Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

URLs to be allowed through the firewall of Trend Micro XDR

    • Updated:
    • 27 Jul 2020
    • Product/Version:
    • Trend Micro XDR All
    • Platform:
    • N/A
Summary

This article lists the different addresses and ports of the services used by Trend Micro XDR that should have the "Allow" rule on firewall.

Details
Public

The following list contains the addresses and ports that should be allowed through the firewall:

Complimentary XDR

For customers who have never had a Full/Trial iES license or EDR license can get complimentary XDR licenses for 10% of the licensed seats.

The following common URLs will need to be available for the server and agents:

  • *.xdr.trendmicro.com:443
  • *.xbc.trendmicro.com:443
  • *.mgcp.trendmicro.com:443
  • *.manage.trendmicro.com:443

Paid XDR

For customers who have Apex One as a Service, Cloud App Security, Cloud One - Workload Security, Deep Discovery Director with corresponded paid XDR Add-on.

Apex One Apex One as a Service

If customer's Apex One SaaS is integrated with Trend Micro XDR, the following address should be allowed for agents uploading activity data up to datalake:

  • *.etdl.trendmicro.com:443

As for accessing the Apex One SaaS manage portal, and the communication between server and agent, refer to KB 1119967.

Cloud App Security

If customer integrates Cloud App Security with Trend Micro XDR, no additional URL need to be allowed.

As for access the Cloud App Security's manage portal, the following URL should be available to customer:

  • *.tmcas.trendmicro.com:443

CloudOne Workload Security

If customer integrates with Trend Micro XDR with Cloud One - Workload Security, the agent basically utilizes the existing connection to the manager.

For URLs that should be allowed between agent and manager or backend services, refer to the Workload Security URLs section in the Cloudone Documentation page.

Deep Discovery

If customer integrates with Trend Micro XDR with Deep Discovery Director On-Prem, the extra addresses should be allowed are the following:

  • *.xdr.trendmicro.com:443
  • *.nacloud.trendmicro.com:443

If customer integrates with Trend Micro XDR with Deep Discovery Director Cloud, the extra addresses should be allowed are the following:

  • *.xdr.trendmicro.com:443
  • *.nacloud.trendmicro.com:443
  • *.dddxdr.trendmicro.com:443

For more details, refer to the KB article: URLs to be allowed through the firewall of Deep Discovery Inspector (DDI) 5.6 Service Pack 1 (SP1).

Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000260744
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.