次のファイアウォール除外は、以下のネットワークに適用されます:
-
Service Gatewayがインストールされ、クラウドサービス拡張がオフになっています
-
Service Gatewayがインストールされていません
TrendAI Vision One™ 認証
|
サービス
|
地域
|
除外
|
|
TrendAI Vision One™
|
|
signin.v1.trendmicro.com tm.login.trendmicro.com iamservice.trendmicro.com Other custom IDP services Google reCAPTCHA:
www.gstatic.com fonts.gstatic.com Plus one of the following: www.google.com (recommended) www.recaptcha.net |
エンドポイントセキュリティ除外
|
サービス / エージェント
|
地域
|
除外
|
||
|
Endpoint Sensorの機能
|
|
api-uk.xbc.trendmicro.com release-us1.mgcp.trendmicro.com support-connector-api.manage.trendmicro.com supportconnectorpacks.manage.trendmicro.com rpcollectedthings.manage.trendmicro.com cloudendpoint-uk.mgcp.trendmicro.com tgw-uk-mgcp.trendmicro.com errs-uk-mgcp.trendmicro.com er-ws-uk.xdr.trendmicro.com endpointpolicy-cdn-uk.xbc.trendmicro.com/ files.trendmicro.com ipv6-iaus.trendmicro.com ipv6-iaus.activeupdate.trendmicro.com iaus.activeupdate.trendmicro.com iaus.trendmicro.com xlogr-ew2.xdr.trendmicro.com api.uk.xdr.trendmicro.com api-cert.uk.xdr.trendmicro.com upload.uk.xdr.trendmicro.com |
||
|
ブラウザ機能拡張
|
|
clients2.google.com/service/update2/crx edge.microsoft.com/extensionwebstorebase/v1/crx |
||
|
Sandbox Analysis
|
|
sandbox-threatconnect.trendmicro.com |
||
|
Standard Endpoint Protection 機能
|
|
<console_DNS>.manage.trendmicro.com licenseupdate.trendmicro.com asm01-nabu-prod.aot.trendmicro.com api-nabu.aot.trendmicro.com osce14-p.activeupdate.trendmicro.com tmsm35-p.activeupdate.trendmicro.com activeupdate.trendmicro.com (new for agent ring usage) aurd-test2.activeupdate.trendmicro.com osce14.icrc.trendmicro.com osce14-0-en.url.trendmicro.com osce140-en.fbs25.trendmicro.com osce14-en.gfrbridge.trendmicro.com osce14-en-census.trendmicro.com osce14bak-en-census.trendmicro.com osce140-en-f.trx.trendmicro.com oscecmp140-en-f.trx.trendmicro.com osce140-en-b.trx.trendmicro.com mcs.trendmicro.com www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/ files.trendmicro.com (new for ring usage) support-connector-api.manage.trendmicro.com support-connector-service.manage.trendmicro.com supportconnectorpacks.manage.trendmicro.com rpcollectedthings.manage.trendmicro.com macOSエージェント:
tmsm35.icrc.trendmicro.com/ss tmsm3-5-cs.url.trendmicro.com tmsm3-5-de.url.trendmicro.com tmsm3-5-en.url.trendmicro.com tmsm3-5-es.url.trendmicro.com tmsm3-5-fr.url.trendmicro.com tmsm3-5-it.url.trendmicro.com tmsm3-5-pl.url.trendmicro.com tmsm3-5-tc.url.trendmicro.com tmsm35-cs.gfrbridge.trendmicro.com tmsm35-de.gfrbridge.trendmicro.com tmsm35-en.gfrbridge.trendmicro.com tmsm35-es.gfrbridge.trendmicro.com tmsm35-fr.gfrbridge.trendmicro.com tmsm35-it.gfrbridge.trendmicro.com tmsm35-pl.gfrbridge.trendmicro.com tmsm35-tc.gfrbridge.trendmicro.com tmsm350-cs.fbs25.trendmicro.com tmsm350-de.fbs25.trendmicro.com tmsm350-en.fbs25.trendmicro.com tmsm350-es.fbs25.trendmicro.com tmsm350-fr.fbs25.trendmicro.com tmsm350-it.fbs25.trendmicro.com tmsm350-pl.fbs25.trendmicro.com tmsm350-tc.fbs25.trendmicro.com |
