The shift of security architecture to a data-centric model versus a network access-centric model confuses the method in which we have continued to approach securing the network perimeter. We have marched to the same wisdom of a DMZ sandwiched between firewalls or now the same firewall with multiple interfaces. This network design addresses network connectivity and is non-important for real data protection. While it is true, the basic low skill attacks will be stopped, but we have seen that this design does not thwart even the semi-sophisticated attack methods. The reason is because the data is not protected, but the network perimeter is.

While it is important to protect the network and implement segmentation ...