Service
|
FQDN
|
Description
|
Assessment Service
|
https://assessment-us1.mgcp.trendmicro.com |
Back-end server
|
https://release-us1.mgcp.trendmicro.com |
Assessment tool download
|
|
https://cti-us1.mgcp.trendmicro.com |
Windows CTI rules download
|
|
Download Center
|
download.xdr.trendmicro.com |
Download center for XDR customer
|
Endpoint Basecamp
|
api-us1.xbc.trendmicro.com/ |
Endpoint Basecamp API gateway
|
wsc-us1.xbc.trendmicro.com/ |
Custom domain for WSC persistent connection
|
|
tgw-us1.mgcp.trendmicro.com/ |
Cloud endpoint telemetry agent API
Gateway
|
|
release-us1.mgcp.trendmicro.com |
Download center for endpoint release
package
|
|
support-connector-api.manage.trendmicro.com |
For SCP API connection
|
|
supportconnectorpacks.manage.trendmicro.com |
Download center for SCP package
|
|
rpcollectedthings.manage.trendmicro.com |
To upload SCP result
|
|
Endpoint Inventory
|
cloudendpoint-us1.mgcp.trendmicro.com |
Agent Portal API Gateway
|
release-us1.mgcp.trendmicro.com |
Download center for endpoint release
package
|
|
supportconnectorpacks.manage.trendmicro.com |
Download center for iES tool and
LogCounter
|
|
Endpoint Response
|
er-ws-ue1.xdr.trendmicro.com/ |
API Gateway
|
era-ue1.xdr.trendmicro.com/ |
ELB FQDN
|
|
Endpoint Policies
|
endpointpolicy-cdn-us1.xbc.trendmicro.com |
Policy content download Cloudfront CDN
|
Endpoint Sensor
|
https://files.trendmicro.com |
Download center for XDR Linux Sensor Kernel
Module
|
Feedback Service
|
matomo.xdr.trendmicro.com |
User feedback collection
|
IDP
|
tm.login.trendmicro.com iamservice.trendmicro.com www.google.com (Google
Recaptcha)www.gstatic.com (Google
Recaptcha) |
Trend Micro login service for Trend Vision One and Customer
Licensing Portal
|
IDP (Legacy)
|
tm.xdr.trendmicro.com |
SSO authentication service (Legacy, redirect to
tm.login.trendmicro.com)
|
IDP (UIC)
|
login.xdr.trendmicro.com |
SSO authentication service
|
In-App Guides
|
data.analytics.trendmicro.com/ |
Provides in-app guides and customer feedback
data
|
content.analytics.trendmicro.com |
Guide content
|
|
Log Receiver
|
xlogr-ue1.xdr.trendmicro.com |
XDR log receiver service
|
Mobile Security
|
portal.mobile.trendmicro.com |
Application gateway FQDN for Mobile apps
|
rest-g.mars.trendmicro.com |
Mobile application reputation smart query for mobile
enterprise security
|
|
mint.mars.trendmicro.com |
Mobile OS vulnerability query for mobile
enterprise security
|
|
rest-g-au.mars.trendmicro.com |
Mobile pattern update for mobile enterprise security
|
|
Network Inventory
|
api-ni.xdr.trendmicro.com/ |
DDI registration to Network Inventory
|
portal-01.dddxdr.trendmicro.com portal-02.dddxdr.trendmicro.com |
portal-* for traditional DDD cloud console and DDI
registration
|
|
Portal (UIC)
|
portal.xdr.trendmicro.com |
Major portal access to XDR console
|
Risk Insights Log Receiver (Legacy)
|
ingestor-us.xdr.trendmicro.com |
Log receiver for third-parties using the
Trend Micro Risk Insights for Splunk app (migrating to unified log receiver)
|
Sandbox Analysis
|
sandbox-threatconnect.trendmicro.com |
Provides a web encyclopedia for threat
objects
|
upload.xdr.trendmicro.com |
Sandbox analysis package file download
|
|
Service Platform
|
api.xdr.trendmicro.com api-cert.xdr.trendmicro.com |
Public API and other connection services
|
Upload Center
|
upload.xdr.trendmicro.com |
File collection or other services that operate by customer
