Firewall constraints for UEM

UEM uses some HTTP technologies to send performance data from the browser to the AppMon Server. To do this, JavaScript Agent code injects into your HTML pages. This code communicates with the web server or Java Agents, which forward collected data to the AppMon Server. To fully enable UEM, however, you must verify that your firewalls, proxies, and web servers are configured properly.

HTTP requests

To function fully, the web server or Java Agents must recognize the following requests of a browser and deliver them to the browser.

  • dtagent_xxx.js is the JavaScript Agent. Typically, this is from the absolute root directory (the code inserted is <script href="/dtagent_xxx.js" />). You can configure it in the User Experience section of the System Profile dialog box. Use an absolute URL, if possible, because browser or any proxy servers should cache this file.
  • dynaTraceMonitor is the monitor signal the JavaScript Agent sends back to the server. This is sent relative to the current page. You can configure it in the User Experience section of the System Profile dialog box. This setting also dictates where the image requests (dtbwimg_x.jpg) used for bandwidth detection should go.

HTTP headers

The User Experience sensor uses the following HTTP headers.

  • rproxy_remote_addressTrue-Client-IP, X-Client-Ipx-forwarded-forx-http-client-ip (in this order): Determine the IP of the client (also for geo-locating). If none of these headers is set, AppMon uses the remote peer's IP address.
  • X-Forwarded-Host, X-Host, and Host: Determine the page host domain (also for application autodetection).
  • x-dtreferer: In some cases the JavaScript agent has to set this header and this header is used on the web / Java agent instead of the referer header.
  • x-dtPC: In case of parallel XHR requests the JavaScript agent has to set this header which is used by the correlation to link web requests correctly to user actions.


The JavaScript Agent and the web server and Java Agents use the following cookies:

  • dtCookie: Session cookie used to identify user sessions. This cookie is valid as long as the browser process is running. Do not confuse this with HTTP-sessions of web applications or visits. Both usually have timeouts.
  • dtPC: Page context cookie used to link web requests to user actions.
  • dtLatC: Latency of monitor signals.
  • dtSA: Source action cookie. On browsers that do not support sessionStorage.


Use UEM Health Check to detect firewall issues and communication between the injected JavaScript Agent and the AppMon Server. See UEM Health Check for more information.