|
Service
|
FQDN
|
Description
|
|
Assessment Service
|
https://assessment-eu1.mgcp.trendmicro.com |
Back-end server
|
https://release-us1.mgcp.trendmicro.com |
Assessment tool download
|
|
https://cti-us1.mgcp.trendmicro.com |
Windows CTI rules download
|
|
|
Download Center
|
download.xdr.trendmicro.com |
Download center for XDR customer
|
|
Endpoint Basecamp
|
api-eu1.xbc.trendmicro.com |
Endpoint Basecamp API gateway
|
tgw-eu1.mgcp.trendmicro.com |
Cloud endpoint telemetry agent API
Gateway
|
|
release-us1.mgcp.trendmicro.com |
Download center for endpoint release
package
|
|
support-connector-api.manage.trendmicro.com |
For SCP API connection
|
|
supportconnectorpacks.manage.trendmicro.com |
Download center for SCP package
|
|
rpcollectedthings.manage.trendmicro.com |
To upload SCP result
|
|
wsc-eu1.xbc.trendmicro.com |
WSC persistent connection
|
|
|
Endpoint Inventory
|
cloudendpoint-eu1.mgcp.trendmicro.com |
Agent Portal API Gateway
|
release-us1.mgcp.trendmicro.com |
Download center for endpoint release
package
|
|
supportconnectorpacks.manage.trendmicro.com |
Download center for iES tool and
LogCounter
|
|
|
Endpoint Response
|
er-ws-ec1.xdr.trendmicro.com |
API Gateway
|
era-ec1.xdr.trendmicro.com |
ELB FQDN
|
|
|
Endpoint Policies
|
endpointpolicy-cdn-eu1.xbc.trendmicro.com |
Policy content download Cloudfront CDN
|
|
Endpoint Sensor
|
https://files.trendmicro.com |
Download center for XDR Linux Sensor Kernel
Module
|
|
Feedback Service
|
matomo.xdr.trendmicro.com |
User feedback collection
|
|
IDP
|
tm.login.trendmicro.comiamservice.trendmicro.comwww.google.com (Google
Recaptcha)www.gstatic.com (Google
Recaptcha) |
Trend Micro login service for Trend Vision One and Customer Licensing Portal
|
|
IDP (Legacy)
|
sso.eu.xdr.trendmicro.com |
SSO authentication service (Legacy, redirect to
tm.login.trendmicro.com)
|
|
IDP (UIC)
|
login.eu.xdr.trendmicro.com |
SSO authentication service
|
|
In-App Guides
|
data.analytics.trendmicro.com/ |
Provides in-app guides and customer feedback
data
|
content.analytics.trendmicro.com |
Guide content
|
|
|
Log Receiver
|
xlogr-ec1.xdr.trendmicro.com |
XDR log receiver service
|
|
Mobile Security
|
portal-eu.mobile.trendmicro.com |
Application gateway FQDN for Mobile apps
|
rest-g.mars.trendmicro.com |
Mobile application reputation smart query for mobile
enterprise security
|
|
mint.mars.trendmicro.com |
Mobile OS vulnerability query for mobile
enterprise security
|
|
rest-g-au.mars.trendmicro.com |
Mobile pattern update for mobile enterprise security
|
|
|
Network Inventory
|
api-ni-eu.xdr.trendmicro.com |
DDI registration to Network Inventory
|
portal-01.eu.dddxdr.trendmicro.com |
portal-* for traditional DDD cloud console and DDI
registration
|
|
|
Portal (UIC)
|
portal.eu.xdr.trendmicro.com |
Major portal access to XDR console
|
|
Risk Insights Log Receiver (Legacy)
|
ingestor-eu.xdr.trendmicro.com |
Log receiver for third-parties using the
Trend Micro Risk Insights for Splunk app (migrating to unified log receiver)
|
|
Sandbox Analysis
|
sandbox-threatconnect.trendmicro.com |
Provides a web encyclopedia for threat
objects
|
upload.eu.xdr.trendmicro.com |
Sandbox analysis package file download
|
|
|
Service Platform
|
api.eu.xdr.trendmicro.comapi-cert.eu.xdr.trendmicro.com |
Public API and other connection services
|
|
Upload Center
|
upload.eu.xdr.trendmicro.com/ |
File collection or other services that operate by customer
to upload files to XDR
|
Apex One as a Service FQDNs
|
Description
|
FQDN
|
|
Apex One SaaS console DNS (refer to license email)
|
<console_DNS>.manage.trendmicro.com |
|
License server
|
licenseupdate.trendmicro.com |
|
ActiveUpdate server: Windows
|
osce14-p.activeupdate.trendmicro.com/activeupdate |
|
ActiveUpdate server: Mac
|
