Granted all the suggestions are good firewalls, however there is an important factor that needs to be considered. A lot of these products do not support server installations, due to IP stack setup on startup etc. I think only corporate versions and specific server versions of AV and Firewall software only work, but perhaps updated software works too??

I just attended the Microsoft Security Summit in Melbourne, and they were definitely pushing the built in firewall and IPSec security features of win2003. And intense use of Group and Security policies. They suggest locking down the computer ie block all ports then make policies to allow certain ports to open.

However, the big issue is AV, what AV work on servers??