I have been playing with Wireshark, listening to tutorials to try to learn and understand how i can begin using the tool at my job (i have authorization from the head honcho).

My task is to basically monitor HTTP traffic generated by our workstations to be able to track time that is spent being unproductive on websites instead of time spent working.

The problem:

I can track port 80 traffic when Wireshark is running on the workstation. However, is there a way to sniff packets coming in and out of the router itself?

The problem is that the internet traffic doesn't go through our server, therefore when i capture packets on the server, it captures all network traffic generated by our applications, but no HTTP traffic generated by the workstations. Is there a better way or a more centralized way to capture these packets from the workstations, where i can then filter them by IP address and analyze packets by workstation?

KNB15:
  If you have access to the routers, you might be able to set up a span port. On Cisco routers/switches they have a feature called span ports, that enable you to replicate all the traffic from one or more ports to another port. On Linksys they call it port mirroring. Either way, you could set up a system with an interface connected to this port, and the interface in promisc mode. The switch would replicate all traffic designated for a certain port to the port where you connected your system. You would then be able to listen in on all traffic going to and coming from the internet. Wireshark would then be able to report all unproductive web viewing. You would also be able to expand the systems capabilities by installing a IDS on that machine, and it could report any suspicious activities.
Hope this helps.