The benefits for using the CSA are that you do not need to open your firewall to the outside. For security reasons, most customers choose to use the CSA, but if you are OK with simply opening ports then that would work too. There is not any additional functionality for AOD/LDMO when using the CSA, it will work the same either was as long as ports are open. Hope this makes sense. You can refer to the link below to see public ports and addresses.
Which site(s) in IIS on the Landesk Core would need to be published to the Internet to make this work w/o the CSA? Is Port 443 the only port that needs to be open?
port 443 should be all that you need to open.