Perimiter security is not vouge but its better than publicly accessible on the Internet. I would argue if are not comfortable with security take it off the Internet and put it in a dmz. You still need security, but it's a more forgiving environment if you get it wrong between setup and pen test.