DOC-3506: Address review - clarify firewall scope and outbound-only requirement

Author: kemister85

modules/ROOT/pages/editor-and-features.adoc

@@ -54,9 +54,9 @@ include::partial$misc/premium-plugin-list.adoc[]
 
 include::partial$misc/admon-cloud-configured-options.adoc[]
 
-=== Step 4: Forward proxy configuration
+=== Step 4: Forward proxy and firewall configuration
 
-If the network has a forward proxy that controls access to the internet, ensure that the following URLs are accessible:
+If the network has a firewall or forward proxy that controls access to the internet, ensure that the following URLs are accessible:
 
 * All URLs where the editor is deployed.
 * All URLs where the plugins are deployed.

modules/ROOT/pages/features-only.adoc

@@ -55,9 +55,9 @@ The following is a complete example, where:
 <html>
 ----
 
-== Step 3: Forward proxy configuration
+== Step 3: Forward proxy and firewall configuration
 
-If the network has a forward proxy that controls access to the internet, ensure that the following URLs are accessible:
+If the network has a firewall or forward proxy that controls access to the internet, ensure that the following URLs are accessible:
 
 * All URLs where the editor is deployed.
 * All URLs where the plugins are deployed.

modules/ROOT/pages/tinymce-and-csp.adoc

@@ -8,7 +8,7 @@ include::partial$misc/general-csp.adoc[]
 [[firewall-and-proxy-allowlisting]]
 == Firewall and proxy allowlisting
 
-Organizations operating behind a firewall or forward proxy that restricts outbound internet access must allowlist {cloudname} domains for cloud-hosted {productname} features to function.
+Organizations operating behind a firewall or forward proxy that restricts outbound internet access must allowlist {cloudname} domains. {productname} cloud-hosted features require the browser to make outbound HTTPS requests to these domains; no inbound access from {cloudname} is required.
 
 [[required-domains]]
 === Required domains