That is best done at the perimeter firewall if it has that capability. Other
options are to configure a bogus proxy server on the computer for the user
and add exceptions for the allowed sites but that will work only through
Internet Explorer. --- Steve
