My understanding of ESS firewall options are 1) Automatic. Provides less protection than windows firewall as it allows all applications outgoing access. 2) Interactive & allow all addresses & ports when prompted for each application. Essentially would provide the same protection as the windows firewall. 3) Interactive and select required protocol & ports for each application. Tighter and more flexible than windows firewall. 4) Policy-based mode. Silently blocks all unspecified applications & ports. Useful mainly when the user is not responsible for maintaining the firewall (eg. done by a system administrator). I prefer option 3 however setting it up is very labour intensive, involving lots of repetition between different computers and different users. Proposed solution ESET have a database of firewall rules for common user programs. Making this work requires consideration of both how it would be used by the user and who maintains the rules. User interface The simplest interface is a “Download Rule” button on the firewall alert screens (“incoming / outgoing (trusted) communication”), possibly greyed if there were no rules in the online database. Selecting the link would enable the user to choose a rule sets, published for the current program. A batch mode facility could also be added to the “Setup -> personal firewall” screen. Selecting this would scan the computer for applications with entries in the online firewall rule dB, and prompt the user to select the desired rule set for each. Using this facility standard applications could rapidly be configured. Database maintenance Developing and maintaining this database would probably be too costly for ESET to do on their own. The solution is for ESET to provide the interface, and provide a hierarchy of data suppliers. Rules should be presented based on author and in the following order 1) ESET 2) Software manufacturer 3) ESET reseller / Affiliate 4) ESET approved user 5) Other users – preferably with login name and status from this forum When a rule author publishes a firewall rule it should be a full set for that application. A text field should be available to describe applicability / restrictions, and any zones or ports which need to be setup by the user. The only real problem I can see is excluding poor &/or malicious rule suggestions. This could be addressed by ESET providing rule sets tor the core system programs. I am hoping resellers would provide rules in return for having their name in the author field (a form of advertising), thus ensuring a broad range of good rule suggestions. It may also be necessary to optionally exclude rules from “other user” above, especially for the batch mode scan.