Check this also
The above configuration can be done by creating only 2 firewall rules. Please follow the below steps to configure the rules.
1. Go to Firewall policy > Rules.
2. Click on Add Rule button. Select Host > Next > From Address Type drop down menu select DNS domain.
3. Select DNS Domain as *.* then Click Next > Click Finish.
4. Once the rule is created, highlight the New Rule. Go to Service column, right click and edit, then select Add. The rule will be TCP, Source/destination with remote port 80,443 click ok and ok again. Then go to Action column and make it set to "Block".
The above rule is to block all the websites. To create a rule to allow only selected websites, please follow the steps below.
1. Go to firewall policy> Rules.
2. Click on Add Rule. Select Host > Next > From Address Type drop down menu select DNS domain.
3. Enter DNS Domain as *.*symantec*.* This is an example which means all the urls related to symantec will be allowed.
4. Click Next > Click Finish. Multiple websites can be added to the same rule.
5. Once the rule is created, highlight the new rule. Go to Action column and make it to Allow.
Note: Place the "Allow" rule on top of "Block" rule.
Assign the policy to the required group. This will allow only the selected website and block all other website.