Would you put a fully patch Leopard Server outside the firewall?

I tired of dorking around with NAT. I have multiple IP addresses for my machines and my guests, no PPPoE to worry about. Why wouldn't I expose my machines directly? I've resisted over the years, using 1-to-1 NATs but I'm tired of DNS schizophrenia and access issues. Problems: 1. I've got a firewall (Cisco 851w) which isn't quite working the way I wanted it to. I can't debug the thing effectively -- yes, it's probably me, but there it is. VPN is a pain to manage, it needs care and feeding, it's another power sucker... 2. I have 14 IP addresses that are routable -- why bother with the whole NAT problems and hole punching? I'm thinking what would be the problems with having everything exposed directly? Okay, I'm not entirely stupid, I might run my firewall in transparent mode to shutdown ports and groom traffic. But other than that, would you trust and feel comfortable with Mac OS X Server and client directly exposed? I'm also open to a hybrid solution -- can I vend out multiple IP addresses (multihome) via DHCP? Say, create an internal network and external network and if you get a multihomed DHCP response, you do the right things? How well does Leopard Server accommodate DNS views? Will Bonjour go insane? What steps should be taken to secure it without becoming difficult to use? My main thought is that I take my laptop to a cafe or other public venue without thinking too much -- how should this differ from my home? thanks!