A better network restrictions management is planned for the over next build. Not sure though if I'll add a proper packet filter driver or if I'll implement the limitation only in user space, that would be the easiest way but would be by passable by a sufficiently determined malware. btw: the next build will have an option to in real time allow process to access the internet i.e. if they are blocked and want to sandman UI will show a pop up where the user can allow or deny the request. And an other feature also in the pipeline although may be for the over over next build would be finally the whiteliste mode for access to the user profile and non standard file locations.