Use Windows Server 2003 as the ISA Server operating system whenever possible.
Install Windows Server 2003 Service Pack 1 to take advantage of the increased security and functionality.
Install ISA Server 2004 Service Pack 1 for compatibility with Windows Server 2003 SP1 and for enhanced ISA features.
Use the Security Configuration Wizard to lock down the Windows Server 2003 operating system.
Install only those ISA Server 2004 and Windows Server 2003 features that are needed.
Build an ISA Server on a clean installation of the operating system.
Consider the use of ISA Hardware Solutions and/or third-party add-ons that increase the capabilities of ISA.
In general, deploy ISA Server 2004 as a workgroup member if it will be deployed in the DMZ of an existing firewall, and deploy it as a domain member if it will be deployed as a full-function firewall.
If a Firewall Client Installation Share is required, consider installing it on a File Server if possible.