1. Shutdown whatever VMs are needed, and the sys-firewall
2. Open terminal in dom0, qvm-clone the sys-firewall
3. Set it to deny all traffic except to the IP that you want to https://xpra.org/ into your win7 HVM from. VNC is insecure by design which is why Subgraph OS doesn't use it; correct me if I am talking shit
4. Remove the sys-net from your cloned sys-firewall
Profit.
You now have a win7 instance with an internal IP that can communicate with other VMs, but no access to the inet.