Yes, this is all it is. Is a nice UI to read the windows defender rules.
But in addition, Deep inside Windows firewall core is what they call WSH (Windows services hardened) rules. These rules are not visible by ordinary firewall tools. They are applied “first” and cannot be disabled. You won’t find much about them. But certain tools list them. They permanently open up ports and services to the outside world.
Here are a few of them…
You cannot stop windows from allowing access to the outside world through these services. But you CAN stop the outgoing IP’s they use. To find these culprits, simple let glasswire sit idle for a few hours. let it collect all the ip’s that fired off while you were doing nothing. Track down all the IP ranges of these. and enter them as a CIDR directly into the firewall using netsh. Many of these ips are shared with services you might care about. You can temporarily disable these rules when you want them. and re-enable them when your done. If Glasswire supported entering ip blocking then this would be ideal.