"Thumbs Up" to GeoGeo above.
Further to his post about Location Awareness, please also review the below articles:
You'll need a new MSL to define the external address clients should use to connect to your SEPM. The below articles tell you how to create a new MSL and how to assign this to the external location GeoGeo recommended:
http://www.symantec.com/docs/HOWTO81154
http://www.symantec.com/docs/HOWTO80735
As far as the updating of definitions goes, please also review the below article on the LU options. Essentially, you'll want the one assigned to the external location to go to Symantec LiveUpdate for definitions, while the internal one points to the "Default management server":
http://www.symantec.com/docs/HOWTO26831
#EDIT#
Here are a couple of extra LU policy articles for pointing clients at a LiveUpdate Adminstrator server. Like I said, it's usually better to point external SEP clients at Symantec instead, but you asked...
http://www.symantec.com/docs/HOWTO55180
#/EDIT#
Lastly, please consider the below articles for placing a SEPM in the DMZ. I'd personally recommend against making your main SEPM externally accessible, but instead put a replication partner in the DMZ for external SEP clients to connect to and harden it:
http://www.symantec.com/docs/TECH178325