On my Mac I use Little Snitch to monitor outbound connections and I love it. I haven't found an equivalent simple and lightweight application for Windows yet.
As others have mentioned, GlassWire is quite simple and lightweight. Unfortunately, while it’s absolutely invaluable for monitoring changes to the system (DNS changes, application changes (becoming unsigned, etc.), webcam and microphone changes, etc.), its firewall is too simple compared to Little Snitch. Unlike Little Snitch, which lets you choose which domains and ports an application is and isn’t allowed to connect to as it attempts to make those connections, GlassWire only allows you to either allow all connections an application makes or deny all connections an application makes. NetLimiter¹ is much closer to Little Snitch in this regard (example²).
Personally, I’d recommend using a combination of GlassWire for monitoring system changes and NetLimiter for the firewall.
Oh man, I am racking my brain trying to think of the tool I used to have installed on my PC at my last job. It was built by somebody who posted on HN, lightsomething or something? It would warn you about new programs connecting to the network and do other neat stuff. Not quite the same as little snitch, but similar and very pleasant to use. I'll update if I think of it (or maybe somebody else can name it.)
[edit] Glasswire! https://www.glasswire.com/ It's super slick. Apparently the paid version has an "ask to connect" feature.
Do you actively block then grant-access to everything, or just periodically check what's happening? I've tried the active filter before, but found it to be very disruptive to my typical workflow.
I do active blocking. I permanently allow any application that I can trust. For example I will allow chrome to connect permanently. But if it is some cryptically named service trying to connect I will block it permanently. After an initial approval stage you do not see too may popups for approval.
But I can see how this can be a disruptive process, when all you want is some work done. I wish we lived in a place where I did not have to use tools like this.
Zonealarm back in the day did something similar, yes (I haven't used it recently so I'm not sure what it does now). Little Snitch is the OSX equivalent :).
