Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

question about blocking user AD Windows server through Sophos Firewall

Good afternoon, I have a Sophos firewall that is integrated with a Windows Server Active Directory.Can a domain user be blocked from browsing the Internet through Sophos, but allow the computer they use to download and update the operating system, and also be able to receive and send mail from their Outlook email account? . Basically it would be to block your navigation and let the rest work for you.
Thanks for help
Cheers