Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Safelisting Trend Micro Apex One™ as a Service DNS Name and IPs

    • Updated:
    • 30 Aug 2021
    • Product/Version:
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service
    • Platform:
    • N/A
Summary

Due to security concerns, some organizations may rely on a safelisting approach to Internet communications. As Apex One as a Service relies on Internet communication for command and control management, the DNS Name/IPs used by Apex One as a Service may need to be approved to allow this communication.

Details
Public
 

Trend Micro recommends configuring your firewall Outbound filter rule to allow the following Apex One as a Service DNS Name, IPs, and URLs.

Some notes:

  • URLs with https are port 443 as is the standard.
  • Port 443 should be allowed.

Additionally, hostnames are not based on region but on the version of the product. This means that -en is for the English version, -es is for the Spanish (Espanol) version, -jp for the Japanese version, etc.

These hostnames all point to global CDNs, so they should always route to a nearby regional server.

Regardless of whether the servers are approved by DNS or IP, the following ports are used.

  • Apex One: TCP 443
  • Apex One (Mac):

    • For Agent Version 3.5.3.x and later: TCP 443
    • For Agent Version 3.5.2.x: TCP 8443

The recommended method of safelisting is by DNS name. Apex One as a Service resides on Microsoft’s Azure Cloud infrastructure. As such, there is not a set of IP or IPs that the Apex One as a Service server operates on. By approving the DNS name a large number of IP Subnets will not need to be approved as the IP can be dynamically approved based on DNS.

 
If your firewall does not support DNS whitelisting, kindly contact Trend Micro Technical Support and provide your Apex One as a Service URL and Apex Central as a Service URL.

Apex Central URL

Click the image to enlarge.

 

The first DNS name is the name for the management login. This can be found in the address bar when logging into Apex One as a Service.

Apex One

Apex One™ DNS

Two other required names are the Apex One server’s DNS Name and the Apex One (Mac) DNS Name.

To find the Apex One as a Service name:

  1. Log into the Apex One as a Service (Apex Central) web console.
  2. Click Directories.
  3. Click Product Servers.
  4. Verify that the Product is Apex One.

    Apex One Server Name

    Click the image to enlarge.

Apex One (Mac)

To find the Apex One (Mac) as a Service name:

  1. Log into the Apex One as a Service (Apex Central) web console.
  2. Click Directories.
  3. Click Product Servers.
  4. Verify that the Product is Apex One (Mac).

    Apex One (Mac) Server Name

    Click the image to enlarge.

Apex One as a Service resides in Microsoft’s Azure Cloud infrastructure. As such, there is not a set of IP or IPs that the Apex One as a Service server operates on.

Currently, Apex One as a Service resides in several regions of the Azure Cloud. Microsoft provides a list of their datacenter IP ranges that can be used for safelisting in JSON format.

Microsoft Azure Datacenter IP Ranges

From this page, you can download the current Microsoft provided Public IP list. Customers only need to import the following Region Name in IP Range file:

  • "name": "AzureCloud.australiaeast"
  • "name": "AzureCloud.centralus"
  • "name": "AzureCloud.westeurope"
  • "name": "AzureCloud.southeastasia"
  • “name”: "AzureCloud.japaneast"
  • “name”: "AzureCloud.canadacentral"
  • “name”: "AzureCloud.centralindia"

The following URLs will also need to be available for the agents:

 
  • The following services were using CDN (Content Delivery Network) as cache so no static IPs can be provided.
  • Some URLs are accessed depending on which product localization is used. If you are using English version, only the “*-en” URLs need to be approved.
  • Apex One as a Service with Trend Micro Vision One

    For customers who would like to integrate Apex One as a Service with Trend Micro Vision One Add-on services, the following common URLs need to be allowed for the server and agents:

    • *.xdr.trendmicro.com
    • *.xbc.trendmicro.com
    • *.mgcp.trendmicro.com
    • *.mdr.trendmicro.com

    In addition, the following address should be allowed for agents uploading activity data up to datalake:

