Service	FQDN	Description
Assessment Service	https://assessment-ap4.mgcp.trendmicro.com	Back-end server
	https://release-us1.mgcp.trendmicro.com	Assessment tool download
	https://cti-us1.mgcp.trendmicro.com	Windows CTI rules download
Download Center	download.xdr.trendmicro.com	Download center for XDR customer
Endpoint Basecamp	api-ap4.xbc.trendmicro.com	Endpoint Basecamp API gateway
	cdn-api-ap4.xbc.trendmicro.com	The CDN location
	a1bz7u2flvp09t-ats.iot.ap-southeast-2.amazonaws.com	Amazon domain for WSC persistent connection
	tgw-ap4.mgcp.trendmicro.com	Cloud endpoint telemetry agent API Gateway
	release-us1.mgcp.trendmicro.com	Download center for endpoint release package
	support-connector-api.manage.trendmicro.com	For SCP API connection
	supportconnectorpacks.manage.trendmicro.com	Download center for SCP package
	rpcollectedthings.manage.trendmicro.com	To upload SCP result
Endpoint Inventory	cloudendpoint-ap4.mgcp.trendmicro.com	Agent Portal API Gateway
	release-us1.mgcp.trendmicro.com	Download center for endpoint release package
	supportconnectorpacks.manage.trendmicro.com	Download center for iES tool and LogCounter
Endpoint Response	era-ase2.xdr.trendmicro.com	API Gateway
	era-installer-ue1.xdr.trendmicro.com	Download center for endpoint response release package
	er-ws-ase2.xdr.trendmicro.com	Web socket gateway
Endpoint Policies	endpointpolicy-cdn-ap4.xbc.trendmicro.com	Policy content download Cloudfront CDN
Endpoint Sensor	https://files.trendmicro.com	Download center for XDR Linux Sensor Kernel Module
Feedback Service	matomo.xdr.trendmicro.com	User feedback collection
IDP	tm.login.trendmicro.com iamservice.trendmicro.com www.google.com (Google Recaptcha) www.gstatic.com (Google Recaptcha)	Trend Micro login service for Trend Vision One and Customer Licensing Portal
IDP (Legacy)	sso.au.xdr.trendmicro.com	SSO authentication service (Legacy, redirect to tm.login.trendmicro.com)
IDP (UIC)	login.au.xdr.trendmicro.com	SSO authentication service
In-App Guides	data.analytics.trendmicro.com/	Provides in-app guides and customer feedback data
In-App Guides	content.analytics.trendmicro.com	Guide content
Log Receiver	xlogr-ase2.xdr.trendmicro.com	XDR log receiver service
Mobile Security	portal-au.mobile.trendmicro.com	Application gateway FQDN for Mobile apps
	rest-g.mars.trendmicro.com	Mobile application reputation smart query for mobile enterprise security
	mint.mars.trendmicro.com	Mobile OS vulnerability query for mobile enterprise security
	rest-g-au.mars.trendmicro.com	Mobile pattern update for mobile enterprise security
Network Inventory	api-ni-au.xdr.trendmicro.com	DDI registration to Network Inventory
Network Inventory	api.au.xdr.nacloud.trendmicro.com	DDI connection to Network Analytics
Portal (UIC)	portal.au.xdr.trendmicro.com	Major portal access to XDR console
Risk Insights Log Receiver (Legacy)	ingestor-anz.xdr.trendmicro.com	Log receiver for third-parties using the Trend Micro Risk Insights for Splunk app (migrating to unified log receiver)
Sandbox Analysis	sandbox-threatconnect.trendmicro.com	Provides a web encyclopedia for threat objects
Sandbox Analysis	upload.au.xdr.trendmicro.com	Sandbox analysis package file download
Service Platform	api.au.xdr.trendmicro.com api-cert.au.xdr.trendmicro.com	Public API and other connection services
Upload Center	upload.au.xdr.trendmicro.com	File collection or other services that operate by customer to upload files to XDR

