You need to use Web filtering product to restrict your users from browsing. By this you can allow only sites approved by your organisation.

Symantec Endpoint Protection is only Desktop product used to protect
                    1) Local files and Folders,
                    2) Application and Device controll
                    3) Network Threat Protection (NTPprovides a firewall and intrusion prevention protection
to prevent intrusion attacks and malicious content from reaching the computer. The firewall allows or blocks network traffic based on various criteria that the administrator or end user sets.)

These docs are gonna take you though it.

Though IPS:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008070803545448

Though NTP:
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/6e23ee65720a6667ca25754d001a0b2b?OpenDocument

Hi you can create a firewall rule using Host Rule.  There u can list the DNS Domain like google.com and the rule should be from the source to destination where the source will be ur PCs whome u want to bloack the site access and the destination will be the websites.

Ajit

I think, this is the document that you need.  Obviously I think that  exist better ways(proxy) to do it.
Here´s is a document "How to Restrict Users to Specific Web Sites by Creating Firewall Rules for Managed Clients"

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/6e23ee65720a6667ca25754d001a0b2b?OpenDocument
Remember this work only for specifics URLs to make a kind of filter you will need a proxy o similar tool.

Please let me now if works !!!!  It should be!!!

JPG.

Thank you all of you
i tried Ajit jha and PGA_CR steps but still client able to open blocked site. In this environment already proxy squied is running but i want
to block through SEP.

Websites can be blocked using NTP firewall create a rule for Host and select DNS domain.
Then give your website that you need to block.
The clients should have NTP installed and Enabled.
Then check if policy is getting updated.
Once the policy will update that website will be blocked.
I have blocked atleast hundreds of websites using the Firewall Rule.

For reference you can check the doc posted by sandeep and PGA_CR above.
If still your website is not getting blocked that means you are doing something worng in the configuration or the clients don't have NTP or they are not updating the Policies.
 

Client have NTP and it's enabled, policy serial number also updating. i am doing same steps as given in document.

Hi Ajeet,

Do you need to block entire Browsing for users?

If you move the rule to the top, does it make a difference?

HI Ajju. I want to block only some sites,

Hi Sandeep, what mean top? please clear it.

Top of all the rules, It's processed sequentially.

Hi everyone!!!