For disable networking, if it's a 64 bit machine you may want to review this:
For the process name, I'm not sure that the WebTrafficAudit event is going to have any process information relating to the browser to use in that action, especially as that event is not likely coming from the local machine but a web filter or firewall. I'm pretty sure it has user agent information, but not really the same thing. You could always see if you could filter the rule down to the user agent/browser and then just have versions of the rule appropriate for each browser exe.