Kolide

Devices connect to several endpoints inside Kolide. These have consistent names, but dynamic IP addresses. Communication is on port 443. 

The list of names (Last changed 2019-06) is:

- k2device.kolide.com
- k2control.kolide.com
- notary.kolide.co
- dl.kolide.co

Most versions of macOS will check package and binary signatures for validity. This may require contacting apple servers. Please refer to Apple's documentation at <a href="https://support.apple.com/en-us/HT210060" rel="nofollow noopener noreferrer" target="_blank">https://support.apple.com/en-us/HT210060</a> 

Some third party firewall software reports outbound connections. Due to how go (a computer language) does DNS resolution, this is sometimes reported as a connection to an IP address, and not to the DNS name. This is a reporting discrepancy.

Our agent uses <code>/etc/resolv.conf</code>, some Linux machines use <code>systemd-resolved</code> and do not provide that by default. There are several mechanisms to add one. See <a href="https://wiki.archlinux.org/title/Systemd-resolved#DNS" rel="nofollow noopener noreferrer" target="_blank">https://wiki.archlinux.org/title/Systemd-resolved#DNS</a> for information.

Necessary firewall related settings for device to kolide connectivity

Kolide Agent to Servers Connectivity

Find answers and get help from Intercom Support and Community Experts

Kolide Agent to Servers Connectivity

Additional Hosts for macOS connectivity

Third Party Firewalls

DNS Resolution