A Microsoft source answers as follows:
“We strongly recommend that users run only one host firewall on their system. Yes, the XP SP2 Windows Firewall can coexist with third-party firewalls, but multiple firewalls don’t make you safer. Running multiple firewalls just means you have to configure the settings in multiple places (e.g., opening ports for each firewall you run). For anyone who wants to keep using a third-party firewall after installing XP SP2–for example, because they like some of the extra features–we suggest they turn off the Windows Firewall. We have already advised third-party firewall vendors to programmatically turn off the Windows Firewall in their future releases, so this will eventually be automatic.
“We don’t have any specific guidance as to whether people should use the built-in XP SP2 Windows Firewall or use a third-party product. We absolutely believe that people who don’t already have host firewalls should run the Windows Firewall in XP SP2. Almost all firewalls on the market (including the Windows Firewall) provide good security; it then boils down to what features and capabilities people want. The Windows Firewall, for example, doesn’t do any alerting or intrusion detection. Neither does it offer outbound filtering capabilities. The Windows Firewall focuses on preventing attacks from successfully penetrating a system, but it doesn’t do anything to protect systems once bad software is locally installed. Some other products also have better diagnostics and centralized reporting than the Windows Firewall (which has no reporting whatsoever). I don’t believe people are “safer” running third-party firewalls, but there may be some features in these products that they would like to have.”
