The Microsoft IT group helps protect the corporate network using domain isolation with IPsec. You can read about it here.
The Microsoft Solutions for Security (MSS) team has recently released a Server and Domain Isolation Using IPsec and Group Policy paper. This solution demonstrates how IPsec transport mode can be leveraged as one of the best means currently available to protect corporate networks and minimize losses due to information theft, compromise of credentials, and administrative costs. This solution also clearly contrasts IPsec transport mode with the more widely known IPsec tunnel mode, one of the prevalent VPN technologies today.
Full article at <http://www.microsoft.com/technet/security/topics/architectureanddesign/ipsec/default.mspx>
Improving Security with Domain Isolation: Microsoft IT implements IP Security (IPsec)
Detailed discussion on how Microsoft IT introduced Domain Isolation to the Microsoft global enterprise network, to prevent unauthorized access to trusted assets. The technology chosen for isolation is Internet Protocol Security (IPsec), a standards-based approach to authenticating network traffic, which can be deployed and managed centrally through the use of Group Policy. The result of these efforts is a secure, segmented network of trusted computers. Downloads (Technical White Paper, Technical White Paper Presentation)
Full article at <http://www.microsoft.com/technet/itsolutions/msit/default.mspx>
Using IPsec for Network Protection: Part 1 of 2 :http://www.microsoft.com/technet/community/columns/secmgmt/sm121504.mspx
TechNet Support WebCast: How to use IPSec to help secure network traffic http://support.microsoft.com/default.aspx?scid=kb;en-us;888266
TechNet Webcast: Network Isolation Using Group Policy and IPSec (Part 1 of 3): Overview of Internet Protocol Security (Level 300)