First of all I would like to thank any of you guys who took their time to read this post. I appreciate the service you offer.
First and foremost I am a programmer with a sore achilles heel...I have always kept my knowledge level of networks to a minimum and it has come back to haunt me.
I have developed a web application that will be hosted on three servers and a backup server:
1 - Webserver
2 - Admin server
3 - Database server
4 - Replicated database server
The webserver's job is to service clients taht access a public site. The machine needs direct access to the database server in order to fullfil a number of select/update SQL statements.
The Admin server hosts the administration site that manages the whole application. This server should be accessible to people within the company's local network, and a few people who connect from the outside world.
The database server services both the WWW and Admin server and needless to say should be the most protected.
I have conducted a lot of research and have accumulated a number of ideas, but I am still not entirely sure on the best options I have with regards to the network design that should be employed. The servers have been purchased, but I still need to buy the firewalls and switches that will complement the setup.
Could anyone give me a few tips on what network setup will potect the database in the best manner?
I also have the following questions which are related to this post:
1 - The admin server will service about 5-10 external users. Do you suggest making it only accessible via VPN?
2 - I will need faciliuty to service all 4 servers via VPN. Is this possible, since the DB server will be on a different tier?
3 - Do I need a firewall between the WWW/Admin servers and the Database?
I apologise for the long post and thank you all in anticipation.