Views:
The following firewall exceptions apply to networks with:

Trend Vision One Authentication

Service
Region
Exceptions
Trend Vision One
  • All
  • signin.v1.trendmicro.com
  • tm.login.trendmicro.com
  • iamservice.trendmicro.com
  • Other custom IDP services
Google reCAPTCHA:
  • www.gstatic.com
  • fonts.gstatic.com
  • Plus one of the following:
    • www.google.com (recommended)
    • www.recaptcha.net

Endpoint Security Exceptions

Service / Agent
Region
Exceptions
Endpoint Sensor features
  • All
  • api-uk.xbc.trendmicro.com
  • release-us1.mgcp.trendmicro.com
  • support-connector-api.manage.trendmicro.com
  • supportconnectorpacks.manage.trendmicro.com
  • rpcollectedthings.manage.trendmicro.com
  • cloudendpoint-uk.mgcp.trendmicro.com
  • tgw-uk-mgcp.trendmicro.com
  • errs-uk-mgcp.trendmicro.com
  • er-ws-uk.xdr.trendmicro.com
  • endpointpolicy-cdn-uk.xbc.trendmicro.com/
  • files.trendmicro.com
  • ipv6-iaus.trendmicro.com
  • ipv6-iaus.activeupdate.trendmicro.com
  • iaus.activeupdate.trendmicro.com
  • iaus.trendmicro.com
  • xlogr-ew2.xdr.trendmicro.com
  • api.uk.xdr.trendmicro.com
  • api-cert.uk.xdr.trendmicro.com
  • upload.uk.xdr.trendmicro.com
Browser extension
Important
Important
Apply these exceptions if you enable the feature using Endpoint Sensor or the Web Reputation module in Standard Endpoint Protection.
  • All
  • clients2.google.com/service/update2/crx
  • edge.microsoft.com/extensionwebstorebase/v1/crx
Sandbox Analysis
  • All
  • sandbox-threatconnect.trendmicro.com
Standard Endpoint Protection features
  • United Kingdom
  • <console_DNS>.manage.trendmicro.com
  • licenseupdate.trendmicro.com
  • asm01-nabu-prod.aot.trendmicro.com
  • api-nabu.aot.trendmicro.com
  • osce14-p.activeupdate.trendmicro.com
  • tmsm35-p.activeupdate.trendmicro.com
  • activeupdate.trendmicro.com (new for agent ring usage)
  • aurd-test2.activeupdate.trendmicro.com
  • osce14.icrc.trendmicro.com
  • osce14-0-en.url.trendmicro.com
  • osce140-en.fbs25.trendmicro.com
  • osce14-en.gfrbridge.trendmicro.com
  • osce14-en-census.trendmicro.com
  • osce14bak-en-census.trendmicro.com
  • osce140-en-f.trx.trendmicro.com
  • oscecmp140-en-f.trx.trendmicro.com
  • osce140-en-b.trx.trendmicro.com
  • mcs.trendmicro.com
  • www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/
  • files.trendmicro.com (new for ring usage)
  • support-connector-api.manage.trendmicro.com
  • support-connector-service.manage.trendmicro.com
  • supportconnectorpacks.manage.trendmicro.com
  • rpcollectedthings.manage.trendmicro.com
macOS Agents:
  • tmsm35.icrc.trendmicro.com/ss
  • tmsm3-5-cs.url.trendmicro.com
  • tmsm3-5-de.url.trendmicro.com
  • tmsm3-5-en.url.trendmicro.com
  • tmsm3-5-es.url.trendmicro.com
  • tmsm3-5-fr.url.trendmicro.com
  • tmsm3-5-it.url.trendmicro.com
  • tmsm3-5-pl.url.trendmicro.com
  • tmsm3-5-tc.url.trendmicro.com
  • tmsm35-cs.gfrbridge.trendmicro.com
  • tmsm35-de.gfrbridge.trendmicro.com
  • tmsm35-en.gfrbridge.trendmicro.com
  • tmsm35-es.gfrbridge.trendmicro.com
  • tmsm35-fr.gfrbridge.trendmicro.com
  • tmsm35-it.gfrbridge.trendmicro.com
  • tmsm35-pl.gfrbridge.trendmicro.com
  • tmsm35-tc.gfrbridge.trendmicro.com
  • tmsm350-cs.fbs25.trendmicro.com
  • tmsm350-de.fbs25.trendmicro.com
  • tmsm350-en.fbs25.trendmicro.com
  • tmsm350-es.fbs25.trendmicro.com
  • tmsm350-fr.fbs25.trendmicro.com
  • tmsm350-it.fbs25.trendmicro.com
