Restricting Internet Access in Windows 7
On a Windows 7 Professional laptop, not on a domain, what's the best way to restrict access to the internet (and preferably network) to Administrator users only?
I don't want to simply set a bogus network address, or proxy. That seems far too dirty somehow.
Solution 1:
802.1 and/or NAC/NAP, if your switches and/or servers support it. By default, the laptop would only be in a subnet with no gateway. Then, if certain users can present creds to the auth system, they could be put in a non-quarantined network.
I realize that this isn't "local policy" as such, but it'll work and it's even enterprise-y (centrally managed, fine-grained, etc).
Solution 2:
I think that your 2nd paragraph is the only way since only admins can change IPs and enable/disable NICs... Just disable all the NICs.