Yes, it is generally a good idea to put internet-facing servers on a network that is separated from the local network. The point of this is not to minimize their attack surface (since they are already connected to the internet after all) but to prevent them from being used as a stepping stone for attacks on your internal network. To make this effective, you should block traffic from the internet-facing network to the rest of your network and treat it as potentially untrusted.