Table 1. Apex One as a Service FQDNs
Description	FQDN
Apex One SaaS console DNS (refer to license email)	<console_DNS>.manage.trendmicro.com
License server	licenseupdate.trendmicro.com
ActiveUpdate server: Windows	osce14-p.activeupdate.trendmicro.com/activeupdate
ActiveUpdate server: Mac	tmsm35-p.activeupdate.trendmicro.com/activeupdate
ActiveUpdate server: Toolbox	toolbox10-p.activeupdate.trendmicro.com/activeupdate
Apex One Telemetry Service	asm01-nabu-prod.aot.trendmicro.com api-nabu.aot.trendmicro.com
Global Smart Scan Server for Apex One Agent	osce14.icrc.trendmicro.com/tmcss
Web Rating Service for Apex One Agent	osce14-0-en.url.trendmicro.com
Smart Feedback for Apex One Agent	osce140-en.fbs25.trendmicro.com
Goodware File Reputation Service for Apex One Agent	osce14-en.gfrbridge.trendmicro.com
Community File Reputation Service for Apex One Agent	osce14-en-census.trendmicro.com
Predictive Machine Learning (File) for Apex One Agent	osce140-en-f.trx.trendmicro.com
Predictive Machine Learning (Behavior) for Apex One Agent	osce140-en-b.trx.trendmicro.com
MacOS threat smart query	mcs.trendmicro.com

Table 2. Service Gateway FQDNs
Description	Service Gateway Version	FQDN
Smart Protection Network (SPN) Proxy for Smart Protection Services	2.0	ctapi.trendmicro.com
Remote Shell for Troubleshooting Service Gateway	2.0	sgi-tunneling.au.xdr.trendmicro.com
Setting Synchronization for Service Gateway	2.0	sgi-iot.au.xdr.trendmicro.com
Web Reputation Service for Smart Protection Services	1.0 and 2.0	sg-tmsps10-en.url.trendmicro.com
Web Inspection Service for Smart Protection Services	1.0 and 2.0	sg-tmsps10-en-wis.trendmicro.com
Community File Reputation Service for Smart Protection Services	1.0 and 2.0	sg-tmsps100-en-census.trendmicro.com
Community Domain/IP Reputation Service for Smart Protection Services	1.0 and 2.0	sg-tmsps100-en-domaincensus.trendmicro.com
Certified Safe Software Service for Smart Protection Services	1.0 and 2.0	grid-global.trendmicro.com
Mobile App Reputation Service for Smart Protection Services	1.0 and 2.0	rest.mars.trendmicro.com
Goodware File Reputation Service for Smart Protection Services	1.0 and 2.0	sg-tmsps10-en.gfrbridge.trendmicro.com
Service Gateway internal Smart Protection Server	1.0 and 2.0	sg-tmsps10-p.activeupdate.trendmicro.com/activeupdate/
Firmware update for Service Gateway virtual appliance	1.0	ase2-external.asg.xdr.trendmicro.com
Services update for Service Gateway virtual appliance, such as Smart Protection Services, ActiveUpdate service, SO List synch service and Third-party intelligence sync service etc.	1.0	049597112809.dkr.ecr.ap-southeast-2.amazonaws.com
Notification/push channel for Service Gateway virtual appliance.	1.0	a1v3de23inj3up-ats.iot.ap-southeast-2.amazonaws.com
Debug log collection via CLI and firmware update package for Service Gateway virtual appliance.	1.0	au-v1-sg-cdt-log.s3.ap-southeast-2.amazonaws.com

Table 3. Global ActiveUpdate URLs for Service Gateway 1.0/2.0
Product/Service	Version	ActiveUpdate URL
Apex One	All versions	osce14-p.activeupdate.trendmicro.com/activeupdate
Deep Discovery Inspector	6.2	ddi62-p.activeupdate.trendmicro.com/activeupdate
	6.0	ddi60-p.activeupdate.trendmicro.com/activeupdate
	5.8	ddi58-p.activeupdate.trendmicro.com/activeupdate
	5.7	ddi57-p.activeupdate.trendmicro.com/activeupdate
	5.6	ddi56-p.activeupdate.trendmicro.com/activeupdate
Deep Security	All versions	ipv6-iaus.trendmicro.com/iau_server.dll
OfficeScan	XG	osce12-p.activeupdate.trendmicro.com/activeupdate
OfficeScan	11.0	osce11-p.activeupdate.trendmicro.com/activeupdate

