I am seting up a firewall for work using the standard
squid/ipchains/marquerade setup.  Our e-commerce servers are going to be on
the public side of the firewall, they all run IIS on NT because our product
is written in visual fox pro.  Now the programmers on the private side of
the firewall are going to want to be able to map drives on the public
servers to change data.  I told them that this is a no-no and that they
should just use the development server I set up to make changes.  Turns out
they wont listen to me and the boss agrees with them.  I beleive that all NT
domain control will go out the window when I implement the firewall (if i
set it up right), so all of the servers will reside in their own isolated
"commerce" domain.  is there any way I can allow this wondoze freaks to map
drives accross tis network without comprimising too much security?  maybe I
sould just allow ftp access accross from the internal network.  Thanks for
any ideas on this situation.

- Joel