This is not directly related to any Cisco product but rather a general question regarding placement of servers, open ports etc. Hopefully someone can shed some light on this for me.
I understand the concept of the DMZ, to isolate those servers that need exposure to the internet from the internal network. But here is the what if:
With an Exchange server for instance, without running front end and back end servers, just a single Exchange Box. Exchange needs to be a domain memmber and have access to Domain Controllers sitting inside on the LAN. Off the top of my head, I know LDAP needs to be opened with several others. Would it not be adivsable in this situation, to have the Exchange Server sitting inside on the LAN with a single port (25) opened to the outside. In my mind, this is a much more secure setting than having it in the DMZ causing 4 ports to be opened instead.
If anyone could shed some light on this for me, I'd appreciate it.