"This concentration on configuring the server for different roles also affects the host-based firewall, which for the first time is turned on in the server operating system by default. The built-in firewall, unlike Microsoft's application-level ISA Server firewall, blocks traffic at the port level according to the role that the administrator defines for it."
What does this guy think the ISA Firewall is? I can answer that question based on the above quote. He has no idea what the ISA Firewall is and what it does.
FACT: The ISA Firewall is a network layer and application layer inspection firewall with Web Proxy and VPN server and VPN gateway capabilities. That means the ISA Firewall can exert "port level" control, just like the build in Windows Firewall in Windows 2008, but of course, much more secure because of the sophiscation added by the Firewall Packet Filter driver and Firewall service driver.
LESSON: Never believe what a "reporter" tells you -- trust only experts in the technology of interest if you want the facts.