Devices connect to several endpoints inside Kolide. These have consistent names, but dynamic IP addresses. Communication is on port 443.
The list of names (Last changed 2019-06) is:
Additional Hosts for macOS connectivity
Most versions of macOS will check package and binary signatures for validity. This may require contacting apple servers. Please refer to Apple's documentation at https://support.apple.com/en-us/HT210060
Third Party Firewalls
Some third party firewall software reports outbound connections. Due to how go (a computer language) does DNS resolution, this is sometimes reported as a connection to an IP address, and not to the DNS name. This is a reporting discrepancy.
Our agent uses
/etc/resolv.conf, some Linux machines use
systemd-resolved and do not provide that by default. There are several mechanisms to add one. See https://wiki.archlinux.org/title/Systemd-resolved#DNS for information.