Restricting Internet Access in Windows 7

windows-7 group-policy

On a Windows 7 Professional laptop, not on a domain, what's the best way to restrict access to the internet (and preferably network) to Administrator users only?

I don't want to simply set a bogus network address, or proxy. That seems far too dirty somehow.


Solution 1:

802.1 and/or NAC/NAP, if your switches and/or servers support it. By default, the laptop would only be in a subnet with no gateway. Then, if certain users can present creds to the auth system, they could be put in a non-quarantined network.

I realize that this isn't "local policy" as such, but it'll work and it's even enterprise-y (centrally managed, fine-grained, etc).

Solution 2:

I think that your 2nd paragraph is the only way since only admins can change IPs and enable/disable NICs... Just disable all the NICs.

Related

how to limit the number of simultaneous processes per user in the system?
Capture Windows Updates in a .wim so that it can be redeployed
How to use a tab character within a GPP registry item?
deduplicating and indexing directories of images across 150 linux machines
Best Practices for rotating syslog logs on RHEL with different schedules?
Monitor Size of the CAM Table on a Cisco Switch
How to export all System event logs of a definite time period
Google c2dm transient 401 errors on some AWS instances
Enterprise IPv6 Migration - End of proxypac ? Start of Point-to-Point ? +10K users
Track bandwith usage by application
SQL Server 2008 R2 cluster, "available storage" shows "offline"
Apache won't upgrade connection to TLS