||
|
Server & Workload Protection 機能
|
|
files.trendmicro.com iaus.activeupdate.trendmicro.com iaus.trendmicro.com ipv6-iaus.trendmicro.com ipv6-iaus.activeupdate.trendmicro.com dsaas1100-en-census.trendmicro.com ds200-en.fbs25.trendmicro.com ds200-jp.fbs25.trendmicro.com dsaas.icrc.trendmicro.com dsaas-en-f.trx.trendmicro.com dsaas-en-b.trx.trendmicro.com deepsecaas11-en.gfrbridge.trendmicro.com dsaas.url.trendmicro.com relay.deepsecurity.trendmicro.com |
||
|
「すべての地域」の除外に加えて:
workload.gb-1.cloudone.trendmicro.com agents.workload.gb-1.cloudone.trendmicro.com <agents-001 through agents-010>.workload.gb-1.cloudone.trendmicro.com agent-comm.workload.gb-1.cloudone.trendmicro.com dsmim.workload.gb-1.cloudone.trendmicro.com relay.workload.gb-1.cloudone.trendmicro.com xdr-resp-ioc.workload.gb-1.cloudone.trendmicro.com FQDN/ファイアウォールEIPブロック:
workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27) agents.workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27) relay.workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27) dsmim.workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27) <agents-001 through agents-010>.workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27) |
Zero Trust Secure Access Exceptions
 |
重要また、Endpoint Sensorエージェントの除外を指定する必要があります。
|
|
サービス
|
地域
|
除外
|
|
Internet Access Service
|
|
auth.ztsa-iag.trendmicro.com |
|
英国
|
pac.uk.ztsa-iag.trendmicro.com auth.uk.ztsa-iag.trendmicro.com |
|
|
インターネットアクセスクラウドゲートウェイ
|
|
proxy.ztsa-iag.trendmicro.com |
|
proxy-uk.eu.ztsa-iag.trendmicro.com d9vbqsel5dvrs.cloudfront.net |
|
|
Smart Protection Networkを使用したオンプレミスゲートウェイのインターネットアクセス: オフ
|
|
xlogr-ec1.xdr.trendmicro.com api.eu-central-1.eu.ddcloud.trendmicro.com iwsh30-en.url.trendmicro.com api-eu-central-1.crs.trendmicro.com iwsh300-en.census.trendmicro.com iwsaas30-en-f.trx.trendmicro.com iwsh30-p.activeupdate.trendmicro.com d9vbqsel5dvrs.cloudfront.net |
|
Smart Protection Networkを使用したオンプレミスゲートウェイのインターネットアクセス: オン
|
|
xlogr-ec1.xdr.trendmicro.com api.eu-central-1.eu.ddcloud.trendmicro.com ctapi.trendmicro.com iwsh30-p.activeupdate.trendmicro.com d9vbqsel5dvrs.cloudfront.net |
|
プライベートアクセスコネクタ
|
|
agent-uk-rel.ztna.trendmicro.com download-uk2-rel.ztna.trendmicro.com saseztnaproduk2sagen2.blob.core.windows.net saseztnaproduk2sa.blob.core.windows.net sase-ztna-prod-uk2-iothub-cntevt.azure-devices.net |
|
ztnaextacr.azurecr.io 0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org |
|
|
プライベートアクセスブラウザーアクセス
|
英国
|
{Customer_Specified}.myapplications.uk2.ztna.trendmicro.com
{Customer_Specified}.edge.uk2.ztna.trendmicro.com
{Customer_Specified}.rdgw.uk2.ztna.trendmicro.com
d9vbqsel5dvrs.cloudfront.net
|
|
プライベートアクセスコネクタ
(Trend Cloud Proxyサービスを使用していない場合)
|
オーストラリア
|
20.5.69.128/28 |
|
ヨーロッパ
|
20.4.51.32/28 |
|
|
インド
|
20.219.254.160/28 |
|
|
イスラエル
|
20.217.194.0/28 |
|
|
日本
|
52.140.246.128/28 |
|
|
シンガポール
|
52.187.118.64/28 |
|
|
米国
|
20.7.52.240/28 |
|
|
ブラジル
|
4.228.193.144/28 |
|
|
MEA
|
20.74.229.224/28 |
