I'm a longtime Zone Alarm Pro user. For several different reasons, I've decided to get smarter about software firewalls and determine if I should use a different product. Now, I was over at Becky's forum asking questions about Look n Stop specifically, and how a rule-based app differs from an application-based one. The basic explanation (which I'm sure is very high level and general) is that Look n Stop has 2 fundamental layers of protection. The first is application based, and if an app is denied permission to establish connections, then that's the end of the story. But if it IS granted permission to connect, then the rules set is invoked and used from that point forward. I'm probably oversimplifying it, but it sure seems to me like what's happening is a rules-based fw is doing what ZAP already does, and then applying a whole other level of control on top of that. So, that leads me to my basic question: is a properly configured rules-based firewall inherently more secure than a properly configured application-based firewall, assuming both are good at 'what they do'?