From: Mike N. 

On Sat, 2 Apr 2005 20:32:44 -0600, "Glenn Meadows"
 wrote:

>Mike,  Did MS add a real firewall to 2003 server in the SP1 release?  I
>heard from someone that they did.  Does it work like true firewall, or is it
>the same one that they brought to the front in SP2 for XP?

  It's slightly improved.   It doesn't have outgoing blocking by
application like ZoneAlarm.   I don't think this is critical for a server,
which normally operates in a 'headless, faceless' mode without an operator
to answer Yes or No to allow new outgoing programs access.   Also there
should generally be policies that prohibit web surfing or E-mail from a
server - the most common vector for introducing trojans or viruses.   But
if outgoing access restriction  is important to a particular configuration,
then a 3rd party server firewall is still required.

  They went a bit beyond just slapping in the XP SP2 firewall - you can
allow incoming access exceptions by program - if the program terminates,
the port is closed.  I'm not sure how valuable that one is in the end
though; the TCP/IP stack is almost never vulnerable without a program
listening.   Most importantly, you can now set firewall policies and
security configurations for both servers and workstations.

  The firewall cannot be used with Routing and Remote access - which has
its own firewall.
  The firewall provides a tool to protect the computer in the event you
like running naked on the internet.  For example if I understand it, if you
install a new slipstreamed server 2003 , all external access is closed by
default.  You can put it on the internet without a hardware firewall to
obtain security updates without getting wormed.

--- BBBS/NT v4.01 Flag-5