Audit Collection (ACS) and the Gateway Role in Ops Mgr 2007
The Audit Collection Collector role can be installed on a gateway server....usually.
The gateway role was designed to facilitate a couple of purposes as I understand it:
So if you wanted to employ Audit Collection in such an environnment, you can install ACS Collector on a Gateway server. HOWEVER, Audit Collection has a dependency on Active Directory, so you cannot install Audit Collection on a Gateway in a workgroup environment (as of RTM, the Gateway role has no AD dependency).
Joseph from the product team offered up an interesting workaround if you have a Gateway Server in a workgroup environment and wish to deploy Audit Collection on the Gateway Server:
Since the ACS Collector has dependency on AD, you could promote your Gateway server to a Domain Controller - which can be a completely isolated and seperate domain.If agents are in a workgroup, certificate auth between them and the Gateway+Collector box will be required.