Patch Manager Agent vs WMI Features

Using Patch Manager 2024.1 with Windows Server 2016 and above (800 servers). We are putting all our servers behind a firewall. Our security team are not so happy with the number of inbound ports to the servers used via WMI for actions initiaited from the Patch Manager server (like Report Now etc.). I was looking at the agent option. Whilst  installing and updating an agent is more work it only requires one port on the firewalls. So, does the agent have full feature parity with the WMI providers?