I’ve implemented web access policies as well as been subject to them. But I have never encountered something as stupid as the web access policy enforcement at my current workplace. They’re using a commercial package called Websense. But it’s nonsense if you ask me. It is expensive and, to put it plainly, it sucks. It seems they’re using a vendor-managed blacklist so it blocks a whole bunch websites regardless of actual content, a lot of which are actually useful for work. And allows some websites that should have been blocked. So it doesn’t really do what it’s supposed to do. Instead it just irritates and even infuriates users. If it were up to me, I would have been a well-defined blacklist of really undesirable websites and content. Or, if no research work is involved, using a whitelist of allowed websites. But, unfortunately, it’s not so I’ll just rant about it.