We would like the ability to limit browser usage when connected to an outside network. However, disabling the browser often stops the end user from being able to connect to a hotel web interface to establish their wifi connection, so that they may connect back to a company VPN.
To do this, we would need a feature where we can put a time limit on how long an application can be used. I.e.:
Use it for a short period of time (15 minutes) to connect to hotel, public wifi
Use it to only get to the their company website or the login page.
Once connected to VPN or the user does not complete the connection, it locks out the browser/application again.
The current time specifications in a firewall rule only allow specified start/stop times for an application. That doesn't help. What we are trying to prevent is users web browsing for hours at a time on an unsecured network while not connected to our VPN. We can't just block the browser, as different foreign locations have different requirements for accessing their wifi, and often times, the user needs to quickly enter log information or click a button to agree to a legal agreement before they can move on and launch their VPN client.