Exposing Domain name to the internet

[Guest]

We currently have 3 domain controllers within our infrastructure two at
location X and one in another country. All which have site to site vpn to
communicate with each other. The domain schema that we are using is
private,meaning none are registered publicly. What are the benefits of
making a DNS public and what are the risks? Currently I am installing
exchange behind the trusted side which will communicate via a mail gateway
(postfix). Instead of using a reverse proxy to use OWA, will making the
domain publicly accesible facilitate the exchange deployment?

Thank you

 

[Herb Martin]

We currently have 3 domain controllers within our infrastructure two at
location X and one in another country. All which have site to site vpn to
communicate with each other. The domain schema that we are using is
private,meaning none are registered publicly. What are the benefits of
making a DNS public and what are the risks?

There aren't really any RISKS (if you do it the way that
is recommended) but you do NOT want to expose an
entire INTERNAL name list (DNS) on the Internet, just
as you would not (probably) publish your the internal
home addresses/phone of all of your employees.

Currently I am installing
exchange behind the trusted side which will communicate via a mail gateway
(postfix). Instead of using a reverse proxy to use OWA, will making the
domain publicly accesible facilitate the exchange deployment?

You need a PUBLIC name for the world to see.

We can help you make it work if you use the same name
internal and external but for many who are new to DNS it
is just simpler to use a non-public (non-registered) name
INTERNALLY and a registered name strictuly externally.

Note: Such public DNS should GENERALLY be left at
the Registrar and not run by any but the very largest Inet
presence companies.