Trend Micro - Securing Your Journey to the Cloud 企業用戶技術支援
Sign In with your
Trend Micro Account
需要協助?
需要協助?

若您需要技術支援,請 按此建立案件。

將Trend Micro Apex One™ as a Service使用的DNS名稱與IP位址列入安全存取清單

    • 更新於:
    • 9 Aug 2023
    • 產品/版本:
    • Apex One as a Service
    • Apex One as a Service
    • Apex One as a Service 2019
    • 作業系統:
概要

有些單位基於資安的考量,會透過建立安全的連線清單才能進行通訊。 作為提供雲端服務的Apex One™ as a Service十分依賴網路連線的方式去進行指令與控制管理,因此為了能讓Apex One™ as a Service正常運作,需要開放其經常使用到的DNS 名稱與IP位址進行通訊。

詳情
Public
 

趨勢科技建議設定以下防火牆Outbound過濾規則,允許Apex One as a Service 使用的相關DNS名稱、IP位置與URL。

注意事項:

  • 使用Https的網址標準的通訊埠是443
  • 請允許443通訊埠能使用

此外,主機名稱不是基於地區,而是基於產品的版本。 這表示-en是英文版,-es是西班牙文版(Espanol),-jp是日文版 ,等等。

這些主機名稱都指向全域CDN,因此它們會路由到較鄰近的區域伺服器。

伺服器不管是通過DNS解析或是IP位置,都將使用以下端口

  • Apex One: TCP 443

  • Apex One (Mac):

    • 對於用戶端版本 3.5.3.x 及更高版本:TCP 443
    • 對於用戶端版本 3.5.2.x:TCP 8443

推薦的安全清單方法是按照DNS名稱。Apex One as a Service 使用 Microsoft 的 Azure Cloud基礎架構上。 因此,Apex One as a Service不存在運行一組或多個IP。通過允許的DNS名稱, 將無須另外允許大量IP子網,因為可以透過DNS動態解析IP位置。

 
如果您的防火牆不支援DNS白名單,請聯繫趨勢科技技術支援 並提供您的Apex One as a Service URL與Apex Central as a Service URL

Apex Central URL

Click the image to enlarge.

 

第一個DNS名稱是管理介面的登入名稱,這可以在登入Apex One as a Service的時候在網址欄中找到。

Apex One

Apex One™ DNS

另外兩個必需的名稱是Apex One服務器的DNS名稱與Apex One (Mac)DNS名稱。

以下是查找Apex One as a Service名稱步驟:

  1. 登入Apex One as a Service (Apex Central) 網頁主控台
  2. 點擊Directories.
  3. 點擊Product Servers.
  4. 核對產品是Apex One

    Apex One Server Name

    Click the image to enlarge.

Apex One (Mac)

以下是查找Apex One (Mac) as a Service名稱步驟:

  1. 登入Apex One as a Service (Apex Central)網頁主控台
  2. 點擊Directories.
  3. 點擊Product Servers.
  4. 核對產品是Apex One (Mac)

    Apex One (Mac) Server Name

    Click the image to enlarge.

Apex One as a Service 使用在 Microsoft 的 Azure Cloud基礎架構中。 因此,Apex One as a Service不存在運行一組或多個IP。

Apex One as a Service目前使用在Azure Cloud的多個區域, Microsoft 有提供JSON格式的安全清單做使用,這裡面包含了他們的數據中心的IP位址範圍。

Microsoft Azure Datacenter IP Ranges

從Microsoft下載的ServiceTags_Public_檔案中,您可以得到當前 Microsoft 提供的公共 IP 列表,您只需在IP列表中導入以下區域名稱:

  • "name": "AzureCloud.australiaeast"
  • "name": "AzureCloud.centralus"
  • "name": "AzureCloud.westeurope"
  • "name": "AzureCloud.southeastasia"
  • “name”: "AzureCloud.japaneast"
  • “name”: "AzureCloud.canadacentral"
  • “name”: "AzureCloud.centralindia"

還需要允許用戶端存取以下URL:

 
  • • 以下服務使用 CDN(Content Delivery Network)作為緩存,因此無法提供靜態 IP。
  • • 某些URL的訪問取決於所使用的產品的當地語系。如果您使用的是英文版本,則只需要准許“*-en”網址。

下列URL是與Trend Micro Vision One 有關的後端服務,Apex One Saas用戶端會連線到這些位址:

  • *.xdr.trendmicro.com
  • *.xbc.trendmicro.com
  • *.mgcp.trendmicro.com
  • *.mdr.trendmicro.com

  • 並請允許用戶端透過以下地址上 傳活動數據到數據中心:

