Not specific to Ubuntu, I think there is no good, easy solution. Someone may advise you that you can restrict programX from accessing the network "by creating an AppArmor profile" ...but that demands hours (am I exaggerating?) of reading/researching/experimenting in order to understand the syntax of, and quirks inherent in, drafting a policy. OTOH, you might be able to find (in Ubuntu forums) a policy template which covers many of the Ubuntu pre-installed apps. Across the linux landscape, no one is offering utility which provides a GUI & enables per-application network restriction of userspace programs. A while back (at the time, I was very excited about finding it & I posted about it here on Wilders) a utility named "leopard flower" was available, hosted on sourceforge but its developer has abandoned it. Good luck. Here's a lead for you to followup: http://ubuntuforums.org/showthread.php?t=1008906
There is probably a way to setup a group and group permissions (and probably a policy configuration) to execute network access programs on a restricted basis, and then the users that are not a member of the group cannot execute the programs that access the network. If your intent is to disallow user's from running a browser - good luck with that!