highlight your intrusion prevention policy, choose edit.
Then click the exceptions button - lower button on left side.
It will be empty most likely. Now choose the Add..... button at the bottom.
It will bring up all the Symantec supplied intrusion prevention signatures and their status - blocked or not blocked. You select from that list, choose to block since the IM by default is not blocked, log if you wish, and OK.
Then those will move into the exceptions list like you see in my example.
Symantec provides the signatures, but doesn't block. To block IM, you have to make it an "exception" so need to add from their list into your exception list which starts empty.
It's sort of the opposite of the AV exceptions. Usually AV blocks something, but maybe you know it's good so you want to let it through. So you create an exception. In this case, IM is let through, you want to block it, so you need to add it to your exception list. Other things, like some of the nasty HTML based stuff is already blocked. Some things like VNC is in the list but not blocked. We do not want VNC in here, so I move it to my exception list and mark it as "block".
You can sort - when you go to your empty exception list and click the Add.... button and the list of possibilities pops up, you can sort by "blocked/not blocked" and that way get the unblocked stuff all in one place and choose from that list, then choose blocked for it.
Go ahead and experiment - you can always choose cancel, or remove from the exceptions if you change your mind.