I am surprised there is no discussion about this in the Security and network Configuration guides since after all, this is always the consequence of any application with a listening port unless you do Network Address Translation but since each desktop client has it's own unique listening port then all hackers need to do is try say 1/2 dozen or so of those well-known listening ports after doing port scans to determine that IP is listening. Then they can send messages at a rate that doesn't draw the attention of the firewall. And noone wants to be in the blacklisting business for IP addresses as this is an endless task. And white listing can also be problematic and a maintenance nightmare -- do you really know where all calls are going to be coming from? If you have the Office product and calls are being recorded, then I am assuming it would be appropriate to use whitelisting by providing a safe set of well-known IP (or IP ranges) published by RC and which act as proxies to record the call. That makes sense but I had to figure *ALL* this out by myself from several phone calls and experiments about how the Office (paid) version works vs. how do hackers trying to use RC for free calls to each other works. And I had to pause and ask, if hackers are trying to look for vulnerabilities in the RC protocol, of what benefit would this be?
A good tech-note along these lines showing why firewalls should only permit traffic from RC servers to those well-known RC listening port would be very useful but instead they are small bullet points in a large document without painting the overarching picture. In truth, many small businesses do not even understand firewalls and the need to do this and why.