I m using HIPS 8x & my requirement is we need to block access to outside network other than Local network, we have couple of laptops & we need those laptops to get network access only in local if those laptops goes out of our domain(xyz.com) then they should not get network access(i.e abc.com and so on......)
This certainly is possible. From what I understand, if a user leaves your network, with a laptop, you want to prevent it from connecting anywhere. You also only want laptops within your network, to connect to your local network. Correct?
If this is the case, you can use Connection Isolation Groups. Create a firewall policy with a "Block all" rule at the bottom Then, create a Connection Isolation Group above it. Make the criteria for this group, your local subnets under the "network options" tab. Of course you could also use a common internal Default Gateway, DNS server, DHCP server, etc.
Once this group is created, you can then create rules inside this group, to allow whatever type of communication between nodes on your internal network.
Message was edited by: greatscott on 11/28/12 8:08:16 AM CST