[cb504]

If I understood correctly, the database was on a publicly accessible network. Wouldn't the problem be averted by putting the database in a separate VLAN, where only specific IP's from the public VLAN could access it, and not IP's from WWW??

[francis-io]

You could secure it in a number of ways, including the way you mention. Unfortunately, it seems like security is no ones top concern unless they are forced to handle it correctly.

[parliament32]

That's not really what VLANs are for, you'd probably just use firewall rules to restrict access to certain IPs. VLANs are more for creating virtual-networks-inside-networks, they're more organization-based than security-based.