    Data Center LocationURL
    North Americaxdr2-nabu-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ue1.xdr.trendmicro.com
    pgw-us1.mgcp.a1q7.net
    Europexdr2-emea-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ec1.xdr.trendmicro.com
    pgw-eu1.mgcp.a1q7.net
    Japanxdr2-japan-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ane1.xdr.trendmicro.com
    pgw-ap2.mgcp.a1q7.net
    Singaporexdr2-sg-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ase1.xdr.trendmicro.com
    pgw-ap3.mgcp.a1q7.net
    Australiaxdr2-au-prod-prorca.etdl.trendmicro.com:8080
    xlogr-ase2.xdr.trendmicro.com
    pgw-ap4.mgcp.a1q7.net
    Indiaxdr2-in-prod-prorca.etdl.trendmicro.com:8080
    xlogr-as1.xdr.trendmicro.com
    pgw-ap5.mgcp.a1q7.net
  • Apex One Telemetry
    • asm01-nabu-prod.aot.trendmicro.com
    • asm01-emea-prod.aot.trendmicro.com
    • api-nabu.aot.trendmicro.com
    • api-emea.aot.trendmicro.com
  • ActiveUpdate - https://osce14-p.activeupdate.trendmicro.com/activeupdate
  • Global Smart Scan Server - https://osce14.icrc.trendmicro.com/tmcss
  • License Server - https://licenseupdate.trendmicro.com/ollu/license_update.aspx
  • PR Feedback Server - https://licenseupdate.trendmicro.com/fb/bifconnect.ashx
  • Web Rating Server
    • osce14-0-en.url.trendmicro.com
    • osce14-0-jp.url.trendmicro.com
    • osce14-0-tc.url.trendmicro.com
    • osce14-0-de.url.trendmicro.com
    • osce14-0-fr.url.trendmicro.com
    • osce14-0-sp.url.trendmicro.com
    • osce14-0-ru.url.trendmicro.com
    • osce14-0-it.url.trendmicro.com
    • osce14-0-po.url.trendmicro.com
    • osce14-0-kr.url.trendmicro.com
  • Smart Feedback
    • osce140-de.fbs25.trendmicro.com
    • osce140-en.fbs25.trendmicro.com
    • osce140-es.fbs25.trendmicro.com
    • osce140-fr.fbs25.trendmicro.com
    • osce140-jp.fbs25.trendmicro.com
    • osce140-pl.fbs25.trendmicro.com
    • osce140-it.fbs25.trendmicro.com
    • osce140-ru.fbs25.trendmicro.com
    • osce140-tc.fbs25.trendmicro.com
    • osce140-kr.fbs25.trendmicro.com
  • NFC Server
    • osce14-en.gfrbridge.trendmicro.com
    • osce14-jp.gfrbridge.trendmicro.com
    • osce14-tc.gfrbridge.trendmicro.com
    • osce14-kr.gfrbridge.trendmicro.com
    • osce14-de.gfrbridge.trendmicro.com
    • osce14-fr.gfrbridge.trendmicro.com
    • osce14-it.gfrbridge.trendmicro.com
    • osce14-es.gfrbridge.trendmicro.com
    • osce14-ru.gfrbridge.trendmicro.com
    • osce14-po.gfrbridge.trendmicro.com
  • Census server
    • https://osce14-en-census.trendmicro.com
    • https://osce14-de-census.trendmicro.com
    • https://osce14-fr-census.trendmicro.com
    • https://osce14-es-census.trendmicro.com
    • https://osce14-it-census.trendmicro.com
    • https://osce14-pl-census.trendmicro.com
    • https://osce14-ru-census.trendmicro.com
    • https://osce14-jp-census.trendmicro.com
    • https://osce14-kr-census.trendmicro.com
    • https://osce14-tc-census.trendmicro.com
  • Census server (Backup)
    • osce14bak-en-census.trendmicro.com
    • osce14bak-de-census.trendmicro.com
    • osce14bak-es-census.trendmicro.com
    • osce14bak-fr-census.trendmicro.com
    • osce14bak-it-census.trendmicro.com
    • osce14bak-jp-census.trendmicro.com
    • osce14bak-kr-census.trendmicro.com
    • osce14bak-pl-census.trendmicro.com
    • osce14bak-ru-census.trendmicro.com
    • osce14bak-sc-census.trendmicro.com
    • osce14bak-tc-census.trendmicro.com
  • Predictive Machine Learning (File)
    • osce140-en-f.trx.trendmicro.com
    • osce140-de-f.trx.trendmicro.com
    • osce140-es-f.trx.trendmicro.com
    • osce140-fr-f.trx.trendmicro.com
    • osce140-it-f.trx.trendmicro.com
    • osce140-jp-f.trx.trendmicro.com
    • osce140-kr-f.trx.trendmicro.com
    • osce140-pl-f.trx.trendmicro.com
    • osce140-ru-f.trx.trendmicro.com
    • osce140-tc-f.trx.trendmicro.com
  • Predictive Machine Learning (Behavior)
    • osce140-en-b.trx.trendmicro.com
    • osce140-de-b.trx.trendmicro.com
    • osce140-es-b.trx.trendmicro.com
    • osce140-fr-b.trx.trendmicro.com
    • osce140-it-b.trx.trendmicro.com
    • osce140-jp-b.trx.trendmicro.com
    • osce140-kr-b.trx.trendmicro.com
    • osce140-pl-b.trx.trendmicro.com
    • osce140-ru-b.trx.trendmicro.com
    • osce140-tc-b.trx.trendmicro.com
  • Predictive Machine Learning (Co-Exist Mode)
    • oscecmp140-de-f.trx.trendmicro.com
    • oscecmp140-en-f.trx.trendmicro.com
    • oscecmp140-es-f.trx.trendmicro.com
    • oscecmp140-fr-f.trx.trendmicro.com
    • oscecmp140-it-f.trx.trendmicro.com
    • oscecmp140-jp-f.trx.trendmicro.com
    • oscecmp140-kr-f.trx.trendmicro.com
    • oscecmp140-pl-f.trx.trendmicro.com
    • oscecmp140-ru-f.trx.trendmicro.com
    • oscecmp140-tc-f.trx.trendmicro.com
Premium
Internal
Partner
評價:
分類:
解決方案ID:
000195552
評定這個解決方案
本文是否幫助解決您的問題?

感謝您的意見!

本意見調查系統為自動運作,將不會回覆如銷售、技術、產品等一般問題.

若您需要協助,請聯繫對應的技術支援窗口. 聯絡我們

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

本網站使用cookies以提供所需的網站功能與流量分析。我們的Cookie聲明提供更詳細的資訊,包含了如何對您的cookie設定進行修改。

了解更多 同意