Proxy Rules
Proxy rules are a means of either allowing or denying access to sites on the Internet. There are two classes of rules: When you enter a rule in the "Allow" class it means any user attempting to access a URL matching this string will be granted access. For example, if the rule was "parks" then they would be able to access URLs such as:
  http://www.parks.com/
  http://www.usparks.com/
  http://parks.thisdomain.com/
The same concept goes for a rule in the "Deny" class, except instead of being allowed access to the URL they will be denied access. For example, if the rule was "sex" then they would be denied access to URLs such as:
  http://www.sex.com/
  http://www.sexygirls.com/
  http://sex.fun.com/
However, they would also be denied access to sites such as "http://www.middlesex.com/" because the word 'sex' occurs in the URL.

In summary, the best approach is to add "Deny" rules for broad words, and if people start complaining about not being able to access valid sites then add an "Allow" rule for that site. Taking the 'sex' example from above: