Interesting article, I’ve been meaning to look into more active management of the endpoint firewalls.
But the built-in one in Windows is great. A bit of a pain to manage but with GPO:s I suppose that can be greatly simplified.
And much like antivirus – using a built-in Microsoft product should mean the product itself doesn’t become an attack surface. Other antivirus products just don’t integrate neatly enough and they don’t know the Windows system itself well enough to do it properly, most likely. If there is already capable built-in functionality, may as well use it.