|
|
英国
|
20.0.229.192/28 |
|
|
カナダ
|
40.82.166.0/28 |
Service Gateway除外
|
サービス
|
地域
|
除外
|
|
ファームウェア
|
|
sgi-tunneling.uk.xdr.trendmicro.com sgi-iot.uk.xdr.trendmicro.com api.uk.xdr.trendmicro.com upload.uk.xdr.trendmicro.com |
|
Smart Protection Networkプロキシ: オン
|
|
ctapi.trendmicro.com |
|
Smart Protection Networkプロキシ: オフ
|
|
sg-tmsps10-en.url.trendmicro.com sg-tmsps10-en-wis.trendmicro.com sg-tmsps100-en-census.trendmicro.com sg-tmsps100-en-domaincensus.trendmicro.com grid-global.trendmicro.com rest.mars.trendmicro.com sg-tmsps10-en.gfrbridge.trendmicro.com sg-tmsps10-p.activeupdate.trendmicro.com |
|
Local ActiveUpdate
|
|
各製品/エージェントのActiveUpdateセッションを参照してください
|
TrendAI Vision One™ Container Security
|
サービス
|
地域
|
除外
|
|
Container Security に必須
|
|
api.uk.xdr.trendmicro.com vcs-storage-uk.xdr.trendmicro.com |
|
Artifact Scanner
|
|
api.uk.xdr.trendmicro.com ast-upload-uk.xdr.trendmicro.com ast-report-uk.xdr.trendmicro.com ast-cli.xdr.trendmicro.com antimalware.gb-1.cloudone.trendmicro.com antimalware-ew2.xdr.trendmicro.com |
|
ランタイムセキュリティ
|
|
api.uk.xdr.trendmicro.com vcs-iot-uk.xdr.trendmicro.com vcs-storage-uk.xdr.trendmicro.com |
|
ランタイム不正プログラムスキャン
|
|
activeupdate.trendmicro.com |
|
デフォルトコンテナイメージアクセス
|
|
public.ecr.aws *.cloudfront.net |
TippingPointの例外
|
サービス
|
地域
|
除外
|
|
TippingPoint
|
オーストラリア
|
a1mmnfkx71i3sj-ats.iot.ap-southeast-2.amazonaws.com |
|
ヨーロッパ
|
a1mmnfkx71i3sj-ats.iot.eu-central-1.amazonaws.com |
|
|
インド
|
a1mmnfkx71i3sj-ats.iot.ap-south-1.amazonaws.com |
|
|
日本
|
a1mmnfkx71i3sj-ats.iot.ap-northeast-1.amazonaws.com |
|
|
シンガポール
|
a1mmnfkx71i3sj-ats.iot.ap-southeast-1.amazonaws.com |
|
|
英国
|
a1mmnfkx71i3sj-ats.iot.eu-west-2.amazonaws.com |
|
|
米国
|
a1mmnfkx71i3sj-ats.iot.us-east-1.amazonaws.com |
Network Inventory
|
サービス
|
地域
|
除外
|
||
|
Virtual Network Sensor
|
英国
|
xns-p.activeupdate.trendmicro.com gp.fbs.trendmicro.com xlogr-ew2.xdr.trendmicro.com api.uk.xdr.trendmicro.com licenseupdate.trendmicro.com「Send to Sandbox」が有効になっているお客様には、以下も追加してください。 ctapi.trendmicro.com api.ddcloud.trendmicro.com api.eu-west-2.uk.cas.ddcloud.trendmicro.com |
||
|
サービス地域の例外 Deep Discovery Inspector バージョン6.8 Service Pack 1以降
|
英国
|
api.ddcloud.trendmicro.com api.eu-west-2.uk.cas.ddcloud.trendmicro.com api.uk.xdr.trendmicro.com ctapi.trendmicro.com ddaaas.trendmicro.com ddi681.retroscan.trendmicro.com ddi68-p.activeupdate.trendmicro.com/activeupdate gp.fbs.trendmicro.com intelliconnect.trendmicro.com licenseupdate.trendmicro.com portal-01.dddxdr.trendmicro.com portal-02.dddxdr.trendmicro.com xlogr-ew2.xdr.trendmicro.com
|
||
|
Deep Discovery Inspector バージョン 6.8 またはそれ以前
|
英国
|
api-ni-uk.xdr.trendmicro.com api.ddcloud.trendmicro.com api.eu-west-2.uk.cas.ddcloud.trendmicro.com api.uk.xdr.nacloud.trendmicro.com ddaaas.trendmicro.com gp.fbs.trendmicro.com grid-global.trendmicro.com intelliconnect.trendmicro.com licenseupdate.trendmicro.com portal-01.dddxdr.trendmicro.com portal-02.dddxdr.trendmicro.com rest.mars.trendmicro.com xlogr-ew2.xdr.trendmicro.com ddi68-en-f.trx.trendmicro.com ddi68-p.activeupdate.trendmicro.com/activeupdate ddi68.retroscan.trendmicro.com ddi6-8-en-t0.url.trendmicro.com ddi6-8-en-wis.trendmicro.com ddi6-8-en.url.trendmicro.com ddi680-en-census.trendmicro.com ddi680-en-domaincensus.trendmicro.com
