The replies here all come together in saying that security and protection from various forms of attack is no simple business, has no one single solution and that weapon of choice will vary from one user to another depending on their computer and internet usage. This fact alone first says to me that the operating system should focus on operating the computer and should generally avoid imposing integrated antivirus features and firewalling on the end user who needs to assess his or her own needs according to their computer usage. Whilst some overlapping of functions is inevitable the industry should continue to maintain some differentiation between system software, utility software and applications software.
This means that protection is to be provided by additional programs which may be offered by both third party writers as well as by the operating system writers who are, of course advantaged by their intimate knowledge of the system's working. A responsible operating system provider should provide a default suite of software offering basic protection against various forms of malware for those many users who lack the technical skills to assess their specific needs but equally it must be possible for more technically savvy users to determine their own needs and configure their own solutions. The system software providers should make their users aware of the needs for security and should facilitate the implementation of a range of solutions but they should not be imposing their own solutions which may be inflexible and not in keeping with individual needs.
In these forums we have a major part to play in explaining the different threats represented by viruses, trojans, worms etc and the nature and purpose of the different solutions, both proactive such as firewalls and antivirus software and the reactive processes such as mbam etc. As is demonstrated in earlier posts, each of our experiences differ according to our various activities and those who have contributed to this topic, many of whom appear to disagree are actually in full agreement, contributing to the larger picture of security threats from their own perspective.
For what it's worth I personally avoid the "all in" solutions like Norton as they consume resources beyond their worth to me and they get in my way but for many they represent a fairly solid package solution to a range of threats. I am running MSSE, which I have found to be excellent, alongside the standard MS firewall which serves its purpose for me. I regularly run MBAM to check that nothing has "sneaked in".