THE OFFICIAL BLOG OF THE SBS "DIVA"

Did you know?

Stopping the service associated with Windows Firewall with Advanced Security is not supported by Microsoft. By default, in new installations, Windows Firewall is turned on in both Windows Vista and Windows Server 2008. If you must disable the firewall, such as when you want to use a third-party firewall program, do not disable Windows Firewall by stopping the service. Instead, use the Windows Firewall with Advanced Security interface (or equivalent Group Policy setting) to turn the firewall off. If you turn off the Windows Firewall with Advanced Security service you lose other benefits provided by the service, such as the ability to use IPsec connection security rules, Windows Service Hardening, and network protection from forms of attacks that use network fingerprinting. For more information about Windows Service Hardening, see http://go.microsoft.com/fwlink/?linkid=104976. Third-party firewall software that is compatible with Windows Vista and Windows Server 2008 can programmatically disable only the parts of Windows Firewall with Advanced Security that might need to be disabled for compatibility. Do not disable the firewall yourself for this purpose. http://technet.microsoft.com/en-us/library/cc753180.aspx

The other thing you lose is RDP access to a server if you shut off the service.  So if you are trying to test out why something isn't working and you disable the firewall service on Win2k8, ensure that you have some other means to that server as you'll lose RDP access as well.  (I'll put a temp copy of logmein when I'm messing with firewalls on a remote box just in case and then remove it once I have everything set up like I need it to be.

Bottom line, leave the firewall on the server ON and learn how to build firewall rules for your applications.  It's really not hard to do so.