Devices connect to several endpoints inside Kolide. These have consistent names, but dynamic IP addresses. Communication is on port 443.
The list of names (Last changed 2019-06) is:
Additional Hosts for macOS connectivity
Most versions of macOS will check package and binary signatures for validity. This may require contacting apple servers. Please refer to Apple's documentation at https://support.apple.com/en-us/HT210060
Third Party Firewalls
Some third party firewall software reports outbound connections. Due to how go (a computer language) does DNS resolution, this is sometimes reported as a connection to an IP address, and not to the DNS name. This is a reporting discrepancy.