If I don't use ESS anti-spam control (because my email provider does a great job of this), how would you compare using ESS against using EAV with Comodo Firewall? Does ESS offer me something more than an EAV/ComodoFW combination? If it's important when replying here, when testing Comodo FW with EAV, I found I didn't like Comodo's Sandbox feature, so I wouldn't be using that if I opt for the EAV/ComodoFW combination.
If you don't need the anti-spam then NOD32 antivirus plus Comodo Firewall is a very good combination. If you are not bothered about leaktests (and I assume you are not or you wouldn't be considering ESS which doesn't have HIPS) then I would consider configuring Comodo Defense+ to disable the sandbox, turn off all of the HIPS monitoring settings but leave Image Execution Control enabled. That way you will have a free firewall that is every bit as good as the one in ESS combined with an anti-executable. With the HIPS disabled, the only alerts you will get will be when a new unknown application tries to access the Internet or when an unknown executable tries to run. If the ability to pass leak tests matters to you then there is no point in even considering ESS. You would then need to enable the HIPS monitoring settings in Defense+ but be prepared an increase in the number of alerts while Defense+ is learning your system.
Thanks. A very helpful reply, and pretty much what I figured. I'll probably just go with EAV with Comodo FW.