to upload files to XDR
|
Apex One as a Service FQDNs
Description
|
FQDN
|
Apex One SaaS console DNS (refer to license email)
|
<console_DNS>.manage.trendmicro.com |
License server
|
licenseupdate.trendmicro.com |
ActiveUpdate server: Windows
|
osce14-p.activeupdate.trendmicro.com/activeupdate |
ActiveUpdate server: Mac
|
tmsm35-p.activeupdate.trendmicro.com/activeupdate |
ActiveUpdate server: Toolbox
|
toolbox10-p.activeupdate.trendmicro.com/activeupdate |
Apex One Telemetry Service
|
asm01-nabu-prod.aot.trendmicro.com api-nabu.aot.trendmicro.com |
Global Smart Scan Server for Apex One Agent
|
osce14.icrc.trendmicro.com/tmcss |
Web Rating Service for Apex One Agent
|
osce14-0-en.url.trendmicro.com |
Smart Feedback for Apex One Agent
|
osce140-en.fbs25.trendmicro.com |
Goodware File Reputation Service for Apex One Agent
|
osce14-en.gfrbridge.trendmicro.com |
Community File Reputation Service for Apex One Agent
|
osce14-en-census.trendmicro.com |
Predictive Machine Learning (File) for Apex
One Agent
|
osce140-en-f.trx.trendmicro.com |
Predictive Machine Learning (Behavior) for
Apex One Agent
|
osce140-en-b.trx.trendmicro.com |
MacOS threat smart query
|
mcs.trendmicro.com |
Service Gateway FQDNs
Description
|
Service Gateway Version
|
FQDN
|
Smart Protection Network (SPN) Proxy for Smart
Protection Services
|
2.0 and later
|
ctapi.trendmicro.com |
Remote Shell for
Troubleshooting Service Gateway
|
2.0 and later
|
sgi-tunneling.xdr.trendmicro.com |
Setting Synchronization for Service
Gateway
|
2.0 and later
|
sgi-iot.xdr.trendmicro.com |
Web Reputation Service for Smart Protection
Services
|
All versions
|
sg-tmsps10-en.url.trendmicro.com |
Web Inspection Service for Smart Protection
Services
|
All versions
|
sg-tmsps10-en-wis.trendmicro.com |
Community File Reputation Service for Smart
Protection Services
|
All versions
|
sg-tmsps100-en-census.trendmicro.com |
Community Domain/IP Reputation Service for Smart
Protection Services
|
All versions
|
sg-tmsps100-en-domaincensus.trendmicro.com |
Certified Safe Software Service for Smart Protection
Services
|
All versions
|
grid-global.trendmicro.com |
Mobile App Reputation Service for Smart Protection
Services
|
All versions
|
rest.mars.trendmicro.com |
Goodware File Reputation Service for Smart
Protection Services
|
All versions
|
sg-tmsps10-en.gfrbridge.trendmicro.com |
Service Gateway internal Smart Protection Server
|
All versions
|
sg-tmsps10-p.activeupdate.trendmicro.com/activeupdate/ |
Firmware update for Service Gateway virtual
appliance
|
1.0
|
ue1-external.asg.xdr.trendmicro.com |
Services update for Service Gateway virtual
appliance, such as Smart Protection Services, ActiveUpdate service, SO List synch
service and Third-party intelligence sync service etc.
|
1.0
|
049597112809.dkr.ecr.us-east-1.amazonaws.com |
Notification/push channel for Service
Gateway virtual appliance.
|
1.0
|
a1v3de23inj3up-ats.iot.us-east-1.amazonaws.com |
Debug log collection via CLI and firmware
update package for Service Gateway virtual appliance.
|
1.0
|
us-v1-sg-cdt-log.s3.us-east-1.amazonaws.com |
Global ActiveUpdate URLs for Service Gateway
Product/Service
|
Version
|
ActiveUpdate URL
|
Apex One
|
All versions
|
osce14-p.activeupdate.trendmicro.com/activeupdate |
Deep Discovery Inspector
|
For all versions, replace "<version>" in the FQDN with your
Deep Discovery Inspector version number without the period.
