A. SCCM introduced the native security model. It's for client-server communications and provides a higher level of security through public key infrastructure (PKI) and Secure Sockets Layer (SSL) encryption for nearly all communications (except for certain distribution-point and fallback-status-point communications). Policies and other sensitive communications are signed using a PKI certificate. Microsoft Systems Management Server (SMS) 2003 mixed security mode uses a self-signed certificate.
It’s important to note that native mode affects only client-to-server communications and not server-to-server communications. To protect server-to-server communications, use IPsec. Also, a native-mode site can’t be a mixed-mode child site.
There are four native-mode requirements:
- You must have a deployed PKI infrastructure in the organization
- DNS must be available and configured for clients to locate management points
- All clients must run the SCCM 2007 client. Native-mode sites don’t support SMS 2003 clients
- Native-mode sites also don’t support Windows-2000-based clients