Usually to protect the random unprotected machines on the local network (and the rest of the world from the poorly administered machines), in my experience.
Some of it often boils down to mindset of the admin - allow everything unless you know it is a problem, or block everything unless you ‘know’ it is good.
Some of it often boils down to mindset of the admin - allow everything unless you know it is a problem, or block everything unless you ‘know’ it is good.