From the sounds of it, you're discussing disabling a software firewall, not an actual hardware firewall. There's a lot of applications which require local firewalls to be disabled - for instance, we disable local firewalls when we're deploying telephony application servers because of vendor requirements. Likewise, some applications require SELinux to be disabled as well. All of our servers are still collectively behind a firewall, and beyond that we have a number of ACLs and centralized authentication controlling them. As for not running a firewall being lazy - firewalls are tools. Sometimes they're the right one, and sometimes they aren't. The only way to tell is experience on when to use each tool (and budget too). The more time you spend with networking, the more you'll come to realize that. But since you're learning, stick to what you've been told until you master it. As Picasso said, "learn the rules like a pro, so you can break them like an artist."