I have a general question about a DMZ. Currently i have an ASA5520 with one physical interface dedicated to a DMZ network. On that interface i have subinterfaces for multiple DMZ Vlans. Is it better to have seperate VLANs for each DMZ server with their own set of ACLs or just put all of the DMZ servers into one DMZ Vlan? The reason i ask is because i am using /30 scopes for each DMZ server and now i am about to implement HA on 2 5520s and they require standby IPs...i'll have to rework their scopes and IPs.