Bit of noob help with network architecture
I need a set up of 2 or possibly 3 servers, a web server, a database server and maybe an application server.
The web server will use information from the database server to create the pages. The internet users can access the website and use it to find things from the database. However the only way the database should be changed is from someone logged on the intranet.
My understanding of the DMZ is a bit scetchy, i understand that this is where we put things that are needed to be accessed both internally and externally. So the webserver would be placed in there. But what about the database server, would the best solution to be to have it on the intranet side and open a port on the router/firewall to let the webserver communicate with it?