I’ve been using TPF5 Beta for a while now and, even though it’s a beta and has some rough edges on its UI and it dramatically underdocumented, I’ve gotta say I like it! I think I may actually shell out some $$ for a firewall here in the near future.
OK, the question is, why? The application sandbox is pretty dang comprehensive, allowing me to group apps and give permission to the group as opposed to the apps. Separate permissions apply to registry keys and files as well as the standard networking protocols. I can set permissions to allow but monitor which means it logs the event in its own log and I can set the permissions to always ask me whether I want to allow it or not.
The connections view leaves a lot to be desired but it’s usable. It doesn’t look like I can shut down a connection I don’t like — a feature that I’d really like to have available.
And, of course, there are bugs. For instance, since I can’t find a way to bypass the prompt asking for permission to let IE create HOSTS.TMP in system32\drivers\etc even though I’ve explicitly added a rule to that effect.
The UI is supposedly very customizable butI don’t care a lot about that (yet). Basic feature set and usability is what I like.