IMHO, put your Internet application at a NOC but if the data in your database is sensitive, I wouldn't put it in the NOC, I would host it back at your corporate data center. Use a VNP tunnel to bridge the two and allow a secure connection.
Whatever you do, do not host the database on the same machine and network as the Internet. Even if you do host the DB in the NOC, put it on a separate machine and build a private network for it. Basically, the Internet facing server would have 2 NICs, one for the Net and one for the private LAN. The DB server would only have one NIC, the private LAN. This means that your DB server is never directly accessible by the the Internet. It does NOT make it secure, it's just one more layer in your security, along with a firewall in front of your Internet facing server.
Oh, you didn't answer a very important question, do both apps need write access to the DB? If the answer is no, the answer to how you structure it.