Last time I contracted for a hardware maker, I had to have two separate computers: one box where I had manager role, where I could compile and debug code (with Visual Studio), that sat on a network that had unrestricted access to the net, and another that could access the corporate Exchange server and the internal network. By default, all webites were locked out, but you could request access to what you needed, one site at a time, and the security folks would see what thy could do. It took me a month of signatures to get my second computer, the one with full Internet access.
But the reverse is not true - not every company on .Net blocks websites. I don't actually know of any that block.
Blocking digg or facebook is one thing, but If you block Stackoverflow, there's no hope for your development practices.