I think what we are all getting at here...

It really depends on what hardware you are using, how many users and what processes will be running....

What kind of data is going to be made public....all the SQL data...or just some of it. If it is just some of it...consider having the main data on a seperate machine....and table import the data needed to be made public...replicate back and forth if needed.

I am running a SQL database...and importing and updating data has been so far...painless...all depends on how many records etc

TS has a great point about seperating them...makes it harder to compromise 2 systems...and hopefully easier to detect....make them jump through some hoops

MLF