[Spivak]

Defense in depth is always a nice thing to have but it hardly seems like a requirement since the reason you lock down services behind a firewall is supposed to be because they're aren't hardened enough to be on the public internet. I don't think that would describe the Atlassian suite who probably has better SecOps than most of their customers.

[Aeolun]

Except when they deliberately make their product obtuse and allow customers to expose their data to the entire world.

[tastroder]

The post you replied to mentions other methods to separate a service, not being hardened enough is only one of the reasons you would want to do that. A major one being that many Jira deployments are only useful internally anyway so there is no reason to expose it to the outside world.