I have a few GeSWall related questions I want to ask. Please answers them. Even simple yes/no answers will be enough - 1] Will an isolated media player be able to communicate with my MP3 player, i.e., be able to sync files, etc.? 2] If I manage to terminate GeSWall, will all the resitrictions imposed on applications by it, be lifted? 3] Since child applications inherit rules applied to the their parent applications, will an executable spawned by my .pdf viewer have access to files/folders set as confidential, if my .pdf viewer has access to them? 4] Will one isolated application have access to another isolate application and it's resources? 5] What is the difference between jailing an application and isolating an application? 6] Assumed that the answer to the 4th question is "no", then if my web browser - not having access to resources tagged as "confidential" - spawns a keylogger, will the keylogger be able to log keystrokes and access confidential data that then is being accessed by my text editor? Or will it depend upon GeSWall's detection capabilities? 7] Is it possible to block internet access and deny execution permissions to newly spawned executables, or will it depend upon the restrictions imposed upon their parent applications? 8] Can a jailed application's newly created data be retained to the real system? 9] I am using CIS as my HIPS as of now. Will CIS have complete access to GeSWall and all applications running under it, and will it intercept an executable - running under GeSWall - launch? 10] This question is not directly related to GeSWall, but very important to me; I hope someone answers it. I believe that for any malicious code (rootkits, keylogger) to pull out it's tricks - hide itself, infect files, etc. - it cannot do it before execution. So will such a file be in complete control (have knowledge of it's existence....) before it executes? 11] What type of restrictions will be imposed on untrusted resources created by isolated applications? I am probably rephrasing the 3rd question, I believe the answer to both the questions would be the same. 12] Will files and applications having no rules set themselves (not treated as trusted, untrusted or confidential) be completely accessible to isolated applications? For ex. If "C:\WINDOWS\system32" is not under the control of GeSWall, will my isolated web browser have complete access to it? 13] Final question, is GeSWall too buggy? I have had the "....management snap-in..." errors in the past and had to uninstall it, which didn't go very smoothly. And is GeSWall compatible with CIS 3.5?