This can be done using an access list as you mentioned. For example lets say you only want to allow your Windows Server Update Server (WSUS) and your McAfee ePolicy Orchestrator server to access the Internet but not allow the rest of your host Internet access.
This acl example allows your 2 servers to access the Internet over port 80 and denies all other traffic access to the Internet over port 80.
access-list 101 permit tcp host (ip_addr_of_mcafee_server) any eq 80
access-list 101 permit tcp host (ip_addr_of_wsus_server) any eq 80
access-list 101 deny any any eq 80
Then apply this acl to the LAN interface inbound on your router
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...