HTTPS port 443
Only if you restrict outbound SSL connections via the standard port 443, please unblock the Box's access to the following servers:
The following URLs are currently used but they will soon be replaced by CNAMEs on the camio.com domain (so covered by #2 above at that point). For now, allow access also to:
The following URLs are used while managing packages on the system, for DNS inquiries, and for managing the NTP daemon.
HTTP port 80
Only if SSL fails due to severe clock drift on the Box, a single HTTP request for the current time via port 80 is made to this server. In addition to this, some package updates are made to the official Ubuntu package repositories over HTTP. As package signing and verification is built into the update process, SSL encryption is considered non-critical for these operations. We are planning on changing to SSL-enabled mirrors of the official Ubuntu package repositories but we do not have a ETA on this change.
Box used Ubuntu's NTP servers (port 123)
The Box uses Google DNS servers by default: