When planning, developing, or evolving a Server and Domain Isolation solution based on Microsoft® Windows® IPsec and Microsoft® Active Directory®, you may want to include computers that are not able to support IPsec standards. You can use ISA Server as an IPsec gateway between IPsec-enabled and non-IPsec computers/networks.
ISA Server is ideally suited for the role of IPsec gateway as it includes all of the necessary gateway functionality: firewall protection, network address translation (NAT) and IPsec-based isolation support. The configuration of network, access, and publishing rules required to enable this solution is fully described in the document Using ISA Server to Extend Server and Domain Isolation Interoperability.
ISA Server Team
Thanks for the quick tip. Very useful information for a computer network configuration planning.
This document is under rewrite and will be re-published as soon as possible.
We'll post here when that happens.
PM, FF Edge CS
The IPsec Domain Isolation article that was originally announced here has been rewritten and reposted