Restrict Internet access to only a web browser in active directory

I have a Small Office Network Connected to a Server running windows server 2016. The Server functions as DNS, DHCP Server, Domain Controller and Gateway( Two NICS, One lan connection & one WAN connection) I want to restrict Internet Access of Client Computers joined to the domain to a specific app(Google Chrome), Windows Update using WSUS.

I want the LAN access to work freely.

Would love some suggestion on how should I go about doing this?


Сonfigure the GPO or change registry keys to allow the internet connections only for specific application. You can check the detailed info using guidances below:

https://www.interfacett.com/blogs/configuring-internet-restrictions-with-internet-communications-management-with-group-policy/

https://www.gypthecat.com/how-to-block-internet-access-with-group-policy