What is best and most effective way to secure traffic between SCOM gateway server in the cloud with the SCOM management group on premise when multi site VPN is not an option ?  What are the options of securing traffic and SCOM over the internet ?

Hi ,

"

Certificate-Based Authentication

When an Operations Manager agent and management server are separated by either an untrusted forest or workgroup boundary, certificate-based authentication will need to be implemented. The following sections provide information about these situations and specific procedures for obtaining and installing certificates from Windows-based certification authorities.

"

https://technet.microsoft.com/en-us/library/hh212810.aspx

BGDS,

PAUL

Thanks Paul.  This article seems to be talking about authentication between agents and management servers using certificates if I have read it properly.  Is encryption of the data between the gateway server and the management server possible ? 

We are looking at having a gateway server in Azure to monitor some services in Azure and need this to talk back to our SCOM management group which will either be in a different Azure tenant or located in our own data center.  Unfortunately setting up a site to site VPN connection from Azure is not possible so we need to look at options of possibly opening up SCOM to the internet and securing traffic between the GW and MS server.