Web-server – way to turn off client browser caching for specific websites

The only proper way of disabling browser caching is by HTTP headers from the webapp itself. The HTTP 1.1 "Cache-Control" header alone should suffice for any post-year-2000 browser. But for extra protection the server can emit both HTTP 1.1 "Cache-Control" and HTTP 1.0 "Expires" headers together.

A hack'ish but sometimes seen way of handling cache invalidation is a "cachebuster" string in URLs from the server. The cachebuster is often timestamp based, and is added as a querystring to each HTML LINK to make the URL unique and only used once. Something like http://example.org/filename.html?cb=<timestamp+random_value>. This is ugly, and doesn't do anything the HTTP headers don't do far better. But it could be used as a hack for a limited audience (fx on an Intranet), or as an additional layer of protection together with proper HTTP headers.

AFAIK there is no way to selectively disable caching for a single site only from within Internet Explorer. One (bloody complicated) solution could be to install Varnish cache as an intermediary cache on your LAN, set Internet Explorer to use Varnish as HTTP proxy, and use the VCL language on Varnish to re-write the HTTP headers for this specific site only.

Honestly, I think your vendor is making a mistake here. I would suggest to install Fiddler2 for IE, or Firebug for Firefox, and look at the actual HTTP headers the webapp sends. Correlate that with Mark Nottingham's caching tutorial which I already linked to above -- I'm guessing the headers permit caching, or at least don't expressively forbid caching.