The following list contains the addresses and ports that should be whitelisted to allow access through the firewall:

• ddi51-p.activeupdate.trendmicro.com:443
• grid-global.trendmicro.com:443
• ddaaas.trendmicro.com:443
• ddi510-en-domaincensus.trendmicro.com:443
• ddi510-en-census.trendmicro.com:443
• licenseupdate.trendmicro.com:443
• rest.mars.trendmicro.com:443
• ddi51-en-f.trx.trendmicro.com:443
• intelliconnect.trendmicro.com:443
• ddi51-retroscan.trendmicro.com:443
• ddi510-en.fbs25.trendmicro.com:80
• ddi51-threatconnect.trendmicro.com:443
• ddi5-1-en-wis.trendmicro.com:443
• ddi5-1-en.url.trendmicro.com:443

If you are using the vDDI and have enabled the Deep Discovery Analyzer as a Service Add-on (A hosted service that analyze possible threats), the following addresses should also be whitelisted:

• api.ddcloud.trendmicro.com:443
• api.en.ddcloud.trendmicro.com:443
• api.eu.ddcloud.trendmicro.com:443

It is highly recommended to test communications with Trend Micro backend services via the Network Service Diagnostics feature.

To run the Network Service Diagnostics, go to https://DDI_IP/html/troubleshooting.htm then click Network Service Diagnostics > Test.

Click image to enlarge

For more service addresses and ports used by DDI 5.1 EN, refer to Appendix D of the offical Administration Guide.