Sorry for the confusion. To clarify, I am trying to prevent the application from reaching the internet, and not the launching of the application period.
As for SEP 12.0 not including NTP, here is a screen shot that shows a client that has SEP12 and it has Network Threat Prevention on it. The firewalls are managed by the Symantec Protection Center (SPC) though, so no firewall rules aren't actually configured on the client itself, but from the SPC.
Also, I decided to play around with different versions of Firefox. One machine with Firefox not updated (it showed as version 1.9.0.3188 in the Network Activity screen but forgot to check inside firefox itself) was allowing everything through to the internet from Firefox, whereas another machine with version 1.9.0.3399 (most up to date) was actually successfully blocking it. When I updated the older version of Firefox to the newer version, it also started successfully blocking it. I'm not sure if you want to consider this solved but if so that is fine by me at the moment. If not, I might be able to go back to the older version to do some more testing but I am not sure on that.