If you don't know who is scanning you, I would definatly investigate the scans. Although, you may think that the server is secure, there are always new flaws/vulnerabilities that you may not know about. If you are seeing a scan a couple times a day, someone is certainly checking out your ISA server. Probably using NMAP. You may want to do a reverse lookup on the ip address in you log, and give the company a call regarding the scans. It may stop an attack before it happens.
Joe