Evolution to Self-Secured Nodes
As the future unfolds, network access devices will have to be built with protective shields (e.g. firewalls). All network access devices will have to become self-secured nodes.
The implication of this evolution is that access control will move from location to identity, from where to who. Strong digital identity becomes important for this to work.
Update (March 11, 2005):
It occurred to me that a simple way for an enterprise to transition to self-secured nodes is just to make sure all PCs have local firewalls turned on (running antivirus, antispam), and that the VPN is permenantly on. This "always-on" VPN approach allows enterprises to avoid worrying about mode-of-access (LAN, WAN, 802.11, Bluetooth, dial-ups, Internet)
Resources (March 21, 2005):
The evolution has started. Joanne Cummings describes how it's happening with enterprise apps in Locking down apps (http://www.nwfusion.com/