Do you have Cloud Firewall licensed by chance, and if so what is being steered in the steering configuration that you are assigned? 

Sorry for rookie response but Where would I find this info so I can provide this? As far as I can tell we are not

Unfortunately there is no way in the UI to see what you are licensed for.  To figure out if you have Cloud Firewall enabled : Right click on the agent, and select Configuration, you'll see what steering configuration your client gets.  

Then from there, go into Settings -> Security Cloud Platform -> Steering Configuration and open the steering configuration and see if All Traffic is listed. 

Screenshots attached showing some of the process. 

We opened a support ticket not too long about UDP errors in the logs (very much like the one you are showing). The answer we got was related to QUIC (Quick UDP Internet Connection). Netskope is blocking and falling back to non-QUIC. We are told this error is more informational than concerning. <shrug>

Ok thanks ... I took a peek within the console but looks like I don't have full permissions to see it there but what I can see on the the endpoint agent side is "all traffic" is listed in the steering type. I also took a look at nsconfig.json but I did not see firewall referenced there.

If All Traffic is noted in the steering type, then it sounds like your organization has Cloud Firewall. I have NGSWG enabled (no CFW), and I have All web Traffic referenced on my agent.  

With Cloud Firewall, there is a default deny at the bottom of the Real Time Policy page, which will block non-80/443 traffic. I would get with your admin, or if you are still in the deployment phase your PS partner to discuss options on how to utilize CFW in a pilot group phase.