I have done some reading of threads here concerning DSA and Private Firewall. From that effort, I conclude the following: 1. DSA contains the basic Private Firewall engine, and provides inbound SPI protection for TCP, UDP, & ICMP protocols. 2. Private firewall does not provide protection at boot, per Stem's testing. 3. DSA provides basic outbound network access control. 4. DSA is supposed to work without conflict with other firewalls. If the above four points are correct, is there any reason NOT to run the Windows SP2 Firewall along with DSA to cover the shortcoming listed in point 2 above? I am not interested in comments offering other solutions, as my present security set-up has kept me clean for years. As a veteran user of both KPF 2.1.5 & CHX-I, I understand that a DSA/SP2FW combo would limit configuration options. Thanks for your time.