How about volunteering to set up a simple one for free?
You just configure a transparent bridge firewall, log all DNS requests and the first packet of all outgoing SMTP transactions. After a week you show him the DNS and SMTP logs. Surely those logs will show violations of the company Internet usage policy.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|