Here is an example of configuring a custom application category and firewall rule to block traffic for Facebook. You could also use the default application categories or create other custom categories.
configure #If DPI is not already enabled set system traffic-analysis dpi enable set system traffic-analysis export enable #To configure custom-category set system traffic-analysis custom-category DROP_FB name Facebook #Create ruleset set firewall name DROPSITES default-action accept set firewall name DROPSITES rule 10 application custom-category DROP_FB set firewall name DROPSITES rule 10 action drop #Apply ruleset to LAN interface out set interfaces ethernet eth<X> firewall in name DROPSITES #If you would like to limit this run to a specific IP address set firewall name DROPSITES rule 10 source address <ipofcomputer> commit save exit