if you have a list of IPs, than you can do it through firewall policy.
But this would be hell of a work. And I cannot imagine how would a firewall policy or SEP client behave when it has thousands of IP addresses in it.
So I think you should persuade your manager that this is not the correct product for this.
Regards,