How does the XSS (Cross Site Scripting) support provided by ASP.net differs from AntiXss. AntiXss is a microsoft library for securing your site against XSS. Both API looks almost similar and it looks that they can easily be switched from one to another by doing find replace in your code files.
Which one provides more security against XSS? Is it advicable to use the intrinsic support provided by ASP.net?
There are several differences. First of all the Microsoft AntiXss library uses white list encoding, which means that all characters are encoded, except all characters that are known safe. The standard encoding mechanism of ASP.NET is black list. For HTML encoding for instance, it only encodes 4 characters: <, >, & and " (for instance, it doesn't encode the single quote). Look for instance at this SO answer what can go wrong with this.
Another difference is that basic ASP.NET encoding (using the HttpUtility) is only capable of encoding HTML en URLs. AntiXss also allows encoding HTML attributes and JavaScript text. There is no safe way of doing with in standard ASP.NET.