Toubkal is a new hardware architecture which provides secure, efficient and flexible hardware isolation. It is a modular system that offers strong separation of different hardware modules within a system. Lightweight devices use mainly a Memory Protection Unit (MPU) to protect the memory and create an isolation architecture. However, the MPU offers only a memory control access for the software running on the system. This scheme does not prevent other hardware components from accessing system memories. Toubkal aims to enhance these MPU architectures by adding a new hardware layer to create different access environments for different hardware components. Toubkal has been designed in such a way that it can easily be adapted to the system needs in terms of security, safety and performances. It does not require any change in the existing hardware modules. We present a detailed description of the architecture, then we compare and discuss run-time, area overhead as well as security limitations using different policies and options. The first experimental hardware module increases between 0.08% and 8.5% a single core Rocket Chip cells area.