You would love my environment then! I have 30 instances on a single box!

For the two instance argument it means I can protect the databases that run Integrated Security in an isolated environment. If by some horrible freak of circumstance an SQL Server login (sa for example) becomes compromised I can at least help to minimise the damage.

The amount of transactional databases we have I decided warrant the additional instances. The reason for it is that previously sysadmins paid absolutely no attention to memory management when the databases were installed. That meant (and this happened on two occasions) a runaway query brought the entire instance down (about 130 databases). My train of thought is that although from my side it is far more work and attention to detail, I can reduce the amount of damage that a single developer (that incidentally still insist on developing on production databases) can do to the entire instance. The problem is we have quite a few 24/7 databases and also time sensitive data that needs to be protected by almost any means possible. The only way I can do this is by ensuring the amount of memory available to each of these databases is as guaranteed as I can possibly make it!

If this were Oracle it would be a nightmare situation (Tom Kyte makes a point of saying 1 instance desrves 1 box!) but with SQL Server the management of instance memory is easier to control.

Licensing is a moot point: When you install a SQL Server, you are entitiled to install as many instances as you want without incurring additional costs! SQL Server supports up to 50 instances on a single box so off we trot then....!

Although you are right about patch updates and so on, another problem I have is patch level support for certain applications, differering collations and authentication methods. It is a brain tickler of an environment for sure!