Link: Introduction to Server & Domain Isolation with Windows
Microsoft has posted what appears to be an updated document (version 1.1) from August 2005, Introduction to Server and Domain Isolation with Microsoft Windows. Server and Domain Isolation using IPSec is a great method for creating isolated networks to protect those networks from unwanted traffic. Domain isolation solves the problem where access to domain resources should only be from domain member computers. If you are considering implementing NAP with Windows Server “Longhorn”, you should be planning your domain isolation strategies now.
You can mitigate some of the risks associated with unauthorized and potentially unfriendly access to your network and its resources by creating an isolated network. There are different ways to create an isolated network. With the Microsoft® Windows® operating systems, you can create an isolated network by using the Active Directory® directory service and Group Policy settings to isolate both your domain and domain member servers that store sensitive data, thus limiting access to only authenticated and authorized users.