block internet access while allowing access to google apps

Hi.. i look after a network of about 30 users.  (windows 2012 domain controller and windows 7 pcs) they use google apps for their emails using the outlook connector.  i need to block internet access for about 10 users but i need to allow outlook / google apps to continue to work...any ideas?  i am open to other services!  thanks in advance...
linkeastAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TemodyPickalbatros, IT ManagerCommented:
You willing need a firewall system
TMG  pfsense Mikrotik
Depending your experience within those system we can help you in creating rules

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
linkeastAuthor Commented:
Info have a Sonicwall as well... Not sure how I would use this though.  All my users have dynamic Ips...is there a way I could block access for specific users while still allowing full access to google apps mail via outlook?
TemodyPickalbatros, IT ManagerCommented:
Yes you can
Create a rule to block some user depending on MAC for them
Create another rule to allow only access to pop3 and IMAP traffic
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

linkeastAuthor Commented:
Does google apps sync not use mapi protocol?  Will that still work?
Allen FalconCEO & Pragmatic EvangelistCommented:
Internet access uses ports 80 and 433.  Block these protocols using your firewall for those users by ip range or ad names if supported.

Allow traffic via Pop, IMAP, or if using GASMO, the MAPI protocols.

This is a firewall / proxy issue.
Benjamin Van DitmarsSr Network EngineerCommented:
the fqdn's of the systems are fixed. this you can use in an access policy when you use a sonicwall firewall. i have done this multiple times.

then make an policy to allow traffic from these fqdn's to the fqdn's of the google apps.
and block the rest of the https and http access.

when you do this, make sure that the sonicwall NSA has the local dns server for it's dns resolving.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Content Management

From novice to tech pro — start learning today.