Windows update is being blocked from updating
To exclude driver updates on Windows 10, do the following: Once you disable the option your computer will no longer get driver updates through the Windows Update service.Keep in mind that preventing Windows 10 from installing driver updates can also have a negative effect, as outdated drivers can also cause issues in the long run.The first one will show blocked connections, the second one has ''Suppress Path' lines in it, which means blocked outbound connections to those destination ports (1900, 3702, 5355 and 137) won't be displayed in Event Viewer, therefore making it easier to see the other blocked connections.Those four ports are part of the 'Network Discovery' rules, which if you have sharing off, the network is treated as a public network and they will be blocked by the firewall rules.With Windows Firewall, you won't get any notifications of blocked outbound connections, so you will need to set up logging.I don't think Microsoft particularly like people blocking outbound connections due to the problems it causes, so setting up logging isn't user friendly and has to be done through Group Policy and Event Viewer.However, it’s a good option if you prefer to manually install device drivers you download from your PC manufacturer’s support website.
Once you know what it's blocking, then you will have an idea what rules you need to set.Also, if making a new rule for to allow outbound TCP connections to 80, 443, don't bind it to the 'Windows Update' Service, as that doesn't work anymore (at least not in Windows 8).It's still possible to bind other services to a svchost rule such as the 'Windows Time' service for Network Time Protocol, just not Windows Update Service for some reason.If you are doing anything with forensics, the machine should never be connected to the Internet.As for Linux, it all depends on what you are using the server for. If you want to update that machine, you are going to have to unlock the Firewall on the machine, if you plan on downloading anything. I use a lot of AV apps that will not function with it on, even with exceptions.