Best External_Net setting

["Stephen W. Thomas" <swthomas () techsoft com>]

I'm trying to find out what the pros and cons are to setting the external_net variable to "!$home_net" instead of "any" 
on a client's network.
 
The network is currently configured where the internet feeds a router which feeds a firewall which feeds a Windows2k 
network. The network consists of Web servers, DNS servers, Exchange servers, and file servers. These are all on the 
same domain. Snort is monitoring that domain. My boss is trying to get rid of all of the false hits it's taking from 
inter-server traffic, so I thought that changing the External_Net variable to "!$Home_Net" would do it. However, I'm 
afarid if someone broke through the firewall, or spoofed an internal IP then we wouldn't get any hits on it.
 
Does anyone have any thoughts on External_Net being defined as "any" or "!$Home_Net"?
 
Thanks,
Steve