January 28, 2022, Workload Security—New agents now use a domain from your Trend Cloud One region to connect to XDR activity monitoring rather than an AWS provided domain. Agents
that have already connected to XDR Activity Monitoring will be transitioned to use
the new URL on April 4, 2022. Agents that have been unable to connect to XDR Activity
Monitoring will be updated with the new URL earlier in the transition period to fix
connectivity issues.
Why is Trend making this change?
Trend Micro is transitioning the URLs used for XDR Activity Monitoring from AWS-provided
FQDNs to FQDNs for your Trend Cloud One region. This means you do not have to keep
an entry in your firewall allowlist for the AWS-provided URL, and can simply rely
on your existing entry if you have one.
How do I know whether I need to change something in my environment? What should I
change?
If you do not filter outbound traffic, there is no action required. If you filter
outbound traffic in your environment:
- If you are already allowlisting the wildcard domain for your region (for example, *.workload.us-1.cloudone.trendmicro.com), there is no action required. After the transition period, your agents that connect to Activity Monitoring will automatically update to use the new URL during their next communication with Trend Cloud One - Endpoint & Workload Security.
- If you cannot allowlist wildcard domains, you must add the FQDN starting with `agent-comm` for your Trend Cloud One region to your firewall's allowlist. This FQDN is listed on the Port numbers, URLs, and IP addresses page.