For example, if your Deep Discovery Inspector
version is 6.5, use the FQDN:
ddi65-p.activeupdate.trendmicro.com/activeupdate |
ddi<version>-p.activeupdate.trendmicro.com/activeupdate |
6.2
|
ddi62-p.activeupdate.trendmicro.com/activeupdate |
|
6.0
|
ddi60-p.activeupdate.trendmicro.com/activeupdate |
|
5.8
|
ddi58-p.activeupdate.trendmicro.com/activeupdate |
|
5.7
|
ddi57-p.activeupdate.trendmicro.com/activeupdate |
|
5.6
|
ddi56-p.activeupdate.trendmicro.com/activeupdate |
|
Deep Security
|
All versions
|
ipv6-iaus.trendmicro.com/iau_server.dll |
OfficeScan
|
XG
|
osce12-p.activeupdate.trendmicro.com/activeupdate |
11.0
|
osce11-p.activeupdate.trendmicro.com/activeupdate |
Zero Trust Secure Access FQDNs/IP Addresses
Description
|
FQDN/IP Address
|
Port
|
Used By
|
||||
Internet Access - Client Access
|
Internet Access - PAC Mode
|
Private Access - Client Access
|
Private Access - Browser Access
|
Private Access Connector
|
|||
Secure Access Module download and upgrade
|
prod.ztsaagent.trendmicro.com |
TCP: 443
|
√
|
√
|
|||
Secure Access Module User Behavior Tracking data
feedback
|
event-us.ztsaagent.trendmicro.com |
TCP: 443
|
√
|
√
|
|||
Secure Access Module debug log upload
|
upload.xdr.trendmicro.com |
TCP: 443
|
√
|
√
|
|||
Internet Access Gateway Proxy Address
|
proxy.ztsa-iag.trendmicro.com proxy.us.ztsa-iag.trendmicro.com proxy.ztsa-iag.trendmicro.com proxy-or.us.ztsa-iag.trendmicro.com (for Oregon)proxy-br.us.ztsa-iag.trendmicro.com (for Brazil)proxy-co.us.ztsa-iag.trendmicro.com (for Columbia) |
TCP: 80/443
|
√
|
√
|
|||
Internet Access On-Premises Gateway (via Service Gateway)
Proxy Address
|
FQDN or IP address of the on-premise gateway
|
TCP: 8088
|
√
|
√
|
|||
Internet Access On-Premises Gateway (via Service Gateway) NTLM
Auth Proxy Address
|
FQDN or IP address of the on-premise gateway
|
TCP: 8089
|
√
|
√
|
|||
Internet Access On-Premises Gateway (via Service Gateway) ICAP
Service Address
|
FQDN or IP address of the on-premise gateway
|
TCP: 1344/11344
|
|||||
Internet Access Gateway PAC file location
|
pac.us.ztsa-iag.trendmicro.com |
TCP: 80/443
|
√
|
√
|
|||
General authentication services
|
Google reCAPTCHA:
|
TCP: 443
|
|||||
Internet Access Gateway authentication service
used for:
|
auth.ztsa-iag.trendmicro.com auth.us.ztsa-iag.trendmicro.com |
TCP: 80/443
|
√
|
||||
Private Access service accessed by Secure Access Module
and Private Access Connector
|
agent-us-rel.ztna.trendmicro.com |
TCP: 443
|
√
|
√
|
√
|
√
|
|
Private Access Connector download by users
|
download-us-rel.ztna.trendmicro.com |
TCP: 443
|
|||||
Private Access Connector CDT collect
|
saseztnaprodussagen2.blob.core.windows.net |
TCP: 443
UDP: 443
|
√
|
||||
Private Access Connector firmware upgrade
|
saseztnaprodussa.blob.core.windows.net ztnaextacr.azurecr.io |
TCP: 443
UDP: 443
|
√
|
||||
Microsoft Azure IoT Hub
|
sase-ztna-prod-us-iothub-cntevt.azure-devices.net |
TCP: 443
UDP: 443
|
√
|
√
|
|||
Speed test for Secure Access Module, Private Access Connector,
and Private Access User Portal
|
Private Access Connector automatically selects the site that
has the lowest network latency. If you have configured firewalls, Trend Micro
recommends adding all of the following FQDNs:
|
TCP: 443
|
√
|
√
|
√
|
||
Private Access Static IP Pool of Cloud Relay Service
|
Private Access Connector automatically selects the site that
has the lowest network latency. If you have configured firewalls, Trend Micro
recommends adding all of the following IP pools:
|
TCP: 443
UDP: 443
|
√
|
√
|
√
|
||
Private Access Browser Access End User Portal
|
{Customer_Specified}.myapplications.us.ztna.trendmicro.com |
TCP: 443
|
√
|
||||
Private Access Browser Access Proxy
|
{Customer_Specified}.edge.us.ztna.trendmicro.com |
TCP: 443
TCP: 80
|
√
|
||||
Private Access Browser Access Proxy for Remote Desktop
(RDP)
|
{Customer_Specified}.rdgw.us.ztna.trendmicro.com |
TCP: 443
TCP: 80
|
√
|
||||
Private Access Connector NTP server
|
Default NTP servers are listed as follows. You can configure
your own NTP servers.
|
UDP: 123
|
√
|
||||
P2P communication between Private Access Connector and Secure
Access Module
|
Peer's internet IP address
|
UDP: random port number, greater than 10000
|
√
|
√
|