tmsm35-p.activeupdate.trendmicro.com/activeupdate |
|
ActiveUpdate server: Toolbox
|
toolbox10-p.activeupdate.trendmicro.com/activeupdate |
|
Apex One Telemetry Service
|
asm01-nabu-prod.aot.trendmicro.comapi-nabu.aot.trendmicro.com |
|
Global Smart Scan Server for Apex One Agent
|
osce14.icrc.trendmicro.com/tmcss |
|
Web Rating Service for Apex One Agent
|
osce14-0-de.url.trendmicro.comosce14-0-fr.url.trendmicro.comosce14-0-sp.url.trendmicro.comosce14-0-it.url.trendmicro.comosce14-0-ru.url.trendmicro.comosce14-0-po.url.trendmicro.com |
|
Smart Feedback for Apex One Agent
|
osce140-de.fbs25.trendmicro.comosce140-fr.fbs25.trendmicro.comosce140-es.fbs25.trendmicro.comosce140-it.fbs25.trendmicro.comosce140-ru.fbs25.trendmicro.comosce140-pl.fbs25.trendmicro.com |
|
Goodware File Reputation Service for Apex One Agent
|
osce14-de.gfrbridge.trendmicro.comosce14-fr.gfrbridge.trendmicro.comosce14-es.gfrbridge.trendmicro.comosce14-it.gfrbridge.trendmicro.comosce14-ru.gfrbridge.trendmicro.comosce14-po.gfrbridge.trendmicro.com |
|
Community File Reputation Service for Apex One Agent
|
osce14-de-census.trendmicro.comosce14-fr-census.trendmicro.comosce14-es-census.trendmicro.comosce14-it-census.trendmicro.comosce14-ru-census.trendmicro.comosce14-pl-census.trendmicro.com |
|
Predictive Machine Learning (File) for Apex
One Agent
|
osce140-en-f.trx.trendmicro.com |
|
Predictive Machine Learning (Behavior) for
Apex One Agent
|
osce140-en-b.trx.trendmicro.com |
|
MacOS threat smart query
|
mcs.trendmicro.com |
Service Gateway FQDNs
|
Description
|
Service Gateway Version
|
FQDN
|
|
Smart Protection Network (SPN) Proxy for Smart
Protection Services
|
2.0 and later
|
ctapi.trendmicro.com |
|
Remote Shell for
Troubleshooting Service Gateway
|
2.0 and later
|
sgi-tunneling.eu.xdr.trendmicro.com |
|
Setting Synchronization for Service
Gateway
|
2.0 and later
|
sgi-iot.eu.xdr.trendmicro.com |
|
Web Reputation Service for Smart Protection
Services
|
All versions
|
sg-tmsps10-en.url.trendmicro.com |
|
Web Inspection Service for Smart Protection
Services
|
All versions
|
sg-tmsps10-en-wis.trendmicro.com |
|
Community File Reputation Service for Smart
Protection Services
|
All versions
|
sg-tmsps100-en-census.trendmicro.com |
|
Community Domain/IP Reputation Service for Smart
Protection Services
|
All versions
|
sg-tmsps100-en-domaincensus.trendmicro.com |
|
Certified Safe Software Service for Smart Protection
Services
|
All versions
|
grid-global.trendmicro.com |
|
Mobile App Reputation Service for Smart Protection
Services
|
All versions
|
rest.mars.trendmicro.com |
|
Goodware File Reputation Service for Smart
Protection Services
|
All versions
|
sg-tmsps10-en.gfrbridge.trendmicro.com |
|
Service Gateway internal Smart Protection Server
|
All versions
|
sg-tmsps10-p.activeupdate.trendmicro.com/activeupdate/ |
|
Firmware update for Service Gateway virtual
appliance
|
1.0
|
ec1-external.asg.xdr.trendmicro.com |
|
Services update for Service Gateway virtual
appliance, such as Smart Protection Services, ActiveUpdate service, SO List synch
service and Third-party intelligence sync service etc.
|
1.0
|
049597112809.dkr.ecr.eu-central-1.amazonaws.com |
|
Notification/push channel for Service
Gateway virtual appliance.
|
1.0
|
a1v3de23inj3up-ats.iot.eu-central-1.amazonaws.com |
|
Debug log collection via CLI and firmware
update package for Service Gateway virtual appliance.
|
1.0
|
eu-v1-sg-cdt-log.s3.eu-central-1.amazonaws.com |
Global ActiveUpdate URLs for Service Gateway
|
Product/Service
|
Version
|
ActiveUpdate URL
|
|
Apex One
|
All versions
|
osce14-p.activeupdate.trendmicro.com/activeupdate |
|
Deep Discovery Inspector
|
For all versions, replace "<version>" in the FQDN with your
Deep Discovery Inspector version number without the period.
