Two-tier architecture is a client/server architecture , where a request to do some task is sent to the server and the server responds

by performing the task. where as a three-tier or a multi tier architecture has client, server and database. Where the client request is sent to the server and the server in turn sends the request to the database. The database sends back the information/data required to the server which inturn sends it to the client.

n-tier data bases are mo st commonly implemented as a three-tier model (illustrated in second illustration above). These databases extract the business rules and place them in an independent middle layer. The server and client never communicate directly with one another, passing all data through the middle layer which performs the business rule validation. There are several benefits to this model The three tier software architecture (a.k.a. three layer architectures) emerged in the 1990s to overcome the limitations of the two tier architecture. The third tier (middle tier server) is between the user interface

(client) and the data management (server) components. This middle tier provides process management where business logic and rules are executed and can accommodate hundreds of users (as compared to only 100 users with the two tier architecture) by providing functions such as queuing, application execution, and database staging. The three tier architecture is used when an effective distributed client/server design is needed that provides (when compared to the two tier) increased performance, flexibility, maintainability, reusability, and scalability while hiding the complexity of distributed processing from the user

Security . Additonally, a web server is often placed in the least protected part of your network and is exposed to the outside world. In most sytems security is key and a large part of security is to protect your database and file storage systems. In a 2 Tiered system, the web server communicates with the database server and other resources on your network directly. The threat here is that if someone attacks your web server there is now a direct gateway to all your network resources.

However, in a 3 tiered architecture, you limit communications from your web server to just to the application servers. In fact you can confirgure the application server to accept instructions only from the web servers. this way an intrusion into your network, i.e., someone walking in and connecting his laptop to your network, will still not give them access to the system in question. Load and throughput. In a 2 tiered system if you have a huge increase in your user base you will need to buy servers that will need to be powerful enough to run both the web and the application. However in the 3 tiered system, you can scale your architecture based on what your system does and on where your choke point is. For example, if you have a processor heavy system, then you can add additional application servers and leave the web servers as is. If the system does not require much processing, then you can handle additional load by adding more web servers (very cheap machines to handle throughput rather than processing) and leave the application servers as is. So how do I choose 2 or 3 tier? Below is a table that can assist in making the decision. A 2 Tiered system can be beneficial when you have a small number of users, low security or intranet application, and low level of processing

requirements. The moment any of these conditions fail you must consider a move to a 3 tier architecture.
2 Tier Number of Users Large Small Domain/Security Intranet Internet Processing High Low X X X X X X 3 Tier