An external agent listening port has been added in SMA 11.0 to more securely allow customers to expose only agent traffic publicly. This feature is always on and not configurable. It allows customers to perform re-routing of agent traffic from port 443 on a public interface to port 52230 on the SMA. This article describes the feature in more detail and explains caveats.
For more details about properly securing an SMA deployment, see Best Practices for Securing your SMA.
Key notes about the external agent port:
When the external listening port is utilized, agents are distinguishable in the user interface as External or Internal. This field can be used for searching and smart labels, and it can be displayed by adding the Zone column on the device inventory list page in the Administrative User Interface.
The following diagram illustrates agent traffic movement using the external listening port with a properly configured firewall:
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center