No problem...
If you're interested in Bruce Schnier's book, check out
http://www.counterpane.com/applied.html.
For the record, I actually use 3 bits of kit (firewall, web server,
database server) and 2 switches/subnets. The web server sits on its own
in an untrusted dmz, the database server sits on a trusted lan, and the
two communicate using tcp/ip through a pinhole in the firewall. That way
I've made it difficult for anyone sitting outside the firewall (i.e. a
hacker) to get as far as the actual database itself. Even if they manage
to hack as far as the web server, they can't get any actual data.
I'd have to say I'd regard this config as a bare minimum for putting
something on the web, especially if you're taking security seriously.
Having said that, my database server is a full-blown sql server box,
which is easy to set up because you just configure it to listen on the
pinhole port. Not sure how you could do this if you're using an mdb,
suspect you'd need to keep the file on the web server and access it
directly. Compromises the security of the system a bit keeping it on the
web server, but not sure what else you can do in this scenario.
But whatever else you do, get yourself a firewall!
Pete