http://blogs.technet.com/b/tonyso/archive/2005/03/31/403162.aspxThe Microsoft IT group helps protect the corporate network using domain isolation with IPsec. You can read about it here . The Microsoft Solutions for Security (MSS) team has recently released a Server and Domain Isolation Using IPsec and Group Policyen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)http://blogs.technet.com/b/tonyso/archive/2005/03/31/403162.aspx#405510Tue, 31 May 2005 18:32:54 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:405510tonysoSo this guy goes into the doctor's office and says &amp;quot; Doctor, IPSec...&amp;quot; &amp;amp;lt;sound of phonograph needle...<div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=405510" width="1" height="1">http://blogs.technet.com/b/tonyso/archive/2005/03/31/403162.aspx#403168Thu, 31 Mar 2005 20:31:11 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:403168Lewis CurtisThis is pretty exciting stuff. <br> <br>The use of IPSec, PKI Security Certificates and Group Policy for authentication and enabling authorization models have received a lot of attention this year. This is great news. As large enterprises expand their scope and scale of user resource needs <br>(example: mobile PoS Self Service environments, Cell Phone personal PoS, RFID, channel partner services, etc...), It will be interesting to see how this might affect AD and ADAM enterprise architecture designs in the future. <br> <br>Furthermore, as these security systems become more standard in the enterprise, it could potentially decrease the amount of authentication and authorization complexity in each siloed applcation introduced into the data center. Thus it could decrease TCO of a multitude of solutions (Unix as well as Microsoft). A predictable and consistent model <br>across silos. <br> <br> <br>Lewis Curtis<div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=403168" width="1" height="1">