Gateway Server and Certificate-based Authorization Scenarios Document Update

The gateway scenarios walkthrough has been updated to reflect a change for the RTM timeframe - the Gateway Server role officially has no dependency on Active Directory, allowing it to be deployed in workgroup environments. I believe Ops Mgr Deployment deployment guide will require an update to reflect this fact as well.  Note that since mutual authentication (required in Ops Mgr) is only possible via Kerberos or certificate-based authorization, you'll still need to install certificates on all workgroup agents communicating with the gateway in the Gateway on a workgroup server scenario You can download an updated copy of Gateway Server and Certificate-based Authorization Scenarios in Operations Manager 2007, which includes additional deployment scenario considerations HERE.  Thanks go out to Neale Brown who adjusted his already busy schedule to confirm this in the lab today so we could get an update to the doc out quickly.   So what is the designed function of the Gateway Server? There are two primary goals for the gateway server: Minimize the number of points of traffic between two secured environments, (for example, an Intranet and a DMZ) Maximize the use of Kerberos based authentication when it is available, because the TCO associated with Kerberos is lower than with certificates. The Gateway on a workgroup server scenario addresses point #1 in high security environments where opening port 5723 to many servers would be unacceptable, or where minimizing points of traffic is otherwise desireable. Note that when budgetary or hardware constraints prohibit use of a gateway, or there is no pressing need for minimizing points of traffic, you can configure agents to use certificate-based authentication to communicate to a management server directly - this is detailed amongst the scenarios in the guide. Get news, articles and downloads for Ops Manager, Essentials 2007 and MOM 2005 at www.systemcenterforum.org