The TS Gateway is one of the most popular and implemented of the new features of Terminal Services in Windows Server 2008. One way to implement TS Gateway is to "publish" it with an Microsoft ISA Server. Not sure how to do that? Don't worry!

I recently ran into this article at Technet, detailing exactly how to do this. You can use Microsoft Internet Security and Acceleration (ISA) Server 2006 to enhance the security of TS Gateway service while allowing external access to internal resources. You can set up an SSL-to-SSL bridging scenario in which ISA Server 2006 receives requests and passes them to the internal TS Gateway service, also using HTTPS. While bridging the request, the ISA firewall decrypts the SSL communications and performs application-layer inspection.

If the HTTP protocol stream passes inspection, then the communication is re-encrypted and forwarded to the Terminal Services proxy. If the protocol stream fails inspection, the connection is dropped.

The technet article examines how to publish the Terminal Services Gateway through ISA Server 2006. Then it discusses extending the ISA Server 2006 publishing scenario to include client health enforcement using NAP. By using NAP, we can create client health policies that helps you control access at the Host Layer.