What is the correct way to release a site on the Internet using https?

There is a web service running on IIS in Win SRV 2012R2 (virtual server in hyper-v). Now they go to it on the local network at http:\\1.1.1.1/service.
I need to release it to the world, here I see and know the following options:

v1) I forward port 80 (or 1088) on the router to the IIS server. Users need to memorize some characters, the characters in the office and at home are different, if the port is non-standard then + some other icon and characters): http:\\100.120.120.101:1088/service.

v2) I get a certificate for Let's Encrypt and do port forwarding 80,443. I make an entry in the local DNS and everyone goes everywhere by the domain name: service.companyname.com

v3) I get a commercial certificate (I don’t know yet how much it costs and how to get a certificate) I do port forwarding 80,443. I make an entry in the local DNS and everyone goes everywhere by the domain name: service.companyname.com

Questions:
1) which way to go?
2) is it necessary to tighten up security on IIS and what to turn?
3) does it make sense to add another network adapter to IIS and let it out into the world?

PS maybe I wrote something wrong here, correct me I will be grateful!