OK not me personally but the team that I supervise. We own the packet sniffer infrastructure and spend much of our time out on the network sniffing around for non-business use of government resources. Yesterday was going to be just another day when lo and behold:
The thing that occurs to me is that these people must be going through some serious withdrawal symptoms right now.
How many users do you have that they pay folks to watch their internet use?
200 times per work day? Were they doing anything else?
And hopefully the sniffer didn’t pick up the local police pornbuster operation by mistake…
I hope they weren’t counting a “hit” as the same thing as a “visit”.
The thing that occurs to me is that only government workers could have the time to click on 200 adult images on each given work day.
My agency provides the IT services for all other DC Government agencies, and many Federal ones. I’d guess there are something like 60 or 70 agencies and some agencies have a thousand people or more.
I’m thinking that’s why they waited until somebody hit the 19000 mark. They wanted to make sure it wasn’t just porn pop-ups due to spyware or some naive person who clicks on every link he gets in his e-mails.
But not only do we catch the page visits, we can measure amount of data transferred during each “conversation”. Some of these people generated so many bandwidth usage alerts, they rose to the top of the list on their own merits; we didn’t have to go hunting for them.
Not true, I had a friend who worked at IT for a large law firm in DC and part of his job was ferreting out this kind of surfing. For some people, it clearly crossed into behavior they couldn’t control (like the SDMB for me).
Are you looking at the traffic on the router? What software are you using?
My router is controlled by another state agency, but I’d love to reclaim some bandwidth. 
All agencies have to come through our core switches to reach the internet. Our enterprise sniffers are connected to those switches. The appliances are Network General Infinistream Capture Engines. They each have about 8TB of attached storage and we can go back in time about three days if we have to and still be able to decode down to payload detail.
I’ve heard of some free “software sniffers” that you can run locally if you need to do your own ferreting but I don’t have any info on them.
Looks like they’re using a Dell 2950. Is it an actual appliance, or do they do what Netbotz does and slap their label on a Dell box?
ETA: I take that back. A closer look at their datasheet (bigger image) makes me think they’re using a 1950. Either that or they and Dell are buying their faceplates from the back of the same van. 
An apt adage for this…
“Do not meddle in the affairs of the IT guys for they are stealthy and know where you hide the porn.”
You don’t need very many employees to justify this. The financial exposure to a company that lets employees download porn can be staggering. What happens if an employee is into kiddie porn and the cops find it on your servers? What happens if a disgruntled employee fills your servers with porn before they quit, then places a call to the police department’s tip line? At the absolute very least, you’ll be in an uncomfortable spot for a while.
There are quite a few appliances on the market that do content management and content filtering - from enterprise-level systems like what the OP has, on down to small/home office-level devices that cost less than what it would take to hire an attorney to file an answer to a pornography or sexual harassment lawsuit.