The following list contains the addresses and ports that should be in the Allow list to allow access through the firewall:

• ddi56-p.activeupdate.trendmicro.com:443
• grid-global.trendmicro.com:443
• ddaaas.trendmicro.com:443
• ddi560-en-domaincensus.trendmicro.com:443
• ddi560-en-census.trendmicro.com:443
• licenseupdate.trendmicro.com:443
• rest.mars.trendmicro.com:443
• ddi56-en-f.trx.trendmicro.com:443
• intelliconnect.trendmicro.com:443
• ddi56-retroscan.trendmicro.com:443
• ddi560-en.fbs25.trendmicro.com:80
• ddi56-threatconnect.trendmicro.com:443
• ddi5-6-en-wis.trendmicro.com:443
• ddi5-6-en.url.trendmicro.com:443
• ddi5-6-en-t0.url.trendmicro.com:443

If you are using the vDDI and have enabled the Deep Discovery Analyzer as a Service Add-on (A hosted service that analyze possible threats), the following addresses should also be in the Allow list:

• api.ddcloud.trendmicro.com:443
• api.us-east-1.en.ddcloud.trendmicro.com:443
• api.eu-central-1.eu.ddcloud.trendmicro.com:443

If DDI integrate with Deep Discovery Director-Network Analytics as a Service, the following addresses should also be in the Allow list:

• api.nacloud.trendmicro.com:443
• api.us.nacloud.trendmicro.com:443
• api.eu.nacloud.trendmicro.com:443

It is highly recommended to test communications with Trend Micro backend services via the Network Service Diagnostics feature.

To run the Network Service Diagnostics, go to https://DDI_IP/html/troubleshooting.htm then click Network Service Diagnostics > Test.

For more service addresses and ports used by DDI 5.6 EN, refer to Appendix D of the official Administration Guide.