You can write a snort signature and import it into the IPS system of the firewall, yes. KB63125 talks about using custom signatures.
You could also make a Deny rule for a certain port (or a protocol) from a set of IP addresses. If these devices try to go through the firewall on that port they will be denied. You could then write an audit filter to 'catch' these events and then blackhole the source IP.
If you can be more specific about the ports or protocols, what exactly someone wants you to block, I can tell you if the firewall can do that.
Excellent - I am sure one of those solutions will work. Thanks