Defending The Good Old Network Architecture
Newer, faster networking components allow network designs to deviate from the tried and true.
The author of an opinion piece posted at InfoWorld argues that implementing many of the newer and so-called better network designs is "a really bad idea." Traditional network setups, he argues, are not only quite straightforward but also very secure. He points out that separation between trusted and untrusted networks is one of the most important features of traditional networks, and is a characteristic many "modern" networks do not have.
"Take a traditional LAN/WAN network for a medium-sized business. Back in the day you'd have a firewall with an external, internal, and a DMZ interface; internal LAN switching; and a few routers driving point-to-point or frame-relay networks to other sites. All the Internet traffic flowed through the headquarters firewall, so there was a single point of egress. If there were backup links, they were likely to be ISDN lines at each site with a terminal server at HQ to call them up if necessary."