Is there any compelling business reason to do this? Do they serve any common functions? I can't imagine exposing my internal server to the Internet, no matter how secure I thought a machine was. I can't imagine exposing my internal network to my external server other than to access the services it would normally provide to the external world. While I try to keep up with the latest security trends, patches, and designs, I'm sure that I'll miss something. I'm also sure that there are more "black hats" out there than there are "white hats". While I've not been bit yet, I don't see any reason to increase my Internet footprint more than required by business needs. If that means I have to maintain multiple machines, transfer information physically, and otherwise do a little extra work . . . so be it. To me, the extra work is nothing compared to having your company's financial information compromised, or even the amount of work it takes to recover from an "innocent" but fumble-fingered cracker. /mde/ just my (paranoid) two cents . . . .
