it would be better if you could have two servers (could be virtual) one for public facing applications in DMZ and other for internal stuff in separate network.