A system comprising of both software on a target computer and software residing on a removable hardware device, (currently embodiment is a USB device) designed for the sole purpose of limiting and or controlling Internet (IP based network) communications, based upon the presence of the external device. The system utilizes a unique device descriptor along with a unique stored identifier of the Physical Control Node (PCN) for the purposes of enabling the target computer to discriminate devices. A unique identifier held within the computer allows the PCN to discriminate the target computer. Furthermore, allowed IP addresses are stored in the PCN and or computer for the purpose of allowing access to specific IP addresses while connected. Tertiary criteria can be stored within the PCN and or computer for the purposes of further defining system behavior i.e. calendar and time restricted behavior, while logging associated events.