Why an application server has to be separated from database server?

For medium to large data volume environments, it is advisable to physically separate application and database servers.

Advantages of having application and database server on 2 separate physical servers are:

1. Security

Database server should be separated from the application and hosted behind a firewall with only the ports required to perform data access being open. The web application is configured to connect to the database server with a user account that has just enough rights for the application to function and no more. If the application server gets compromised, and if least privilege rules are followed in connecting to the database, the maximum damage that can happen is what the application can do through the database API.

2. Performance

If database and application are hosted on the same server, both the application and the database would cache commonly requested data in memory. Cache performance degrades considerably by running the application and the database in the same memory space. If the application is resource intensive, it can easily cause the CPU cycles on the machine to peak, essentially bringing the machine to a halt. By segregating the database and application onto 2 different physical servers, the CPU performance can be fine tuned for the respective requirements.

3. Scalability:

If the database and web / application servers are kept separate, it is easy to scale application / web servers horizontally without much effort. It is very difficult to horizontally scale a database cum application server. Also when multiple applications are being developed to use the same database it makes better sense to have the applications running separately from the database.