First time VPS user, and still a beginner at Windows Server 2003.
Is the built in (simple) windows firewall considered sufficient if all I'm going to do is expose a few ports and block everything else, or do I need to consider another solution for an internet facing firewall?
-Adam
See this link:
http://technet.microsoft.com/en-us/library/cc787104.aspx
Basically the firewall has it's limitations, and even Microsoft only see it as a "supplemental solution".
What size is the network that you want to keep behind the firewall, and what traffic do you want to let in or out?
Windows Firewall is a good, basic firewall. If all you want to do is block open access to the server and open individual ports for particular services, then its fine for that. Problems start to occur when you want to open a large range of ports, this can be done with scripts, but makes management much more complicated. Also if you want to restrict access to a port to only particular IP's or block rogue IP's from your server, windows firewall can't do that. So if you need any of these facilities you will need to look for a different solution.
As Windows Firewall is a software firewall, you also have the same problems experienced by all software firewalls. In the event of a DDOS attack the firewall can become overloaded by requests and cause your server to grind to a halt. Hardware firewalls are much more capable of handling this, and if they do have problems, its unlikely to cause an issue on your server.