Access Policy or Server Policy? Which one do I use?
The ISA Product Team put out a nice blog entry titled Access Rules vs Server Publishing Rules. The article is written in an easy to read numbered list format. I think this take some of the sting out of a subject that has caused so much confusion. Most firewalls don't make a distinction between different types of rules (because most of them don't offer different type of rules) and the reasons for this distinction are well explained by the product guys in this blog entry.
For what it's worth, I use this rule of thumb (which of course has exceptions):
If I need to grant access out of my network use Access Rules.
If I need to grant access into my network use Server or Web Publishing rules.
That latter statement particularily refers to allowing users on the outside of your network access to websites or applications hosted on your non-SBS server sitting next to your SBS. For example an SQL, Web, or Video server.