Yes. There are a couple of ways to do this...
1. Under Web Security Manager/Identities, create a new identity, put the IP in it. Select No authentication or identification for it.
2. Under Web Security Manager/Custom Categories, create a new category, put facebook.com in it.
3. Under Web Security Manager/Access Policies, create a new policy and select the new identity you created in step 1
4. Then for URL Filtering, set the "facebook" custom category to monitor, and under Applications, enable all of the applications. (You want to use monitor so that the WSA still does the AV/antimalware stuff).