Is the firewall on Windows Server 2008 R2 sufficient?

I'm planning a few servers to be run on Rackspace cloud. Aside from using load balancers to control the flow of web traffic, how good is the Windows Firewall? I'm thinking in terms of throughput as well as security.


Solution 1:

The Windows firewall is just fine for most applications. As with running any server, start out with a default deny policy and open up only the ports that you need.

Perhaps the more important question is whether or not your application software is secure...

Solution 2:

The Windows Firewall is lean, mean, and does its job well. I doubt it would affect your throughput, and I'd trust it over any 3rd party software firewalls. ErikA is right in that you start with a default deny policy (preferably including outbound traffic also) to minimize your attack surface.

However, the benefits of a hardware firewall should be understood, since relying only on a software firewall isn't a best-case scenario. Even if you can't use one, it will help you understand the pros and cons of each ("Why should I bother having two firewalls???")