I would just like some advice. I am doing some planning before purchasing ISA as a firewall/proxy/cache server. I have a webserver and an email server that I thought I might like to put into a DMZ. The webserver must make requests to a SQL server, this would violate my internal network assuming my SQL server is on the internal network. The SQL data is very sensitive and must remain inside the internal network. Should I just publish my web and email servers and forget the DMZ? How secure is publishing compared to a DMZ? I would also like my users to be able to use the full blown Exchange client. Thanks in advance for all of your help. Cheers, Barrett