It has always been a topic of debate whether to keep ISA/TMG servers in domain or in workgroup. Sometime back I wrote a blog entry http://isingh.spaces.live.com/blog/cns!D4B487C69B1A780!159.entry covering domain member vs. workgroup model.
In order to update the context, i would like to add the below URLs describing the supported and unsupported scenarios when configuring ISA/TMG servers in domain or in workgroup.
http://technet.microsoft.com/en-us/library/dd897048.aspx
http://technet.microsoft.com/en-us/library/ee796231.aspx#kjdfg947jfht
Hope these URLs will help you understand the key features you lose when you implement a workgroup model.
Cheers !!