Distributed security

Robert Hurlbut follows up Sam Gentile’s post about distributed development. There’s not much I can argue with here. In my response yesterday, I mentioned security as being one situation in which I support physical separation of the public presentation tier from the underlying business logic.

I am curious, however, about what a “well-defined pipe using COM+/ES server components” looks like from a security perspective. Doesn’t this require DCOM, which, from memory, pretty much blew a hole in any firewall?

Tiago Pascoal agrees with me about horizontally scaling applications and shares the same experiences with respect to database bottlenecks. He also calls for Sam and Robert to share more insights about their architecture - this exchange of ideas and experience is an excellent way to learn more about this subject.