Devices connect to several endpoints inside Kolide. These have consistent names, but dynamic IP addresses. Communication is on port 443.
The list of names (Last changed 2023-04) is:
k2device.kolide.com
k2control.kolide.com
notary.kolide.co
dl.kolide.co
tuf.kolide.com
Additional Hosts for macOS connectivity
Most versions of macOS will check package and binary signatures for validity. This may require contacting apple servers. Please refer to Apple's documentation at https://support.apple.com/en-us/HT210060
Third Party Firewalls
Some third party firewall software reports outbound connections. Due to how go (a computer language) does DNS resolution, this is sometimes reported as a connection to an IP address, and not to the DNS name. This is a reporting discrepancy.
DNS Resolution
Our agent uses /etc/resolv.conf
, some Linux machines use systemd-resolved
and do not provide that by default. There are several mechanisms to add one. See https://wiki.archlinux.org/title/Systemd-resolved#DNS for information.