Defense-in-depth technology comes from a long back historical background, where kings used this concept to build their forts. The basic principle of this is to neutralize enemy's attack as maximum as possible, for that they would build secure postures at every point of invasion.
This kind of defense patterns starts with:
1. Location
2. Perimeter level defense
3. Sub perimeter level defense
3. Core Level defense
Later on this concept was introduced in creating security into corporate networks. It doesn't make a difference on the size of the network or complexity of the network, what matters here is the thinking involved in creating defense layers in the network.
One should think on:
1. What needs to be protected?
2. What is the critical value to protect?
3. Business damage, if not protected?
Only then, one can devise a defense-in-depth plan for the network.