Do others separate Server hardware in the DMZ from the inside? We use a separate Internet router, separate DMZ servers. But do we allow DMZ servers to share internal HW.
Example A: Blade chassis with servers (WEB) running on VLANS in the DMZ and other servers (App & DB) running on VLANS in the internal network / data center? But all in one chassis.
Example B: Dedicated DMZ Server with SAN disk space on the inside SAN that supports the entire inside data center?
Has anyone come across papers / best practices or policy about this type of HW mixing?