Support could root in and see if the changes made by "RESTRICTREPORTS" are present in the LEM config.
You can also see the config yourself. Under MANAGER run VIEWSYSINFO. The last screen of data (keep hitting spacebar!) will show the firewall ACLs:
---------------------------------
Network access configuration:
*filter
:INPUT ACCEPT
:OUTPUT ACCEPT
-A INPUT -s 0/0 -d SWI-LEM/32 -p tcp -m multiport --destination-ports 4803 -j REJECT
-A INPUT -s 0/0 -d SWI-LEM/32 -p udp -m multiport --destination-ports 4803 -j REJECT
-A INPUT -s 0/0 -d SWI-LEM/32 -p udp -m multiport --destination-ports 4804 -j REJECT
-A INPUT -s 127.0.0.1/32 -p tcp -m multiport --destination-ports 10101:10102 -j ACCEPT
-A INPUT -s 10.254.10.12/30 -p tcp -m multiport --destination-ports 10101:10102 -j ACCEPT
-A INPUT -s 10.254.10.16/30 -p tcp -m multiport --destination-ports 10101:10102 -j ACCEPT
-A INPUT -p tcp -m multiport --destination-ports 10101:10102 -j REJECT
-A INPUT -s 0/0 -d SWI-LEM/32 -p tcp -m multiport --destination-ports smtp -j REJECT
-A INPUT ! -d 127.0.0.1 -p tcp --dport 5432 -j REJECT
COMMIT
*nat
:PREROUTING ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
COMMIT
You'd see some line mentioning dport 9001 and REJECT if RESTRICTREPORTS had been run. Mine doesn't have that, so it's not enforced on my system atm. You'd also see a bunch of dport 9001 and ACCEPTs, one for each allowed reports client.