The presenters from the Jericho Forum at DEFCON 14 this year did an acceptable job of highlighting the principle that border firewalls are much less beneficial that they used to be for security purposes. WiFi, VPNs, MANETs etc. provide constantly changing IT environments which are not realistically plausible for IT to completely control. Our new challenge is to accept that hostile things may exist on the network, and we must solidify the security of individual services despite high-priced blue-colored networking hardware connecting it all. Their DEFCON session was unfortunately unclear on the specifics of how one accomplishes this, but I nevertheless agree with many of their core principles.
This Decades Security Challege (good .pdf slides)
De-perimeterization is the way to go for network security
De-perimeterization: Jericho Forum misses the mark