UTM 9.5 AD sync to grant access to internet

Question

Hi Team, 
 I have installed a Sophos UTM 9.5 and it running perfectly. I have enabled web filtering and created firewall rules as well. Now our company wants to block internet for all the users except for one group on the AD. I would highly appreciate someone could direct me how to do it. 
 ps: We planning to use the UTM as the proxy server. 
 
 Regards

Karlos · Answer

Deepest apologies, for some reason I had responded with instructions for our XG firewall. 
 To answer you question simply, on the UTM, you can achieve this by setting your base policy (Web Protection > Web Filtering > Policies > Base Policy - Filter Action) to block everything and you would create an additional policy (+ button), selecting the relevant AD group, and creating the relevant feature action for them. 
 This is under the assumption that your AD group is in the same network as the rest of the users you specified on your Global tab. 
 Thanks, 
 Karlos

UTM 9.5 AD sync to grant access to internet

Submitted a Tech Support Case lately from the Support Portal?