do you know please whether it's possible to set any rule on FW with content filtering that recognize and allow APM communication? as we have a FW with content filtering between APM agent and EM and just allowing TCP/5001 for APM communication is not enough.
if so, what rule should be specified for the content filtering?
This is a question more about APM and network interfacing so not sure what sort of answer you will find here. What firewall vendor are you using?
your rule expects the agent port of your manager to be 5001, check that it is the case (if you have a cluster then all the collectors and mom needs to be set with its agent port on 5001)
Does Fred's answer help or further assistance needed? Dealing with your networking team may help resolve this
unfortunatelly, Fred just repeated what the default is and i already know and wrote in my post = "just allowing TCP/5001 for APM communication is not enough" in this case.
If you really want a firewll to be able to any kind of content filtering, then you should consider using http as your transport layer between the Agent and the EM, as our default Isengard communication protocol is unknown to the rest of mankind and therefore can not be analyzed/filtered, the Firewall needs to consider it as raw TCP.
That being said, can you please explicit what problem you are encountering? As Fred said, a firewall rule needs to be created with the following attributes:
Source: Any server that has an Agent on it
Destination: Any Enterprise Manager that the Agents might try to contact on port 5001 by default. (Includes the MOM and the Collectors).
yes, i will suggest http as your transport layer to the customer as first step and hopefully we'll find some rule that could be applied for it's content as a second step.