I am currently running two primary servers (10.3.1) and I am running into issues with keeping off network machines managed. I have read the forums about putting a primary server in the DMZ but I have a couple questions. I was thinking of putting one of the primary servers in the DMZ.

What ports need to be opened?

Does the primary dmz server need to talk directly to my SQL 2005 database?

If the laptops are currently registered under the internal primary servers how are they going to contact the server if it is in the dmz? Will they need to re-register etc?

Will moving one server to the DMZ give me the same functionality of that I have now, remote control, pushing app bundles, patch management.

I am planning on opening a case with Novell but thought I would ask first here and see if anyone has done this successfully.