Hello, got a bit of a security philosophy question here. Not usre if
this would be the right forum so my apologies in advance if it isn't.

We have a public web server (Apache on a NW6.5 box) and a private web
server on a Linux box. Both are NATTed behind our BM3.8 firewall.

We currently have external users VPN into our network to access the
apps on the private web server.

Am I being too anal here? It would be much easier to just move the
private serer to the public side. All apps are password-protected and
i could use Apache directives to block access from all but a few IP
addresses.

Comments please? And suggestions on how to best use BM access rules to
keep the bad guys out of the private server (assuming we make it
public).

Thank you!!!