Thanks - this is exactly what I've been looking for for a while now, and I hadn't come across this page before. Why is it so hidden??

Did you find the integration was useful? Did you compare it at all to the add-on that does presumably the same things?  I have no affiliation with them, I'm just looking at the addon and wondering if it's worth the additional price vs the built-in DVCS feature. 

I already got our infosec to approve opening the single IP for the addon, and now I just found this with like 100 more things to open in the firewall, I hope they go for it.

@Jay Collett, did you find that you need to open all of those ports and domains? I imagine that your infosec group balked at the scope of the request. My guess is that the domains, ports and IPs listed in that doc are for all of Jira's UX to be accessible through a firewall. But what is necessary only to enable the GitHub DVCS integration?

It's ironic that the plugin i linked to above only requires a single IP to be whitelisted, which my infosec approved. Then I had the brilliant idea to try the native - and free, more specifically - DVCS integration first, which brought me to this page, and that huge list of ips, and now of course infosec is thinking twice about it.

Following up on this - infosec said no way to opening up all those IPs - it's several thousand holes when you look at all the ranges. So our only choice was the BigBrassBand plugin. And since we've been using it, it's been great. It's useful to be able to see when code is being done and when PRs are opened and closed. And I haven't had to touch the config in months, which is really great.