    Data Center LocationURL
    North Americaxdr2-nabu-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ue1.xdr.trendmicro.com
    pgw-us1.mgcp.a1q7.net
    Europexdr2-emea-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ec1.xdr.trendmicro.com
    pgw-eu1.mgcp.a1q7.net
    Japanxdr2-japan-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ane1.xdr.trendmicro.com
    pgw-ap2.mgcp.a1q7.net
    Singaporexdr2-sg-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ase1.xdr.trendmicro.com
    pgw-ap3.mgcp.a1q7.net
    Australiaxdr2-au-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ase2.xdr.trendmicro.com
    pgw-ap4.mgcp.a1q7.net
    Indiaxdr2-in-prod-prorca.etdl.trendmicro.com:8080
    xlogr-as1.xdr.trendmicro.com
    pgw-ap5.mgcp.a1q7.net
  • Apex One Telemetry
    • asm01-nabu-prod.aot.trendmicro.com
    • asm01-emea-prod.aot.trendmicro.com
    • api-nabu.aot.trendmicro.com
    • api-emea.aot.trendmicro.com
  • ActiveUpdate - https://osce14-p.activeupdate.trendmicro.com/activeupdate
  • Global Smart Scan Server - https://osce14.icrc.trendmicro.com/tmcss
  • License Server - https://licenseupdate.trendmicro.com/ollu/license_update.aspx
  • PR Feedback Server - https://licenseupdate.trendmicro.com/fb/bifconnect.ashx
  • Web Rating Server
    • osce14-0-en.url.trendmicro.com
    • osce14-0-jp.url.trendmicro.com
    • osce14-0-tc.url.trendmicro.com
    • osce14-0-de.url.trendmicro.com
    • osce14-0-fr.url.trendmicro.com
    • osce14-0-sp.url.trendmicro.com
    • osce14-0-ru.url.trendmicro.com
    • osce14-0-it.url.trendmicro.com
    • osce14-0-po.url.trendmicro.com
    • osce14-0-kr.url.trendmicro.com
  • Smart Feedback
    • osce140-de.fbs25.trendmicro.com
    • osce140-en.fbs25.trendmicro.com
    • osce140-es.fbs25.trendmicro.com
    • osce140-fr.fbs25.trendmicro.com
    • osce140-jp.fbs25.trendmicro.com
    • osce140-pl.fbs25.trendmicro.com
    • osce140-it.fbs25.trendmicro.com
    • osce140-ru.fbs25.trendmicro.com
    • osce140-tc.fbs25.trendmicro.com
    • osce140-kr.fbs25.trendmicro.com
  • NFC Server
    • osce14-en.gfrbridge.trendmicro.com
    • osce14-jp.gfrbridge.trendmicro.com
    • osce14-tc.gfrbridge.trendmicro.com
    • osce14-kr.gfrbridge.trendmicro.com
    • osce14-de.gfrbridge.trendmicro.com
    • osce14-fr.gfrbridge.trendmicro.com
    • osce14-it.gfrbridge.trendmicro.com
    • osce14-es.gfrbridge.trendmicro.com
    • osce14-ru.gfrbridge.trendmicro.com
    • osce14-po.gfrbridge.trendmicro.com
  • Census server
    • https://osce14-en-census.trendmicro.com
    • https://osce14-de-census.trendmicro.com
    • https://osce14-fr-census.trendmicro.com
    • https://osce14-es-census.trendmicro.com
    • https://osce14-it-census.trendmicro.com
    • https://osce14-pl-census.trendmicro.com
    • https://osce14-ru-census.trendmicro.com
    • https://osce14-jp-census.trendmicro.com
    • https://osce14-kr-census.trendmicro.com
    • https://osce14-tc-census.trendmicro.com
  • Census server (Backup)
    • osce14bak-en-census.trendmicro.com
    • osce14bak-de-census.trendmicro.com
    • osce14bak-es-census.trendmicro.com
    • osce14bak-fr-census.trendmicro.com
    • osce14bak-it-census.trendmicro.com
    • osce14bak-jp-census.trendmicro.com
    • osce14bak-kr-census.trendmicro.com
    • osce14bak-pl-census.trendmicro.com
    • osce14bak-ru-census.trendmicro.com
    • osce14bak-sc-census.trendmicro.com
    • osce14bak-tc-census.trendmicro.com
  • Predictive Machine Learning (File)
    • osce140-en-f.trx.trendmicro.com
    • osce140-de-f.trx.trendmicro.com
    • osce140-es-f.trx.trendmicro.com
    • osce140-fr-f.trx.trendmicro.com
    • osce140-it-f.trx.trendmicro.com
    • osce140-jp-f.trx.trendmicro.com
    • osce140-kr-f.trx.trendmicro.com
    • osce140-pl-f.trx.trendmicro.com
    • osce140-ru-f.trx.trendmicro.com
    • osce140-tc-f.trx.trendmicro.com
  • Predictive Machine Learning (Behavior)
    • osce140-en-b.trx.trendmicro.com
    • osce140-de-b.trx.trendmicro.com
    • osce140-es-b.trx.trendmicro.com
    • osce140-fr-b.trx.trendmicro.com
    • osce140-it-b.trx.trendmicro.com
    • osce140-jp-b.trx.trendmicro.com
    • osce140-kr-b.trx.trendmicro.com
    • osce140-pl-b.trx.trendmicro.com
    • osce140-ru-b.trx.trendmicro.com
    • osce140-tc-b.trx.trendmicro.com
  • Predictive Machine Learning (Co-Exist Mode)
    • oscecmp140-de-f.trx.trendmicro.com
    • oscecmp140-en-f.trx.trendmicro.com
    • oscecmp140-es-f.trx.trendmicro.com
    • oscecmp140-fr-f.trx.trendmicro.com
    • oscecmp140-it-f.trx.trendmicro.com
    • oscecmp140-jp-f.trx.trendmicro.com
    • oscecmp140-kr-f.trx.trendmicro.com
    • oscecmp140-pl-f.trx.trendmicro.com
    • oscecmp140-ru-f.trx.trendmicro.com
    • oscecmp140-tc-f.trx.trendmicro.com
Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
1119967
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.