Windows 7 and Windows 2008 have all the features you describe as new security technologies you found in a MAC. I don't know how your windows network have too many infections with GPOs and Antivirus. Perhaps users have too many permissions, perhaps you need a lockdown feature (like Cisco Security Agent). Something is missing here, I see a couple of big Windows networks without a single virus hit or problems. You will need firewalls, NAC, IPS, etc to properly secure windows networks, most because users education is not good and people continue to visit lot of bad sites or open spam emails.