What he is suggesting is that instead of trying to block the connection to google.com, filter DNS query packets (UDP port 53) if they are for google.com. The browser or other client, won’t be able to resolve the IP address and can’t make the connection. A user who knows the exact IP address will still be able to make a connection, but hardly anything will work since every link (including those in scripts) will use the DNS name and all of those connections will fail.
I’m sure that there are products available that can do this. try googling to find one