zlacker

Ask what goal they're trying to solve: is it really because the IT people want to monitor everyone's web surfing or do they have something like an audit requirement? There are a LOT of people in the latter camp who need to check the box to say they comply with some policy, regulation, etc.

Similarly, good security people know that port filtering is a losing game unless you are willing to restrict everything to a known-safe whitelist – the malware authors do work full-time on tunneling techniques, after all – and may be focusing their efforts on endpoint protection or better isolation between users/groups.