See the link
How to Restrict Users to Specific Web Sites by Creating Firewall Rules for Managed Clients
http://www.symantec.com/docs/TECH92097
How to block all website and allow only certain websites using Network Threat Protection Firewall rule.
http://www.symantec.com/docs/TECH95248
Below are the steps to block
1. Block particular site by Symantec Endpoint protection:
2. Choose particular Group and select policies
3. Uncheck Inherit Policies check box
4. Click on Firewall Policies and click on "Creat Non Shared policies from copy"
5. Select Rules opton which on Leftside
6. And then click on Add Rule and Click on Next
7. Select Accroding to the requirements
8. Select Host to Block particular site or system or Ip address
9. Select Accroding to the requirements
10.For Example : Here I want to block Facebook site
11.Select DNS domain
12. Provide the site name as below and click on next
13. For example Type *.facebook.com and Click on Finish
14. Rule 0 is created
15. Select rule 0 and right click in the action column and select Block / Allow as per the requirements:
16. To block/allow particular Port , click on Services column
17. To block/allow any application , Click on application coloumn