Oliver Tomlinson To support management of your Azure VM or non-Azure machine, Update Manager relies on a new Azure extension designed to provide all the functionality required to interact with the operating system to manage the assessment and application of updates. This extension is automatically installed when you initiate any Update Manager operations, such as Check for updates, Install one-time update, and Periodic Assessment on your machine. The extension supports deployment to Azure VMs or Azure Arc-enabled servers by using the extension framework. The Update Manager extension is installed and managed by using Azure Arc-enabled servers agent(Azure Connected Machine agent) for non-Azure Linux and Windows machines or physical servers.
The Azure Connected Machine agent for Linux and Windows communicates outbound securely to Azure Arc over TCP port 443. By default, the agent uses the default route to the internet to reach Azure services. Therefore, it uses the HTTPS protocol.
For more information, refer below document.