Firewalls, HIPS, and antivrus/antispyware actually serve quite different functons. Firewalls are all about connections, whether or not to allow them. HIPS is all about the allowed actions of programs resident in your computer. Anti-Spyware/Anti-Virus is kind of in the middle, using both signatures and heuristics to determine whether the content of the "connections" you allow should turn into resident programs on your computer or be allowed to call out from them. Thus the argument about FW+HIPS obviating the need for anti-spyware/antivirus follows from:"doesn't matter how much crap you let into your computer, if you keep it from doing anything with the firewall and HIPS it won't harm you." I prefer to keep it out of the machine, rather than counting on the constant vigilance of the users to watch the popups carefully. If you use only trusted programs and trusted sites and only open trusted email, even then you need to watch carefully because THEY may have a virus. And it may not always be in your virus database; thus Gibran's comment about using the firewall/HIPS as a complement to catch unknown malware doing unexpected things if used properly.
Author