|
||
|
Deep Discovery Inspector バージョン6.7/6.7サービスパック1
|
英国
|
api-ni-uk.xdr.trendmicro.com api.ddcloud.trendmicro.com api.eu-west-2.uk.cas.ddcloud.trendmicro.com api.uk.xdr.nacloud.trendmicro.com ddaaas.trendmicro.com gp.fbs.trendmicro.com grid-global.trendmicro.com intelliconnect.trendmicro.com licenseupdate.trendmicro.com portal-01.dddxdr.trendmicro.com portal-02.dddxdr.trendmicro.com rest.mars.trendmicro.com xlogr-ew2.xdr.trendmicro.com ddi67-en-f.trx.trendmicro.com ddi67-p.activeupdate.trendmicro.com/activeupdate ddi67.retroscan.trendmicro.com ddi6-7-en-t0.url.trendmicro.com ddi6-7-en-wis.trendmicro.com ddi6-7-en.url.trendmicro.com ddi670-en-census.trendmicro.com ddi670-en-domaincensus.trendmicro.com
|
||
|
Deep Discovery Inspectorバージョン6.6
|
英国
|
api-ni-uk.xdr.trendmicro.com api.ddcloud.trendmicro.com api.eu-west-2.uk.cas.ddcloud.trendmicro.com api.uk.xdr.nacloud.trendmicro.com ddaaas.trendmicro.com gp.fbs.trendmicro.com grid-global.trendmicro.com intelliconnect.trendmicro.com licenseupdate.trendmicro.com portal-01.dddxdr.trendmicro.com portal-02.dddxdr.trendmicro.com rest.mars.trendmicro.com xlogr-ew2.xdr.trendmicro.com ddi66-en-f.trx.trendmicro.com ddi66-p.activeupdate.trendmicro.com/activeupdate ddi66.retroscan.trendmicro.com ddi6-6-en-t0.url.trendmicro.com ddi6-6-en-wis.trendmicro.com ddi6-6-en.url.trendmicro.com ddi660-en-census.trendmicro.com ddi660-en-domaincensus.trendmicro.com
|
||
|
Deep Discovery Inspectorバージョン6.5
|
英国
|
api-ni-uk.xdr.trendmicro.com api.ddcloud.trendmicro.com api.eu-west-2.uk.cas.ddcloud.trendmicro.com api.uk.xdr.nacloud.trendmicro.com ddaaas.trendmicro.com gp.fbs.trendmicro.com grid-global.trendmicro.com intelliconnect.trendmicro.com licenseupdate.trendmicro.com portal-01.dddxdr.trendmicro.com portal-02.dddxdr.trendmicro.com rest.mars.trendmicro.com xlogr-ew2.xdr.trendmicro.com ddi65-en-f.trx.trendmicro.com ddi65-p.activeupdate.trendmicro.com/activeupdate ddi65.retroscan.trendmicro.com ddi6-5-en-t0.url.trendmicro.com ddi6-5-en-wis.trendmicro.com ddi6-5-en.url.trendmicro.com ddi650-en-census.trendmicro.com ddi650-en-domaincensus.trendmicro.com
|
||
|
Deep Discovery Inspectorバージョン6.2
|
英国
|
api-ni-uk.xdr.trendmicro.com api.ddcloud.trendmicro.com api.eu-west-2.uk.cas.ddcloud.trendmicro.com api.uk.xdr.nacloud.trendmicro.com ddaaas.trendmicro.com gp.fbs.trendmicro.com grid-global.trendmicro.com intelliconnect.trendmicro.com licenseupdate.trendmicro.com portal-01.dddxdr.trendmicro.com portal-02.dddxdr.trendmicro.com rest.mars.trendmicro.com xlogr-ew2.xdr.trendmicro.com ddi62-en-f.trx.trendmicro.com ddi62-p.activeupdate.trendmicro.com/activeupdate ddi62.retroscan.trendmicro.com ddi6-2-en-t0.url.trendmicro.com ddi6-2-en-wis.trendmicro.com ddi6-2-en.url.trendmicro.com ddi620-en-census.trendmicro.com ddi620-en-domaincensus.trendmicro.com
