Hello, got a bit of a security philosophy question here. Not usre if
this would be the right forum so my apologies in advance if it isn't.

We have a public web server (Apache on a NW6.5 box) and a private web
server on a Linux box. Both are NATTed behind our BM3.8 firewall.

We currently have external users VPN into our network to access the
apps on the private web server.

Am I being too anal here? It would be much easier to just move the
private serer to the public side. All apps are password-protected and
i could use Apache directives to block access from all but a few IP

Comments please? And suggestions on how to best use BM access rules to
keep the bad guys out of the private server (assuming we make it

Thank you!!!