Da Sicurezza di rete: consenti fallback di sessione LocalSystem NULL : -
This policy affects session security during the authentication process between computers running Windows Server 2008 R2 and Windows 7 and those computers running earlier versions of the Windows operating system. For computers running Windows Server 2008 R2 and Windows 7, services running as Local System require a service principal name (SPN) to generate the session key. However, if Network security: Allow Local System to use computer identity for NTLM is set to disabled, services running as Local System will fall back to using NULL session authentication when they transmit data to servers running versions of Windows earlier than Windows Vista or Windows Server 2008. NULL session does not establish a unique session key for each authentication; and thus, it cannot provide integrity or confidentiality protection. The setting Network security: Allow LocalSystem NULL session fallback determines whether services that request the use of session security are allowed to perform signature or encryption functions with a well-known key for application compatibility.
Enabled:
When a service running as Local System connects with a NULL session, a system-generated session key is created, which provides no protection but allows applications to sign and encrypt data without errors. This increases application compatibility, but it degrades the level of security.
Disabled:
When a service running as Local System connects with a NULL session, session security will be unavailable. Calls seeking encryption or signing will fail. This setting is more secure, but at the risk of degrading application incompatibility. Calls that are using the computer identity instead of a NULL session will still have full use of session security.
Sembra che risponda a tutte le tue domande, ma per favore pubblica un commento se non e forse io o altri potremmo chiarire.