Hi Rajput,
You can do this by two ways:
1) To nat/PAT only your internal proxy servers IP for browsing.. by doing this, the users need to forcefully put your proxy server's IP to browse. they cannot browse by using other proxy server IPs on the internet, as they are not NATed at all..
nat (inside) 1 192.168.1.10 (proxy IP)
global (outside) 1 interface
You can add the IPs on the nat inside statement if they want direct internet access...
2) The second way is to block these connections using an access-list.. Allow http/https access only from the internal Proxy IP & block everything else..
access-list inside permit tcp host 192.168.1.10 any eq http
access-list inside permit tcp host 192.168.1.10 any eq https
you can keep adding the access permissions that you need from inside to outside..
access-group inside in interface inside
there is an implicit deny at the end, which will block other data packets..
hope this helps.. all the best..