DNS client windows service is disabled, the test fails, too.
The rule I set is: allow dns outbound to my only dns sever via 53 port, and deny all other dns request to any other IP via 53. Although DNS client windows service is disabled, DNS tester can pass through the firewall. I think this is not good.
Application-based security rule is really needed. I would love to be able to have a test with the 3.0 beta for this feature and new one.
After MMC is loaded, it suffers about 35-50M. Although you may shutdown, I think this is not good for sensitivity either. I hope it decreases in next version.
I think it requires a popup windows to report outbound case.
Log veiwer need automatical refress insdead of manually.