How can I control which traffic goes through a VPN?
Here is a great document on manually configuring a split tunnel on the system's side (if it's possible). You can control where your Windows PC sends it's traffic by creating routing rules on your system, and specifically controlling the interfaces that traffic to certain IP ranges leaves through. This is probably the best way to accomplish your goal without involving the IT department of your company, and it will ensure all your regular traffic leaves your home internet connection regardless of browser used. This may not work depending on the IT admin's configuration of the AnyConnect software, but it's general policy to configure it for split-tunnel. See here.
Differences in Client Split Tunneling Behavior for Traffic within the Subnet
The AnyConnect client and the legacy Cisco VPN client (the IPsec/IKEv1 client) behave differently when passing traffic to sites within the same subnet as the IP address assigned by the ASA. With AnyConnect, the client passes traffic to all sites specified in the split tunneling policy you configured, and to all sites that fall within the same subnet as the IP address assigned by the ASA. For example, if the IP address assigned by the ASA is 10.1.1.1 with a mask of 255.0.0.0, the endpoint device passes all traffic destined to 10.0.0.0/8, regardless of the split tunneling policy.
By contrast, the legacy Cisco VPN client only passes traffic to addresses specified by the split-tunneling policy, regardless of the subnet assigned to the client.
Therefore, use a netmask for the assigned IP address that properly references the expected local subnet
Here's the doc: https://documentation.meraki.com/MX-Z/Client_VPN/Configuring_Split-tunnel_Client_VPN
This could be used to check what the software is doing when a connection is established, and possibly to manually configure a split tunnel.
I'll add the steps here, in case the link ever gets broken.
1) On the network adaptor created by the VPN software, under IPv4, Advanced, make sure "Use default gateway on remote network" is unchecked.
2) In a command window, type: route print
3) Look for the VPN Interface in the list, and note it's ID (a number like 12). You can then add specific routes by typing:
route add <destination subnet> mask <subnet mask> 0.0.0.0 IF <VPN adapter number> -p
eg.
route add 10.10.10.0 mask 255.255.255.0 0.0.0.0 IF 12 -p
Here is another question that asks the same question. Good luck!