Dear Community
So I have started with a two-site SEPM setup, each site with a dedicated MS SQL server and running replication between the sites. These SEPM servers and the DB servers are domain members.
I am going to expand the setup with two additional SEPM servers; one in each site in DMZ. These SEPMs will service my remote SEP clients which do not have a VPN connection back to my office.
From a security point of view, I will place these SEPM servers in DMZ, only open HTTPS from internet to these servers. Also trying to minimize the number of open ports to the inside.
Qestion is: Should they be domain members or stand-alone?
I am using SQL authentication to my DB.
None of the SEP clients which will communicate with these servers are domain members, since they are all in remote/home office locations. SEP client installation will be done via web link.
Regards,