If you need to block only some websites then create a rule in IPS
"Add a Custom Intrusion Prevention Signatures" to block.
Steps to add a signature to block
In the SEPM console, in the system navigation bar, click Policies.
In the View Policies navigation bar, select Intrusion Prevention.
In the Tasks list, click Add a Custom Intrusion Prevention Signatures.
In the Custom Intrusion Prevention Signatures window, set the Name of the policy to Block
Yahoo (just an example, you can choose the website that you need to block).
Under the
Signature tab, in the
Signature Groups section, click
Add.
In the
Intrusion Prevention Signature Group dialog, add
Group Name
Description
and then click
OK.
Highlight the newly created Signature Group (Block Yahoo), then in Signature for this Group section, click Add.
In the
Content section add the following text:
rule tcp, dest=(80), msg=“YAHOO BLOCKED”, content=www.yahoo.com
Under the Action section select
Block and Click OK to close the
Add Signature window.
Click OK to close the
Custom Intrusion Prevention Signatures window.
Once the Signature is created assign to a test group and verfiy.
Note: if you block
www.yahoo.com and if you browse yahoo site in.yahoo.com
in.yahoo.com page will open.
So do not be in wrong impression that signature is created to block yahoo page but you are able to browse.