Table 4. Zero Trust Secure Access FQDNs/IP Addresses
Description	FQDN/IP Address	Port	Used By
Description	FQDN/IP Address	Port	Internet Access - Client Access	Internet Access - PAC Mode	Private Access - Client Access	Private Access - Browser Access	Private Access Connector
Secure Access Module download and upgrade	prod.ztsaagent.trendmicro.com	TCP: 443	√		√
Secure Access Module User Behavior Tracking data feedback	event-au.ztsaagent.trendmicro.com	TCP: 443	√		√
Secure Access Module debug log upload	upload.au.xdr.trendmicro.com	TCP: 443	√		√
Internet Access Gateway service accessed by Secure Access Module	agent.au.ztsa-iag.trendmicro.com	TCP: 443	√
Internet Access Gateway Proxy Address	proxy.ztsa-iag.trendmicro.com proxy.au.ztsa-iag.trendmicro.com	TCP: 80/443	√	√
Internet Access On-Premises Gateway (via Service Gateway) Proxy Address	FQDN or IP address of the on-premise gateway	TCP: 8088	√	√
Internet Access Gateway PAC file location	pac.au.ztsa-iag.trendmicro.com	TCP: 80/443	√	√
Internet Access Gateway auth service for agent-less mode (without Secure Access Module)	auth.ztsa-iag.trendmicro.com auth.au.ztsa-iag.trendmicro.com	TCP: 80/443		√
Private Access service accessed by Secure Access Module and Private Access Connector	agent-anz-rel.ztna.trendmicro.com	TCP: 443	√		√	√	√
Private Access Connector download by users	download-anz-rel.ztna.trendmicro.com	TCP: 443
Private Access Connector CDT collect	saseztnaprodanzsagen2.blob.core.windows.net	TCP: 443 UDP: 443					√
Private Access Connector firmware upgrade	saseztnaprodanzsa.blob.core.windows.net ztnaextacr.azurecr.io	TCP: 443 UDP: 443					√
Microsoft Azure IoT Hub	sase-ztna-prod-anz-iothub-cntevt.azure-devices.net	TCP: 443 UDP: 443			√		√
Speed test for Secure Access Module, Private Access Connector, and Private Access User Portal	speedtest.anz.ztna.trendmicro.com	TCP: 443			√	√	√
Private Access Static IP Pool of Cloud Relay Service	Private Access Connector automatically selects the site that has the lowest network latency. If you have configured firewalls, Trend Micro recommends adding all of the following IP pools: 20.5.69.128/28 (for Australia) 20.4.51.32/28 (for Europe) 20.219.254.160/28 (for India) 52.140.246.128/28 (for Japan) 52.187.118.64/28 (for Singapore) 20.7.52.240/28 (for United States)	TCP: 443 UDP: 443			√	√	√
Private Access Browser Access End User Portal	{Customer_Specified}.myapplications.anz.ztna.trendmicro.com	TCP: 443				√
Private Access Browser Access Proxy	{Customer_Specified}.edge.anz.ztna.trendmicro.com	TCP: 443 TCP: 80				√
Private Access Browser Access Proxy for Remote Desktop (RDP)	{Customer_Specified}.rdgw.anz.ztna.trendmicro.com	TCP: 443 TCP: 80				√
Private Access Connector NTP server	Default NTP servers are listed as follows. You can configure your own NTP servers. 0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org	UDP: 123					√
P2P communication for Private Access Connector and Secure Access Module	Peer's internet IP address	UDP: random port number, greater than 10000			√		√

Australia - Firewall Exceptions