  • tmsm350-pl.fbs25.trendmicro.com
  • tmsm350-tc.fbs25.trendmicro.com
Server & Workload Protection features
  • All regions
  • files.trendmicro.com
  • iaus.activeupdate.trendmicro.com
  • iaus.trendmicro.com
  • ipv6-iaus.trendmicro.com
  • ipv6-iaus.activeupdate.trendmicro.com
  • dsaas1100-en-census.trendmicro.com
  • ds200-en.fbs25.trendmicro.com
  • ds200-jp.fbs25.trendmicro.com
  • dsaas.icrc.trendmicro.com
  • dsaas-en-f.trx.trendmicro.com
  • dsaas-en-b.trx.trendmicro.com
  • deepsecaas11-en.gfrbridge.trendmicro.com
  • dsaas.url.trendmicro.com
  • relay.deepsecurity.trendmicro.com
  • United Kingdom
In addition to the "All regions" exceptions:
  • workload.gb-1.cloudone.trendmicro.com
  • agents.workload.gb-1.cloudone.trendmicro.com
  • <agents-001 through agents-010>.workload.gb-1.cloudone.trendmicro.com
  • agent-comm.workload.gb-1.cloudone.trendmicro.com
  • dsmim.workload.gb-1.cloudone.trendmicro.com
  • relay.workload.gb-1.cloudone.trendmicro.com
  • xdr-resp-ioc.workload.gb-1.cloudone.trendmicro.com
FQDN/Firewall EIP Block:
  • workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27)
  • agents.workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27)
  • relay.workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27)
  • dsmim.workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27)
  • <agents-001 through agents-010>.workload.gb-1.cloudone.trendmicro.com (18.169.230.160/27, 18.98.162.128/27)
Zero Trust Secure Access Exceptions
Important
Important
You must also specify the exceptions for the Endpoint Sensor Agents.
Service
Region
Exceptions
Internet Access Service
  • All
  • auth.ztsa-iag.trendmicro.com
United Kingdom
  • pac.uk.ztsa-iag.trendmicro.com
  • auth.uk.ztsa-iag.trendmicro.com
Internet Access Cloud Gateway
  • All
  • proxy.ztsa-iag.trendmicro.com
  • United Kingdom
  • proxy-uk.eu.ztsa-iag.trendmicro.com
Internet Access On-Premises Gateway with Smart Protection Network: Off
  • All
  • xlogr-ec1.xdr.trendmicro.com
  • api.eu-central-1.eu.ddcloud.trendmicro.com
  • iwsh30-en.url.trendmicro.com
  • api-eu-central-1.crs.trendmicro.com
  • iwsh300-en.census.trendmicro.com
  • iwsaas30-en-f.trx.trendmicro.com
  • iwsh30-p.activeupdate.trendmicro.com
Internet Access On-Premises Gateway with Smart Protection Network: On
  • All
  • xlogr-ec1.xdr.trendmicro.com
  • api.eu-central-1.eu.ddcloud.trendmicro.com
  • ctapi.trendmicro.com
  • iwsh30-p.activeupdate.trendmicro.com
Private Access Connector
  • United Kingdom
  • agent-uk-rel.ztna.trendmicro.com
  • download-uk2-rel.ztna.trendmicro.com
  • saseztnaproduk2sagen2.blob.core.windows.net
  • saseztnaproduk2sa.blob.core.windows.net
  • sase-ztna-prod-uk2-iothub-cntevt.azure-devices.net
  • All
  • ztnaextacr.azurecr.io
  • 0.pool.ntp.org
  • 1.pool.ntp.org
  • 2.pool.ntp.org
  • 3.pool.ntp.org
Private Access Browser Access
United Kingdom
  • {Customer_Specified}.myapplications.uk2.ztna.trendmicro.com
  • {Customer_Specified}.edge.uk2.ztna.trendmicro.com
  • {Customer_Specified}.rdgw.uk2.ztna.trendmicro.com
Private Access Connector
(if not using the Trend Cloud Proxy service)
Australia
  • 20.5.69.128/28
Europe
  • 20.4.51.32/28
India
  • 20.219.254.160/28
Israel
  • 20.217.194.0/28
Japan
  • 52.140.246.128/28
Singapore
  • 52.187.118.64/28
United States
  • 20.7.52.240/28
Brazil
  • 4.228.193.144/28
MEA
  • 20.74.229.224/28
United Kingdom
20.0.229.192/28

