I want to know what's the difference between both products and which to buy if I am deploying a Small Business Server 2008.
Well, it depends on what your security requirements are for your network and the SBS 2008. Can you provide some additional information on what you would like to protect or services to provide.
1. Do you need secure remote access to the server? If so, do you want to use SSL, client base VPN application or the ability for remote users to download the VPM client from the security appliance?
2. Do you need to have a DMZ zone for email and/or web service?
3. Or do you need to port forward or use Outlook secure access?
4. Do you need web threat or content filtering services?
5. Do you need site-to-site tunnel to a remote office/branch office?
6. Do you need email scanning for viruses, malware, etc?
I have deployed both products, depending on the requirements from the customer and what they need to protect.
Hope this helps.