Using ACLs is the hard way actually but you can use it if you want
for example open up your command prompt
type nslookup www.myspace.come >>>> a list with several ip addresses would come up you need to block traffic to and from them using an ACL
and to make things worse do nslookup myspace.com a different list would come up those also needs to be blocked, same applies to facebook for example
So my suggestion is to use Quality of Service
you need to identify whats your main office applications together with their port numbers and put those in a class with lets say 90% of the BW, and the web traffic port 80 and 8080 in a separate class with a minimal BW that way you have minimized the web problem for ever without worrying, because if users stopped using myspace they will use facebook and if they stopped facebook they can use online streaming , etc…..
however this requires some design considerations.
example for using the ACL
R1(config)#ip access-list extended BLOCK
R1(config-ext-nacl)#deny ip host 22.214.171.124 any
R1(config-ext-nacl)#deny ip any host 126.96.36.199
R1(config-ext-nacl)#deny ip host 188.8.131.52 any
R1(config-ext-nacl)#deny ip any host 184.108.40.206
……………………… <><<<<<<< Insert all ip addresses here
R1(config-ext-nacl)#permit ip any any <<<<<<<<<< dont forget this
R1(config-if)#ip access-group BLOCK in <><<<< Apply this ACL to your LAN interface
R1(config-if)#ip access-group BLOCK out
You need a router to apply this access list.
Check this link <a href=”http://www.ciscoblog.com/archives/2006/11/throttling_band.html”> too