Understanding NT Kernel System Host & Blocking

Hi I’m a new user to GlassWire and a learner in networking. I’m looking at my firewall on different devices and seeing different host coming through the NT Kernel & System. I was hoping someone could explain to me if this is normal and also perhaps recommend software for blocking host coming through the Kernel?


We have found blocking the Windows Kernel causes more problems than it solves, including major instability from Windows.

It’s normal for Windows to have some NT Kernel System network activity and it helps Microsoft protect your PC from threats by giving you software updates, etc…

If you are against all Microsoft Telemetry then it’s possible to disable most of it in most cases.

You can also use GlassWire to block apps like Microsoft’s “Yourphone.exe” or “Video.ui.exe” with no issues. Most of those types of things don’t go through the Kernel.

If your data is extremely limited and that’s why you want to do this then Howtogeek has a great guide to help you make Windows 10 use very limited data.

Or you can also put GlassWire in “Ask to connect” mode, then keep it in our “Block all” mode when you aren’t at your PC. https://www.glasswire.com/userguide/#Firewall_Tab