There are four basic supported scenarios for Internet-based client management, and within these there are some supported variations:
- Scenarios 1 and 2 are suitable if the
Internet-based client management site supports only Internet-based
clients on the Internet and does not need to also support clients
on the intranet.
- Scenarios 3 and 4 are suitable if the
Internet-based client management site supports clients that are on
the Internet and clients that are on the intranet.
Scenarios for Sites that Do Not Need to Also Manage Intranet Clients
If the Configuration Manager 2007 site only supports clients over the Internet, Scenarios 1 and 2 are applicable.
 Note |
|---|
| When the site does not support clients on the intranet, the site should not be configured with a default management point. |
Scenario 1: Configuration Manager site that doesn't support intranet clients and spans the perimeter network and intranet. All the Internet-based site systems are in the perimeter network, and accept connections for clients connecting over the Internet. The site server is in the intranet.
There are two variations of this scenario:
- The management point that supports
Internet-based clients communicates directly with the SQL server in
the intranet.
See Network Diagram for Internet-Based Servers - Scenario 1 with no SQL Server Replica.
- The management point that supports
Internet-based client communicates with a SQL server replica in the
perimeter network.
See Network Diagram for Internet-Based Servers - Scenario 1 with SQL Server Replica.
Scenario 2: Configuration Manager site that doesn't support intranet clients and is in the perimeter network only.
There are two variations of this scenario:
- The Configuration Manager 2007 site that is
configured for Internet-based client management is a child site of
your Configuration Manager 2007 hierarchy.
See Network Diagram for Internet-Based Servers - Scenario 2 with Child Site.
- The Configuration Manager 2007 site that is
configured for Internet-based client management is the only site in
your Configuration Manager 2007 hierarchy.
See Network Diagram for Internet-Based Servers - Scenario 2 with Complete Hierarchy.
Scenarios for Sites that Manages Clients on the Internet and the Intranet
If the Configuration Manager 2007 site needs to support clients on the Internet and support clients on the intranet, Scenarios 3 and 4 are applicable.
Scenario 3: Configuration Manager site that supports both Internet clients and intranet clients and spans the perimeter network and intranet. All the Internet-based site systems are in the perimeter network and accept connections for clients connecting over the Internet. There is a second management point (and second software update point and fallback status point, and additional distribution points) and other site systems that are in the intranet for clients connecting on the intranet.
There are two variations of this scenario:
- The management point that supports
Internet-based clients communicates directly with the SQL server in
the intranet.
See Network Diagram for Internet-Based Servers - Scenario 3 with No SQL Server Replica.
- The management point that supports
Internet-based client communicates with a SQL server replica in the
perimeter network.
See Network Diagram for Internet-Based Servers - Scenario 3 with SQL Server Replica.
Scenario 4: Configuration Manager site that supports both Internet clients and intranet clients and bridges the perimeter network and intranet. The single management point is both the site's default management point and the Internet-based client management point.
There are three variations of this scenario:
- The Configuration Manager 2007 site bridges
the perimeter network and intranet by having two network cards in
the site systems that support Internet-based client management.
See Network Diagram for Internet-Based Servers - Scenario 4 with Two Network Cards.
- The Configuration Manager 2007 site is
contained on the intranet, and the site systems that are configured
for Internet-based client management can accept both Internet
connections and intranet connections. This solution requires a
reverse proxy solution (for example, using Microsoft ISA Server) to
publish the Internet-based site systems on the intranet to the
Internet.
See Network Diagram for Internet-Based Servers - Scenario 4 with Internet Connections into the Intranet.
- The Configuration Manager 2007 site bridges
the perimeter network and intranet with the Internet-based site
systems in the perimeter network, and it is configured to accept
both Internet connections and intranet connections. The site server
is in the intranet. This solution requires that the intranet FQDN
of the Internet-based site systems are registered in the intranet
DNS servers with the public IP addresses of the servers in the
perimeter network.
See Network Diagram for Internet-Based Servers - Scenario 4 with Intranet Connections into the Perimeter Network.