For example, if your Deep Discovery Inspector
version is 6.5, use the FQDN:
ddi65-p.activeupdate.trendmicro.com/activeupdate |
ddi<version>-p.activeupdate.trendmicro.com/activeupdate |
|
6.2
|
ddi62-p.activeupdate.trendmicro.com/activeupdate |
|
|
6.0
|
ddi60-p.activeupdate.trendmicro.com/activeupdate |
|
|
5.8
|
ddi58-p.activeupdate.trendmicro.com/activeupdate |
|
|
5.7
|
ddi57-p.activeupdate.trendmicro.com/activeupdate |
|
|
5.6
|
ddi56-p.activeupdate.trendmicro.com/activeupdate |
|
|
Deep Security
|
All versions
|
ipv6-iaus.trendmicro.com/iau_server.dll |
|
OfficeScan
|
XG
|
osce12-p.activeupdate.trendmicro.com/activeupdate |
|
11.0
|
osce11-p.activeupdate.trendmicro.com/activeupdate |
Zero Trust Secure Access FQDNs/IP Addresses
|
Description
|
FQDN/IP Address
|
Port
|
Used By
|
||||
|
Internet Access - Client Access
|
Internet Access - PAC Mode
|
Private Access - Client Access
|
Private Access - Browser Access
|
Private Access Connector
|
|||
|
Secure Access Module download and upgrade
|
prod.ztsaagent.trendmicro.com |
TCP: 443
|
√
|
√
|
|||
|
Secure Access Module User Behavior Tracking data
feedback
|
event-eu.ztsaagent.trendmicro.com |
TCP: 443
|
√
|
√
|
|||
|
Secure Access Module debug log upload
|
upload.eu.xdr.trendmicro.com/ |
TCP: 443
|
√
|
√
|
|||
|
Internet Access Gateway Proxy Address
|
proxy.ztsa-iag.trendmicro.comproxy.eu.ztsa-iag.trendmicro.comproxy-uk.eu.ztsa-iag.trendmicro.com (for United
Kingdom)proxy-fr.eu.ztsa-iag.trendmicro.com (for France)proxy-sa.eu.ztsa-iag.trendmicro.com (for South
Africa)proxy-me.eu.ztsa-iag.trendmicro.com (for Middle
East)proxy-il.eu.ztsa-iag.trendmicro.com (for Israel)proxy-it.eu.ztsa-iag.trendmicro.com (for Italy)proxy-es.eu.ztsa-iag.trendmicro.com (for Spain)proxy-sw.eu.ztsa-iag.trendmicro.com (for Sweden) |
TCP: 80/8080
|
√
|
√
|
|||
|
Internet Access On-Premises Gateway (via Service Gateway)
Proxy Address
|
FQDN or IP address of the on-premise gateway
|
TCP: 8088
|
√
|
√
|
|||
|
Internet Access On-Premises Gateway (via Service Gateway) NTLM
Auth Proxy Address
|
FQDN or IP address of the on-premise gateway
|
TCP: 8089
|
√
|
√
|
|||
|
Internet Access Gateway PAC file location
|
pac.eu.ztsa-iag.trendmicro.com |
TCP: 80/443
|
√
|
√
|
|||
|
General authentication services
|
Google reCAPTCHA:
|
TCP: 443
|
|||||
|
Internet Access Gateway authentication service
used for:
|
auth.ztsa-iag.trendmicro.comauth.eu.ztsa-iag.trendmicro.com |
TCP: 80/443
|
√
|
||||
|
Private Access service accessed by Secure Access Module
and Private Access Connector
|
agent-eu-rel.ztna.trendmicro.com |
TCP: 443
|
√
|
√
|
√
|
√
|
|
|
Private Access Connector download by users
|
download-eu-rel.ztna.trendmicro.com |
TCP: 443
|
|||||
|
Private Access Connector CDT collect
|
saseztnaprodeusagen2.blob.core.windows.net |
TCP: 443
UDP: 443
|
√
|
||||
|
Private Access Connector firmware upgrade
|
saseztnaprodeusa.blob.core.windows.netztnaextacr.azurecr.io |
TCP: 443
UDP: 443
|
√
|
||||
|
Microsoft Azure IoT Hub
|
sase-ztna-prod-eu-iothub-cntevt.azure-devices.net |
TCP: 443
UDP: 443
|
√
|
√
|
|||
|
Speed test for Secure Access Module, Private Access Connector,
and Private Access User Portal
|
Private Access Connector automatically selects the site that has the lowest network
latency. If you have configured firewalls, Trend Micro recommends adding all of the
following FQDNs:
|
TCP: 443
|
√
|
√
|
√
|
||
|
Private Access Static IP Pool of Cloud Relay Service
|
Private Access Connector automatically selects the site that has the lowest network
latency. If you have configured firewalls, Trend Micro recommends adding all of the
following IP pools:
|
TCP: 443
UDP: 443
|
√
|
√
|
√
|
||
|
Private Access Browser Access End User Portal
|
{Customer_Specified}.myapplications.eu.ztna.trendmicro.com |
TCP: 443
|
√
|
||||
|
Private Access Browser Access Proxy
|
{Customer_Specified}.edge.eu.ztna.trendmicro.com |
TCP: 443
TCP: 8443
TCP: 80
|
√
|
||||
|
Private Access Browser Access Proxy for Remote Desktop
(RDP)
|
{Customer_Specified}.rdgw.eu.ztna.trendmicro.com |
TCP: 443
TCP: 80
|
√
|
||||
|
Private Access Connector NTP server
|
Default NTP servers are listed as follows. You can configure
your own NTP servers.
|
UDP: 123
|
√
|
||||
|
P2P communication between Private Access Connector and Secure
Access Module
|
Peer's internet IP address
|
UDP: random port number, greater than 10000
|
√
|
√
|
|||