I often get questions sent to me via private email about how to configure the ISA Firewall in a number of scenarios using the single NIC configuration. The reason for this is that there isn't much information on the single-NIC "hork" mode on the ISAserver.org Web site. Since there isn't much information on the ISAserver.org Web site, people think they'll get some information on this configuration by writing me directly. They won't.
The ISA Firewall is a firewall, and firewalls require physical segmentation of the networks to which its connected. When you deploy the ISA Firewall as a single NIC device, you break the ISA Firewall's security model and thus put your network at needless risk. Too many people assume that their "hardware" firewall has a magic fairy in it that will protect them from all badness coming in from the Internet and thus they can waste the firewall security provided by the ISA Firewall by deploying in single NIC "hork" mode. That assumption is wrong and they do themselves and their companies a disservice by deploying a "hork" mode ISA Firewall.
Think about it -- you really don't want to use "hork" mode ISA Firewalls, do you? Someone is making you do it. Find out why that person is making your use hork mode. Your best bet is to follow the money. What's the guy forcing you to use hork mode getting from someone else to harpoon your network security? Answer these questions and I assure you that your job will be much more interesting 🙂