Joe,
The answer is yes, we currently have a set up that has 2 web adapters (arcgis_external,arcgis_secure) the external allows anonomous access where the secure uses active directory accounts with digest.
We have to make duplicate services for those layers that we want to be secure (normally the layers that we want to provide feature access (editing) to). This is so we can secure one and not the other.
Regards
Anthony