Abstract
In the past, the security protection model that most organizations applied to protect their infrastructure was simply the "Everything but the Kitchen Sink" model—meaning, add devices that protect the enterprise network perimeter (Trusted Zone), add devices that protect your mobile device, add devices that protect your data base., and on, and on .... In essence, this model simply amounted to the accumulation of security devices. Given the increased number, scope, and frequency of breaches, it is clear that this model has failed.