There's no reason to allow any network traffic that is not DNS, DHCP and web-browsig on 80,443.
However, some windows services use 443, but I want all applications blocked, except the browser.
I tried Disable the web-browsing rule and add an application rule (to the browser) to allow outbound traffic, however, this didn't work as it continued block (at the lower OSI level I believe).
What's the easiest way to achieve this whitelist (allow DNS, DHCP and browser (ex: firefox) on 80 and 443), block everything else (even if the OS blows up)