Comodo is user-hostile. If you want to spend days figuring it out and when you think you've got it, "Oh, that's a bug" or "Oh the manual should have read..." ultimately never knowing if the thing works properly, have at it. The only leg it stands on is that it auto-sandboxes everything that hasn't been ordained safe (which isn't as much as it should be), which means the user has to make all the decisions...constantly. If you're a micromanager from the ninth circle of Hell, then you should be in Heaven.
I'd call it a well-integrated kludge.
Outbound firewall: why? If you don't trust an app, then don't run it (or run in in a VM, not a breakable sandbox). If you want to specifically block an app, Windows Firewall can do that. Windows Firewall already blocks apps that aren't digitally signed by trusted vendors until you block/allow on private/public/work networks with an easy, unobtrusive popup. Firewalls are to block incoming traffic and it does that.
If you still insist, I like TinyWall; it locks down Windows Firewall and you can semi-automatically open things up. I didn't like the Sphinx one since it was another firewall on top of the Windows Firewall; it didn't "control" Windows firewall at all. The Binisoft one looked promising but I have no way to test it's pop-up ability without buying it first (a time-limited trial would be nice).
Glasswire is pretty cool and I may run it...still undecided on it's effects (local proxy)...think I'll run it until 29 July anyway.
360TS is fantastic and it does have HIPS, BB already and other nifty security features. If you aren't running Win10, I recommend the TS Essentials version (none of that cleanup/disable services unnecessaryware); the TS has a Win10 version. QIHU makes their money like Google does: search engine and advertising; they compete with Baidu and Tencent. 360TS has zero advertising or anything. It's a sleeper car of the security suites. cf.
http://corp.360.cn/ot/cloud-basedtechnologies.html