Move agents with the IPXfer tool

Views:

Use the IPXfer tool to move agents to TrendAI Vision One™ Standard Endpoint Protection.

Note

This topic provides steps to move individual agents from Trend Micro Apex One to TrendAI Vision One™ Standard Endpoint Protection for testing and evaluation purposes.

If you want to update a Trend Micro Apex Once as a Service instance to TrendAI Vision One™ Endpoint Security, see Update from Trend Micro Apex One as a Service.
Before continuing to move agents, make sure you have completed the prerequisite steps listed in Evaluate Standard Endpoint Protection.

Follow the instructions below to connect your Trend Micro Apex One as a Service or Trend Micro Apex Central on-premises products to TrendAI Vision One™ Endpoint Security and move selected endpoints from your Trend Micro Apex One server to Standard Endpoint Protection.

Important

The IPXfer tool can only move one agent at a time and you must have administrator access to the endpoint device where the agent is installed.

To move more than one agent at a time, see Move agents with the Trend Micro Apex One server console.

Note

After moving agents to Standard Endpoint Protection, you cannot move them back to Trend Micro Apex One as a Service or Trend Micro Apex Central using the TrendAI Vision One™ console. If you need to move agents from TrendAI Vision One™, you must use the IPXfer tool.
When moving agents using this method, the agents automatically inherit the settings of the parent group or domain. They do not retain their settings from the source Trend Micro Apex One server.
To move the agents using the IPXfer tool, please note the following requirements:
- You must download the IPXfer tool from the target server.
- The certificate (OfcNTCer.dat) must be downloaded from the target server.
- For 32-bit devices, use IpXfer.exe.
- For 64-bit devices, use IpXfer_x64.exe

Procedure

To copy your current endpoint policies, export Trend Micro Apex One security agent policies to Standard Endpoint Protection.
1. On the Trend Micro Apex Central web console, go to Policies → Policy Management.
2. Select the type of product settings from the Product list.
3. Select one or more policies and click Export Settings and save the file.
  - If you exported a single policy, the resulting file has the extension *.CMPOLICY.
  - If you exported several policies, the resulting file is a compressed (.ZIP) file containing the individual .CMPOLICY files.
4. In the TrendAI Vision One™ console, go to Endpoint Security → Standard Endpoint Protection.
  
  If you have more than one Standard Endpoint Protection instance, select the instance you want to use for the evaluation.
5. In the target instance, go to Policies → Policy Management
6. Click Import Settings and locate the policy file to import.
  - You can import a .ZIP file containng several policy files, or import individual .CMPOLICY files.
  - If the selected policy already exists, a confirmation prompt appears asking if you want to overwrite the existing policy.
    
    Click OK to continue.
In the TrendAI Vision One™ console, go to Endpoint Security → Standard Endpoint Protection.

If you have more than one Standard Endpoint Protection instance, select the instance you want to use for the evaluation.
In the target instance, go to Directories → Product Servers
Copy the first six characters of the server FQDN before manage.trendmicro.com.

For example, if the target server address is https://exampl.manage.trendmicro.com:443/officescan, then copy exampl.

Open a new tab in your browser and use the following links to download the necessary files.

Replace <FQDN> with the six characters copied in the previous step.

URL	Description
`https://<FQDN>.manage.trendmicro.com:443/officescan/hotfix_pccnt/Common/OfcNTCer.dat`	Target server certificate
`https://<FQDN>.manage.trendmicro.com:443/officescan/hotfix_admin/utility/ipxfer/ipxfer.exe`	IpXfer tool for 32-bit devices
`https://<FQDN>.manage.trendmicro.com:443/officescan/hotfix_admin/utility/ipxfer/ipxfer_x64.exe`	IpXfer tool for 64-bit devices

Transfer the files to the target endpoints you want to move to TrendAI Vision One™ Endpoint Security.

Note

Make sure the IPXfer tool and certificate files are in the same folder.
On the target endpoint, run Command Prompt with administrator permission in the folder where the IPXfer tool is located.
Type the following command and press ENTER.
<TOOL> -s <FQDN>.manage.trendmicro.com -p 80 -sp 443 -e ofcntcer.dat -pwd <unload password>
- <TOOL> is the IPXfer version, ipxfer.exe for 32-bit devices, ipxfer_x64.exe for 64-bit devices.
- <FQDN> is the six characters from the target server address.
- <unload password> is the unload password of the Trend Micro Apex One agent on the endpoint.