One of the most "efficient" ways to control/monitor client traffic to the internet is to use a Proxy Server.
This is a server which takes client requests and passes them to the outside world. You can choose to cache requests to help speed, or apply ACL Access Control Lists to tailor external access.
If you primarily want to do http control, I suggest you start at http://www.dansguardian.org
for their content filter, which talks to a Proxy Server, Squid for example, then add different proxies for SOCKS, ftp, email etc.
Be ready for a quick learning curve...