Well here's how i set up the two. It's a very simple setup.

1. All browsers run untrusted under GeSWall.
2. All download folders are forced sandboxed. My Temp folder is forced sandboxed as well.
3. USB/Ext. Drives are forced to run sandboxed.
4. My default audio and video player is VLC and all media files are forced into a sandbox thru VLC. Just in case any mp3 or avi i get from friends turns out to be infected.
5. Default picture viewer is picasa photo viewer. This is forced to run isolated under GeSWall.
6. I run Chrome Plus. Now chrome runs better sandboxed with Sandboxie. So this is the only browser i have running in a seperate sandbox.
7. Overall, i have like 5 sandboxes - ChromeBox, USBBox, MediaBox, Default (off-course), TestBox (for testing app.'s)
8. I haven't added any other resource rules in GeSWall and use the default ones. But Browsers (IE, Firefox) are denied access to my other partitions.
9. All Sandboxes, except ChromeBox and TestBox, are denied internet access. ChromeBox is denied access to other partitions.
10. I have Comodo (with D+ in Safe Mode) and just added Panda Cloud AV (beta 3) along with this setup. And MBAM.

That's all i think. I think i have a few other minor settings, which i cant remember now. Feel free to comment. I've just had this setup for like 2 months. Haven't been infected so far. Everythings running smooth.

I'm sure i'll have a few holes that i haven't plugged. So if u think there are any, i'd appreciate the help.

Cheers!

P.S.:- This is in Windows 7 (32bit).

Hahaha... Lokking at ur sig, i'd think u were using a lot of stuff for security! :P
But thanks. :)

BTW i tun D+ mostly wen connected to a LAN.

I've been reading about LUA, SRP, etc. now. But i'm not sure how to set it up for W7.

No. I haven't seen this combo before. Thats why i wanted to know if there were any holes in my approach.

But in theory, it seems sound - watever's not covered by GeSWall is covered by sandboxie. And if Defensewall and Sandboxie works 2gether, so should this.

And in D+ i exclude Geswall.

My changes would be

Comodo D+, replace it with default Win7 FW + UAC

With two strong aps covering your threatgates, this should be sufficient protection

The last remark is a question of personal preference, but I would let GeSWall guard my media files (not SBIE)

Regards Kees

I have tried,tried and tried to get GeSWall to play on my system.

That with AV and Firewall (Avira free and Kerio 2.1.5) or Light Virtualization and Firewall,(Returnil 2008and Kerio 2.1.5) or light virtualization,browser virtualization,and firewall,(ShadowDefender,Sandboxie,Kerio 2.1.5),

And i have never avoided BSOD's that occurred as long as GeSWall was installed,and stopped as soon as it was removed.

Very attractive program that I wish I could run,but for me,it just will not work.

-{ Quote: "My changes would be

Comodo D+, replace it with default Win7 FW + UAC

With two strong aps covering your threatgates, this should be sufficient protection

The last remark is a question of personal preference, but I would let GeSWall guard my media files (not SBIE)

Regards Kees" }-

Thanks Kees.

I used to have GeSWall isolate my media, but i found VLC loads faster under Sandboxie. But is there another reason you'd want to load media under GeSWall?

D+ is off most of the times. And i hear UAC has a few issues with GeSWall. So i'm testing that in a virtual OS before using it on my real system.

-{ Quote: "Thanks Kees.

I used to have GeSWall isolate my media, but i found VLC loads faster under Sandboxie. But is there another reason you'd want to load media under GeSWall?

D+ is off most of the times. And i hear UAC has a few issues with GeSWall. So i'm testing that in a virtual OS before using it on my real system." }-

Only other reason would be when you would buy music rights yourself. When not, keep it as it is.

-{ Quote: "I have tried,tried and tried to get GeSWall to play on my system.

That with AV and Firewall (Avira free and Kerio 2.1.5) or Light Virtualization and Firewall,(Returnil 2008and Kerio 2.1.5) or light virtualization,browser virtualization,and firewall,(ShadowDefender,Sandboxie,Kerio 2.1.5),

And i have never avoided BSOD's that occurred as long as GeSWall was installed,and stopped as soon as it was removed.

Very attractive program that I wish I could run,but for me,it just will not work." }-
May be you can mail to Brian and it can be corrected in next version.

InshaAllah,I may do that in the future.
For now I am happy with what I have.
I really have no doubt that GeSWall is a fine program,
something is unique to my system that causes the problem.