Most of our user workstations use the same general NAT'd address of x.x.x.10 for their external IP. We have a group of users that would like to access a service that requires a DNS pointer with a certain domain (in this case government). I've always assumed it was more secure to have an anonymous IP without a DNS record pointing any port scanners right to us. The other alternatives are to ask the service to put in a static pointer for us or make an exception for our IP.
Do you think there a significant vulnerability increase if I request a DNS record?