The network where agents are working, must consider the following
Port 3478 UDP/TCP must be opened at least for the host stun.ucontactcloud.com
Port 8089 UDP/TCP must be opened at least for the host (ucontactinstance).ucontactcloud.com
Port 443 UDP/TCP must be opened at least for the host (ucontactinstance).ucontactcloud.com
Ports 10000-2000 UDP must be opened at least for the host (ucontactinstance).ucontactcloud.com
Access to the site http://cacerts.geotrust.com/GeoTrustRSACA2018.crt and redirector.gvt1.com/ must be enabled in order to allow browsers to validate uContact SSL certificate.
Enable access to the activator license site: us-central1-licenciator.cloudfunctions.net/api/servers/getLicence
Enable access to monitoring tool: monitor.ucontactcloud.com
Access to the following IP´s (220.127.116.11 , 18.104.22.168) used by google chrome.
Verify that SIP - ALG is not active on the local or border network devices.
Verify that IPS - detection is not active because it can cause VoIP packet discard and voice problemas (unespected call drops).
Domain *.github.com must be enable for system updates
Based on this considerations, the policy of the antivirus used on the workstations they must be actuated in order to avoid port scan, blocking or denying the access by security reasons.