Would a Novell servers in the DMZ with public/private NIC's be considered good practice or not?

We want to enable ifolder on one of the servers, and we have a DMZ behind a Cisco PIX. We were thinking of making one of the NIC's private (for private management) and other for public facing.

However, I'm wondering if a hacker takes over this box, if he can just get into the inside network..

what is common practice?