Good news: ISA and Forefront Threat Management Gateway are now supported on hardware virtualization platforms validated by the Microsoft Server Virtualization Validation Program (SVVP),
A white paper available here provides specific guidelines for deploying ISA and Forefront TMG within hardware virtualization. Recommended reading - particularly the best practices documents provided in the References section.
And below is a TechNet Edge video with Jim Harris providing some guidance on what to consider when virtualizing ISA and TMG woth Hyper-V or Virtual Server.
Virtualize your ISA or Forefront TMG servers
Microsoft’s Network Access Protection (NAP) solution was cited as a leader (the top category) in a recent independent report, “The Forrester Wave: Network Access Control, Q3 2008.” Microsoft was one of the many network access control (NAC) vendors invited to participate in the report.
Forrester placed a lot of emphasis on different access control scenarios for the evaluation and the different vendors were evaluated around twelve different scenarios as well as strengths across technology, strategy and market presence.
“Microsoft has the strongest NAC product for managed endpoints,” the report stated. The report goes on to state that even though its official product has only been shipping since the inception of Windows Server 2008, Microsoft has already established itself as a critical thought leader and contributor to the standardizations of NAC. “Microsoft has the overall highest score among the 12 scenarios we evaluated,” the report added.
Microsoft Network Access Protection ships with Windows Server 2008 and Windows Vista and XP SP3, and has a framework that provides interoperability with over 100 different vendors. The NAP statement of health (SOH) has also been adopted as a standard by the Trusted Computing Group’s Trusted Network Connect (TNC).
More information about Microsoft NAP can be found here http://www.microsoft.com/nap