Well here's how i set up the two. It's a very simple setup. 1. All browsers run untrusted under GeSWall. 2. All download folders are forced sandboxed. My Temp folder is forced sandboxed as well. 3. USB/Ext. Drives are forced to run sandboxed. 4. My default audio and video player is VLC and all media files are forced into a sandbox thru VLC. Just in case any mp3 or avi i get from friends turns out to be infected. 5. Default picture viewer is picasa photo viewer. This is forced to run isolated under GeSWall. 6. I run Chrome Plus. Now chrome runs better sandboxed with Sandboxie. So this is the only browser i have running in a seperate sandbox. 7. Overall, i have like 5 sandboxes - ChromeBox, USBBox, MediaBox, Default (off-course), TestBox (for testing app.'s) 8. I haven't added any other resource rules in GeSWall and use the default ones. But Browsers (IE, Firefox) are denied access to my other partitions. 9. All Sandboxes, except ChromeBox and TestBox, are denied internet access. ChromeBox is denied access to other partitions. 10. I have Comodo (with D+ in Safe Mode) and just added Panda Cloud AV (beta 3) along with this setup. And MBAM. That's all i think. I think i have a few other minor settings, which i cant remember now. Feel free to comment. I've just had this setup for like 2 months. Haven't been infected so far. Everythings running smooth. I'm sure i'll have a few holes that i haven't plugged. So if u think there are any, i'd appreciate the help. Cheers! P.S.:- This is in Windows 7 (32bit).