I'm evaluating SEP 12.1 for Windows Server 2011 Essentials (basically Server 2008R2) and I'd like feedback on how SEP's firewall compares to Windows firewall. I've read a few other posts on this topice but a lot of the posts seem to reference the XP firewall and confuse SPI with IDP. From what I understand, Windows Firewall is just as good as the Symantec Firewall for the following reasons.
CLARIFICATION
I am only comparing the SPI Firewall aspect of SEP. I realize that windows does not perform deep packet inspection. (Correct me if I'm wrong) Symantec Firewall is separate from NTP (Intrusion Detection/Deep Packet Inspection). I'd like to use the Windows firewall and the Symantec NTP.
Here's my comparison between Windows and SEP (please add your thoughts and correct any of my misconceptions)
- Both the Windows and SEP are stateful
- Both provide inbound and outbound rules
- Both are centrally managed (Windows through Group Policy/Symantec through SEP Manager)
- Both allow logging (SEP reporting [again for SPI not NTP/IDP] is probably a little more user friendly)
- Windows firewall is better integrated with Windows (obviously)
The only advantage I can find for SEP is its better reporting. As far as protection goes, both seem to be equal (SPI firewalls are pretty basic now). What's the advantage of SEP's SPI firewall over Windows'?
Thanks for the feedback