We'd love to hear about it! Click here to go to the product suggestion community
The short answer is .. not by default.. the applaince will not add X-headers or similar information that would "post" your internal IP address. However in terms of disabling JS and such, that would be to attempt to thwart a malicious program that may for example export the output of ipconfig /all .. or similar information via a "post" to a site.
The appliance will scan traffic for malicious information however it does not alter it.
as for limiting vpn traffic that is also possible, the content would be encrypted but they may also still be able to see where it is coming from and going to.