Which security level

Custom Policy or safe mode is more safe?

when you know what you are doing, custom mode is safest, because you dont let a program making decisions for you.
i never used in a firewall anything else than custom mode.

Why switch to “Custom Policy”? For “Safe Mode” only outgoing “traffic initiated by safe applications is learned” and all traffic “initiated by unknown applications is alerted to the user”. What’s the downside here? Aren’t you still protected from all unknown applications at the expense of letting applications known to be safe contact the internet?

It seems like a good balance to me. clockwork, why do you recommend custom policy mode?

Proactive is probably the best

at chiron:
i suggested custom policy mode when someone knows what he does. then you have the whole view about anything connected to the internet. i dont want a program to choose for me.

i cant suggest something, that i wouldnt use myself! simple as that. i didnt said, anything would be bad about safe mode. i said, custom policy could be more safe. and thats not wrong. if you dont know what you are doing, custom policy mode can be unsafe… it depends on the user too.

at darken cypher:
proactive mode is is not related to firewall rules set, so its not the right “suggestion” to answer the given question here.

Ok. Thanks for explaining. I was just wondering if there was something I was missing. I’m always on the lookout for new settings to make CIS more secure without decreasing usability too much.