This is a bandage for a much larger issue...
When I setup networks for small offices (50 clients or less) I'll use a business-class (entry-level) wired router such as a Fortinet Fortigate 40C or a Cisco RV042. You can block traffic based on:
- IP - Addresses and Ranges
- FQDN - Fully Qualified Domain Names
- Geography - You can block access to countries if you wish (Fortinet)
You can also do load balancing and you can even restrict bandwidth so employees can't take up all of your resources.
Also the Fortinets have a subscription service you can use to get AntiVirus updates and Antispam filtering as well (although be careful with these as they do have false positives).
From a managerial point of view
Blocking things like Facebook, Twitter, LinkedIn, and other social media may have their benefits from an IT standpoint, but it's much more of a managerial problem. If there is an issue with employees not working, they should be reprimanded. Since SEO on the internet is largely social, preventing your team from promoting your site through these channels sounds like a bad idea.
With many of the routers you can set aside a time-frame where the employees can do things like check their personal email and go onto their social networks. In my experience when you block these things on the network to try and get back the lost employee time, you're still going to have employees that text all day and use their cell phones for the social media. If you address the performance issue (or disregard for corporate policy) directly with the employees, they'll be much more understanding in terms of the needs of the company. If you set aside a time where they can access things they find interesting they will schedule their breaks around those times and you can see performance both in the employees and on the network itself increase.