I need to block internet access for some users on our Windows Servers 2008 R2. If you google this question you will find a lot results that propose to disabling Internet Explorer and setting a proxy to 0.0.0.0. Unfortunately this can easily bypassed using a portable Firefox for example.
Is there a more restrictive solution? I need to find a way that even telnet, ftp etc. won't work.
Thanks for your help!
Update for clarification: I would like to block internet access only for some users, not or all on this server.
Best Answer
The best solution is probably to do this on the network level with a proxy. You can force all Internet-bound traffic through the proxy using WCCP or the like and not configure anything on the hosts themselves. Otherwise, I think you might be able to configure the Windows firewall to disallow this outbound traffic via GPO which would catch all outbound traffic. Furthermore, since it's a server, it likely has a static IP and you could just block outbound traffic at your perimeter firewall - assuming you are actaully trying to block Internet access from the server itself - it wasn't clear to me if you mean for all users (using the server and GPO to accomplish) or if you just wanted to block access from your servers.