The fallback status point in Configuration Manager 2007 always communicates with clients using HTTP which uses unauthenticated connections and sends data in clear text, even when the site is in native mode. This makes the fallback status point vulnerable to attack, particularly when it is used with Internet-based client management. To help reduce the attack surface, always dedicate a server to running the fallback status point and do not install other site system roles on the same server in a production environment.

Install a fallback status point in the site if all of the following conditions apply:

Do not install a fallback status point in the site if the following condition applies:

See Also