A couple things to consider:
- If you manually deploy, you wouldn't be able to deploy settings changes via AD, you would need to use Native Policies in the SEE Manager Console.
- The Single Sign-On feature allows users to authenticate to both SEE and Windows at the same time allowing them to access the User Client Console without an additional logon. This installation setting can be changed later using a policy.
- Authenti-Check allows users without credentials to gain access to their computers and/or the User Client Console without assistance. Useful in those situations where a remote user does not have access to the domain, or the help desk for One-Time Password assistance.
- One-Time Password (OTP) enables you to assist users who can’t get into Windows because they forgot their credentials or have been locked out for a failure to communicate with the SEE Management Server. I would recommend having this feature enabled as it would be to your advantaged to assist remote users, should the need to unlock a machine on the road arise.
Reference the SEE Installation guide on configuring these options. Make sure you've thoroughly mapped scenarios where these may be needed before choosing not to deploy them.