Sandbox enabled or disabled?

I have a question to ask Comodo veterans.
Comdo Firewall 5.3 w/ D+ enabled and set to safe mode with default rules. Configuration set to Proactive Security.

  1. Sandbox enabled with unrecognized restriction set to “untrusted”.
  2. Sandbox disabled.
    Which option is safer w/o considering user’s interaction?

My best regards,

Using the sandbox will take away alerts.

Having it set to Untrusted can give problems with some of your programs. Depending on the savvyness of the user you may consider to lower the restriction level some; it’s just trial and error and see what works for your situation.


my Sandbox is active and is set on the Limited.
Q: AutoSandbox act according Isolated Application, or Limiteed Application?

Thanks Eric, I know about that, so I really prefer an option to “Restart the program outside the sandbox” rather than “Do not sandbox the program again”.

Thanks again Eric, I think I’ll disable the sandbox and keep the alerts to myself. Once there is an alert of my trusted program, I’ll choose the predefined “Trusted Applications” rule for it.

My best regards,

That has been requested. The wish is probably there in the Wishlist - CIS board.