the truth is that an Enterprise network is not a free-for-all with everyone running whatever they want and doing whatever they want.
you have a small (compared to the userbase) team of admins who are managing lots of machines. They need to the machines to continue to match what they expect them to be running. A significant part of this is preventing people from installing/doing things on those machines that they are not supposed to (another part is publishing the correct software and configs out to the machines, but this currently has many solutions)
these machines are company machines, supporting the business of the company. They are not the users personal machines.
in the old days there was the central mainframe and everything had to go through the admins, then with the PC the processing power (and administration) got distributed. What companies are finding is that this has some fairly significant problems.
Among them is the fact that since the company owns the computers, the company is liable if any illegal, the company needs to control what gets installed on the machines.
Another issue in many environments is that the company is liable for damages if the wrong data leaves the company. This can't be completely prevented, but it can be made difficult enough that it won't be done accidently.
Now I would be the last to try and claim that there aren't companies who just have bad management and who micro-manage their employees just because they can, but there are real needs for theseuse-prevention technologies. The uses are almost all int the enterprise, and at this point this space is one of the few areas where a lot of work is needed (I don't count reverse engineering the exchange protocol to be in the same class, while that's very important to users (myself included), it's not a requirement for any enterprise that's willing to break the exchange shackle, and there are a lot of options there)