How is the Networking regulated in Virtual Machines?

Originally, I thought that all of the network traffic in a guest OS directly goes through the host OS and whatever firewall regulation is on the host OS, will also be applied onto the guest OS. But it turns out that this is completely false. As far as I understand it, the network-relationship between the host and guest OS is like sharing mobile data connection via hotspot tethering, as in even though the guest is reliant on the host, the guest totally ignores the network rules and setup on the host machine. This came as a massive shock to me. I've looked this up but haven't found any useful information.
Can someone explain why does it function in this way and how does the process really work?
My aim is to make the guest machines also follow the firewall rules on the host machine and optionally monitor their network usage.
Thanks

So, with something like Hyper-V, and (Vmware and Virtualbox), you will install a VM and it will get it's own IP address . Traffic "will" pass to the Internet via your Windows 10 host computer....BUT....firewalls and such on the Windows 10 host computer don't apply to the traffic that goes to the VM.

Depending upon how your VM is setup, will determine access.

For example, if you have your VM set up with NAT, then it would get a private IP. (like 10.2.1.17) and this IP gets NAT'd to your Windows 10 computer (which could be 192.168.1.10). Traffic destined to the internet, gets NAT'd from 10.2.1.17 to 192.168.1.10 and hits the internet and comes back and gets NAT'd back to 10.2.1.17. The thing with a NAT is that traffic can get from the VM OUT TO the Internet, but trafifc on your local NETWORK cannot get into the VM. Only your host computer running Windows 10 would be able to get access via port forwards.

You could also have your VM set up in bridge mode, which means it gets it's own IP address on your local network. So, your Windows 10 host my be 192.168.1.10 and your VM might be 192.168.1.15. Now, both IP's are technically on your same physical network adapter on Windows 10...but since both IP's are on the same network, the VM would be able to get out to the Internet just like your Windows 10 computer can (it's the same physical NIC) and other machines on your local network can also get to the VM as it has an IP address which goes back to your WIndows 10 host. This way if you wanted to run a web server to learn about web servers on your VM, you would be able to access this web server from any machine on your local LAN.

You would have to setup individual firewalls on the VM's if you want to control their inbound access any further.

The VM's are NOT going to follow your Windows 10 firewall rules....it's just not the way they work.

Thank you for the detailed information. It's a shame that it's not possible.