|
||
|
Deep Discovery Inspectorバージョン6.0
|
英国
|
api-ni-uk.xdr.trendmicro.com api.ddcloud.trendmicro.com api.eu-west-2.uk.cas.ddcloud.trendmicro.com api.uk.xdr.nacloud.trendmicro.com ddaaas.trendmicro.com gp.fbs.trendmicro.com grid-global.trendmicro.com intelliconnect.trendmicro.com licenseupdate.trendmicro.com portal-01.dddxdr.trendmicro.com portal-02.dddxdr.trendmicro.com rest.mars.trendmicro.com xlogr-ew2.xdr.trendmicro.com ddi60-en-f.trx.trendmicro.com ddi60-p.activeupdate.trendmicro.com/activeupdate ddi60.retroscan.trendmicro.com ddi6-0-en-t0.url.trendmicro.com ddi6-0-en-wis.trendmicro.com ddi6-0-en.url.trendmicro.com ddi600-en-census.trendmicro.com ddi600-en-domaincensus.trendmicro.com
|
Android用モバイルセキュリティ
|
サーバ
|
地域
|
ポート
|
除外
|
|
TrendMicro Mobile Securityバックエンド
|
すべて
|
|
*.mobile.trendmicro.com *.xdr.trendmicro.com https://portal.mobile.trendmicro.com/ui/ami/mobile/h5/worryfree/openAndroidApp.html?productCode=wfbss&authCode=HWQj7aab&userPrincipalName= rest.mars.trendmicro.com rest-g.mars.trendmicro.com rest-g-au.mars.trendmicro.com mint.mars.trendmicro.com portal-sg.mobile.trendmicro.com *.ztna.trendmicro.com *.ztsa-iag.trendmicro.com logs.trendmicro.com spnsupport.trendmicro.com mxdr1-0.url.trendmicro.com mxdr1-0-im.url.trendmicro.com http://*.trendmicro.com https://*.trendmicro.com |
|
GooglePlay / Firebaseサーバ
|
すべて
|
|
*.google.com *.firebase.com *.googleapis.com *.firebaseio.com |
|
フィードバックを記録
|
すべて
|
|
https://cognito-identity.us-west-2.amazonaws.com |
Trend Micro Security for iOS
|
サーバ
|
地域
|
ポート
|
除外
|
|
TrendMicro Mobile Securityバックエンド
|
すべて
|
|
*.trendmicro.com *.mobile.trendmicro.com *.xdr.trendmicro.com rest.mars.trendmicro.com rest-g.mars.trendmicro.com rest-g-au.mars.trendmicro.com mint.mars.trendmicro.com portal-sg.mobile.trendmicro.com *.ztna.trendmicro.com *.ztsa-iag.trendmicro.com logs.trendmicro.com spnsupport.trendmicro.com mxdr1-0.url.trendmicro.com mxdr1-0-im.url.trendmicro.com mxdr1-0-ios.url.trendmicro.com http://*.trendmicro.com https://*.trendmicro.com |
|
Appleサーバ
|
すべて
|
|
*.apple.com *.mzstatic.com *.icloud.com |
|
Firebaseサーバ
|
すべて
|
|
*.google.com *.firebase.com *.googleapis.com *.firebaseio.com |
|
フィードバックを記録
|
すべて
|
|
https://cognito-identity.us-west-2.amazonaws.com |
TrendAI Vision One™ エージェントレスの脆弱性と脅威の検出の例外
|
サービス
|
地域
|
除外 |
|
エージェントレスによる脆弱性と脅威の検出
|
英国
|
sentry.gb-1.cloudone.trendmicro.com xlogr-ew2.xdr.trendmicro.com googlecode.l.googleusercontent.com |
Executive Dashboard
|
サービス
|
リージョン
|
除外
|
|
XDR
|
すべて
|
download.xdr.trendmicro.com |
Security Awarenessの例外
|
サービス
|
地域
|
除外
|
|
Security Awareness
|
すべて
|
cdn.tiny.cloud |
Security Awareness
|
サービス
|
地域
|
除外
|
|
フィッシングシミュレーションとトレーニングキャンペーン
|
英国
|
awareness.uk.xdr.trendmicro.com saa-uk.phishinsight.trendmicro.com |
LaunchDarklyの例外
|
サービス
|
地域
|
除外
|
|
LaunchDarkly
|
|
必要なLaunchDarklyドメインの完全なリストについては、LaunchDarklyドメインリストを参照してください。
|