Service Gateway Exceptions

Service
Region
Exceptions
Firmware
  • United Kingdom
  • sgi-tunneling.uk.xdr.trendmicro.com
  • sgi-iot.uk.xdr.trendmicro.com
  • api.uk.xdr.trendmicro.com
  • upload.uk.xdr.trendmicro.com
Smart Protection Network proxy: On
  • All
  • ctapi.trendmicro.com
Smart Protection Network proxy: Off
  • All
  • sg-tmsps10-en.url.trendmicro.com
  • sg-tmsps10-en-wis.trendmicro.com
  • sg-tmsps100-en-census.trendmicro.com
  • sg-tmsps100-en-domaincensus.trendmicro.com
  • grid-global.trendmicro.com
  • rest.mars.trendmicro.com
  • sg-tmsps10-en.gfrbridge.trendmicro.com
  • sg-tmsps10-p.activeupdate.trendmicro.com
Local ActiveUpdate
  • All
Refer to ActiveUpdate session of each product/agent

Trend Vision One Container Security

Service
Region
Exceptions
Artifact Scanner
  • United Kingdom
  • upload.artifactscan.gb-1.cloudone.trendmicro.com
  • report.artifactscan.gb-1.cloudone.trendmicro.com
  • artifactscan.gb-1.cloudone.trendmicro.com
  • cli.artifactscan.cloudone.trendmicro.com
  • antimalware.gb-1.cloudone.trendmicro.com
Runtime Security
  • United Kingdom
  • api.uk.xdr.trendmicro.com
  • vcs-iot-uk.xdr.trendmicro.com
  • vcs-storage-uk.xdr.trendmicro.com
    Note
    Note
    vcs-storage-uk.xdr.trendmicro.com is used by two services: Runtime Security and Inventory.
Runtime Malware Scanning
  • All
  • activeupdate.trendmicro.com
Inventory
  • United Kingdom
  • api.uk.xdr.trendmicro.com
  • vcs-storage-uk.xdr.trendmicro.com
    Note
    Note
    vcs-storage-uk.xdr.trendmicro.com is used by two services: Runtime Security and Inventory.
Default Container Image Access
  • All
  • public.ecr.aws

TippingPoint Exceptions

Service
Region
Exceptions
TippingPoint
Australia
  • a1mmnfkx71i3sj-ats.iot.ap-southeast-2.amazonaws.com
Europe
  • a1mmnfkx71i3sj-ats.iot.eu-central-1.amazonaws.com
India
  • a1mmnfkx71i3sj-ats.iot.ap-south-1.amazonaws.com
Japan
  • a1mmnfkx71i3sj-ats.iot.ap-northeast-1.amazonaws.com
Singapore
  • a1mmnfkx71i3sj-ats.iot.ap-southeast-1.amazonaws.com
United Kingdom
  • a1mmnfkx71i3sj-ats.iot.eu-west-2.amazonaws.com
United States
  • a1mmnfkx71i3sj-ats.iot.us-east-1.amazonaws.com

Network Inventory

Service
Region
Exceptions
Virtual Network Sensor
United Kingdom
  • api.uk.xdr.trendmicro.com

Trend Vision One Agentless Vulnerability & Threat Detection Exceptions

Service
Region
 Exceptions
Agentless Vulnerability and Threat Detection
United Kingdom
  • sentry.gb-1.cloudone.trendmicro.com
  • xlogr-ew2.xdr.trendmicro.com
  • googlecode.l.googleusercontent.com

Executive Dashboard

Service
region
Exceptions
XDR
All
  • download.xdr.trendmicro.com

Security Awareness

Service
Region
Exceptions
Phishing simulation and training campaign
United Kingdom
  • awareness.uk.xdr.trendmicro.com
  • saa-uk.phishinsight.trendmicro.com