I have a problem with a lot of people installing VPN extensions in Google Chrome on my network. How would you go about blocking such things?
Get management to write a policy that such activity is not allowed on the corporate network. Find the ip and go talk to the user. If all you do is block it they will use something else next week.
You can set a group policy to white list or black list chrome extensions. We use that at my work and it functions as intended. You will get an increase in tickets to white list but it’s worth it.
I’ve used the Chrome GPO template thingy and blacklisted HOLA.
It was super effective.
Prevent users from installing Chrome or block VPN protocols on the network level. Not a network guy so I’m not sure how to do that last one.
google chrome has group policy and part of those policies is extrnsion whitelisting. works well and will block this fine.
edit: durr im super late, but this works great
A UTM device of some sort would be my preference
While you waiting for HR/management OpenDNS does a fantastic job of blocking those kind of sites. (make sure you have the proper firewall rules in place to only allow the DNS servers you want out of the network, or your end users can easily bypass this by just using some pubic DNS server)
You could use GPOs to force the enterprise version of Chrome onto all computers and use policies to restrict which extensions are allowed.
Why not block l2tp and pptp (and maybe even protocol 50 and protocol51) at the network layer and be done with it?
Palo Alto firewall. Well worth the investment.
Probably answered here many times and in hundred different ways… Go to Google Admin console >device management >chrome>user settings>allowed apps and extensions>manage>find and select Hola. Save!
Why are they using it?
Look up Shadow IT.
I suspect it requires education, not only a block on extensions. GPO can block Chrome extensions if that’s what you’re looking for, but educate your users.
Block it all you want. I’ll then setup an SSH tunnel to my home server and forward all traffic to my home system where I’m not restricted.
Find the ip and
go talk to the user.inform the user’s manager.
FTFY.
I’ll win the lotto before a policy is written. But thank you though. 
We use Lansweeper, I have a package setup to uninstall all unauthorized software on the network. I run it every few weeks, it gets a little tedious having to update the list when something new crops up but it’s the easiest way in my opinion. This is for obvious bullshitty items, like Cash and Coupons ultra discount toolbar 20000!
WOW! Where do I find a GPO to block chrome extensions?
We do the same here. Chrome and IE are allowed. Everything else denied via GPO’s. Vailman’s recommendation is the best way IMHO to deal with this.