I like Private Firewall also and use it on one of my Vista machines as an alternative to OA. I have become less enamored with HIPS except as a way to score well on things like Matousec. The attachment shows the items the HIPS in OA can check on an individual process basis; Comodo D+ has a similar list. Depending on how the Avast! Behavior Shield is actually configured by Avast!, the second attachment shows that it can perform very similar functions although not on an individual process basis. I think that if the OA list of items were incorporated into avast! as answers to the items in the figure ("malware like behavior", "unauthorized modifications") for untrusted programs, I would get very similar results. But avast! can go beyond just giving me popups that I then need to figure out-unless I am running a Utube test and already know popup=malware. My wifes computer is configured with just Avast! and the W7 firewall-never any problems with security, and she is pleased to be rarely bothered by popups. I used that configuration also until the OA beta for W7 was available.
A HIPS can be a good way to understand a little better what your processes are actually doing, if that is important to you. And if you commonly let malware in, that can be useful. But when I look at the Avast! BeS (and similar functions on the WRSA beta) I get the strong impression that HIPS is OBE (except for the UTube hobbiests, of course. And Matousec.
). "HIPS usability improvements" seems like an advertising slogan to try to keep it alive for more of the users with some performance compromises.