.trendmicro.com

Major portal access to XDR console

Risk Insights Log Receiver (Legacy)

ingestor-us.xdr.trendmicro.com

Log receiver for third-parties using the Trend Micro Risk Insights for Splunk app (migrating to unified log receiver)

Sandbox Analysis

sandbox-threatconnect.trendmicro.com

Provides a web encyclopedia for threat objects

upload.xdr.trendmicro.com

Sandbox analysis package file download

Service Platform

api.xdr.trendmicro.com

api-cert.xdr.trendmicro.com

Public API and other connection services

Upload Center

upload.xdr.trendmicro.com

File collection or other services that operate by customer to upload files to XDR

Table 1. Apex One as a Service FQDNs

Description

FQDN

Apex One SaaS console DNS (refer to license email)

<console_DNS>.manage.trendmicro.com

License server

licenseupdate.trendmicro.com

ActiveUpdate server: Windows

osce14-p.activeupdate.trendmicro.com/activeupdate

ActiveUpdate server: Mac

tmsm35-p.activeupdate.trendmicro.com/activeupdate

ActiveUpdate server: Toolbox

toolbox10-p.activeupdate.trendmicro.com/activeupdate

Apex One Telemetry Service

asm01-nabu-prod.aot.trendmicro.com

api-nabu.aot.trendmicro.com

Global Smart Scan Server for Apex One Agent

osce14.icrc.trendmicro.com/tmcss

Web Rating Service for Apex One Agent

osce14-0-en.url.trendmicro.com

Smart Feedback for Apex One Agent

osce140-en.fbs25.trendmicro.com

Goodware File Reputation Service for Apex One Agent

osce14-en.gfrbridge.trendmicro.com

Community File Reputation Service for Apex One Agent

osce14-en-census.trendmicro.com

Predictive Machine Learning (File) for Apex One Agent

osce140-en-f.trx.trendmicro.com

Predictive Machine Learning (Behavior) for Apex One Agent

osce140-en-b.trx.trendmicro.com

MacOS threat smart query

mcs.trendmicro.com

Table 2. Service Gateway FQDNs

Description

Service Gateway Version

FQDN

Remote Shell for Troubleshooting Service Gateway

2.0

sgi-tunneling.xdr.trendmicro.com

Setting Synchronization for Service Gateway

2.0

sgi-iot.xdr.trendmicro.com

Web Reputation Service for Service Gateway SPS

1.0 and 2.0

sg-tmsps10-en.url.trendmicro.com

Web Inspection Service for Service Gateway SPS

1.0 and 2.0

sg-tmsps10-en-wis.trendmicro.com

Community File Reputation Service for Service Gateway SPS

1.0 and 2.0

sg-tmsps100-en-census.trendmicro.com

Community Domain/IP Reputation Service for Service Gateway SPS

1.0 and 2.0

sg-tmsps100-en-domaincensus.trendmicro.com

Certified Safe Software Service for Service Gateway SPS

1.0 and 2.0

grid-global.trendmicro.com

Mobile App Reputation Service for Service Gateway SPS

1.0 and 2.0

rest.mars.trendmicro.com

Goodware File Reputation Service for Service Gateway SPS

1.0 and 2.0

sg-tmsps10-en.gfrbridge.trendmicro.com

Service Gateway internal Smart Protection Server

1.0 and 2.0

sg-tmsps10-p.activeupdate.trendmicro.com/activeupdate/

Firmware update for Service Gateway virtual appliance

1.0

ue1-external.asg.xdr.trendmicro.com

Services update for Service Gateway virtual appliance, such as Smart Protection Service , ActiveUpdate service, SO List synch service and Third-party intelligence sync service etc.

1.0

049597112809.dkr.ecr.us-east-1.amazonaws.com

Notification/push channel for Service Gateway virtual appliance.

1.0

a1v3de23inj3up-ats.iot.us-east-1.amazonaws.com

Debug log collection via CLI and firmware update package for Service Gateway virtual appliance.

1.0

us-v1-sg-cdt-log.s3.us-east-1.amazonaws.com

Table 3. Global ActiveUpdate URLs for Service Gateway 1.0/2.0

Product/Service

Version

ActiveUpdate URL

Apex One

All versions

osce14-p.activeupdate.trendmicro.com/activeupdate

Deep Discovery Inspector

6.2

ddi62-p.activeupdate.trendmicro.com/activeupdate

6.0

ddi60-p.activeupdate.trendmicro.com/activeupdate

5.8

ddi58-p.activeupdate.trendmicro.com/activeupdate

5.7

ddi57-p.activeupdate.trendmicro.com/activeupdate

5.6

ddi56-p.activeupdate.trendmicro.com/activeupdate

Deep Security

All versions

ipv6-iaus.trendmicro.com/iau_server.dll

OfficeScan

XG

osce12-p.activeupdate.trendmicro.com/activeupdate

11.0

osce11-p.activeupdate.trendmicro.com/activeupdate

Table 4. Zero Trust Secure Access FQDNs

Description

FQDN

Service

Secure Access Module download and upgrade

prod.ztsaagent.trendmicro.com

Secure Access Module

Secure Access Module User Behavior Tracking data feedback

dc.services.visualstudio.com

Secure Access Module

Internet Access Gateway Proxy Address

proxy.us.ztsa-iag.trendmicro.com

proxy.ztsa-iag.trendmicro.com

Internet Access

Internet Access Gateway Pac file location

pac.us.ztsa-iag.trendmicro.com

Internet Access

Internet Access Gateway auth service for agent-less mode (without Secure Access Module)

auth.us.ztsa-iag.trendmicro.com

auth.ztsa-iag.trendmicro.com

Internet Access

Internet Access Gateway service accessed by Secure Access Module

agent.us.ztsa-iag.trendmicro.com

Internet Access

Private Access service accessed by Secure Access Module and Private Access Connector

agent-us-rel.ztna.trendmicro.com

Private Access

Private Access Connector download

download-us-rel.ztna.trendmicro.com

Private Access

Private Access Connector CDT collect

saseztnaprodussagen2.blob.core.windows.net

Private Access

Private Access Connector firmware upgrade

saseztnaprodussa.blob.core.windows.net

Private Access

Microsoft Azure IoT Hub

sase-ztna-prod-us-iothub-cntevt.azure-devices.net

Private Access

Speed test for Secure Access Module, Private Access Connector, and Private Access User Portal

speedtest.us.ztna.trendmicro.com

Secure Access Module

Private Access