I am doing a new Exchange 2007 install with a separate Edge Transport server install. My question is do I need 2 NICs (DMZ and LAN)or am I ok with 1 (just DMZ)? Is there any benefit to going one way versus the other? I have been setting it up with just the single NIC to the DMZ and I have firewall rules that only allow the appropriate traffic to and from on either the WAN or LAN sides. So I think I am covered and that really it doesn't matter a whole lot but I am always open to doing things better so I figured I would ask. If you need additional information to answer please ask. Thank you in advance for any help you can offer. Kevin

I would definitely just do one NIC in your DMZ. If you do 2 NICs and your edge is somehow comprimised, your LAN is comprimised as well.

Thank you for your reply. One thing I forgot to mention was I was reading an article about this and it got me thinking there might be a better way. In the article they used the Windows 2003 Security Configuration Wizard to limit the traffic to specific port and directions on each interface, so it seemed pretty secure. But I agree with you and would be worried that the LAN would also be at risk. Thank you again for your reply. Kevin