Technically which is more secure or what other benefits/factors are there?
I'm planning an implementation that recommends you put the front end web server in the DMZ. Only port 443 (SSL) will be open from the outside world. On the internal firewall a few more ports will be open that will allow communication from the DMZ to the internal network.
My basic question is how is this different than just natting an IP address on my internal firewall to the web server? I would only open port 443 to that IP and nothing else. Then the webserver is on the LAN and able to communcate freely with the internal network. This is obviously an easier setup since I don't have to configure a DMZ but I'm worried about the security differences.