I think my point of view is that a transparent proxy is a consumer or a mobile approach to proxies, and I think that the discussions here tend to miss this whole aspect of the conversation. Admins may still be able to argue that they make the call, but SMB technology deployment is heavily influenced by consumer-think and mobile-think through end users. If nothing else, the combination of Apple's growth and their long tradition of keeping technology as transparent as possible to the end user is changing expectations. And we SMB admins, sooner or later, are going to have to acknowledge those expectations.
I personally get confused by the range of views often presented here, keeping me from understanding where the center of gravity is in the Zentyal community. Some people won't think of asking mom to use a PPTP connection on her iPad. But it seems like expecting mom to change her iPad's proxy settings on the fly might be the right thing to do ...
Anyway, for once I wanted to participate in the Zentyal-specific technical side of the proxy discussion. Consider the dilemma I face: We use a transparent proxy because I have empirical evidence that asking staff to master changing their own proxy settings on mobile devices (including regular old notebook computers) amounts to asking a
lot of mom. But it
appears that Zentyal and Wyse zero clients don't play nicely together in a transparent proxy arrangement. I end up pretty much all by myself (sniff) lobbying for a Zentyal design approach that looks to the future of the SMB market, where big guns are promoting virtulaization and private clound technology as affordable options during the impending XP-EOL-driven refresh cycle.
These vendors see business investment dollars coming their way if they can spread the word, so much so that their reps even talk to small operations like ours and even communicate with big distributors on our behalf for special pricing. But Windows-powered servers are still the understood infrastructure platform, not Linux-based solutions in general and not Zentyal in particular. Zentyal "needs" to allow, at the GUI level, for selective proxy bypass, for DHCP options, and whatever other roadblocks might come up to
transparent Zentyal implementation in SMBs.
So my contribution to this discussion is that weighing the merits of proxy transparency is an excellent idea, and it is absolutely true that a knowledge of the pros and cons makes for a much wiser admin. But ... let's not make the mistake of thinking a self-contained a-contextual discussion of transparent and non-transparent proxies is the end of the conversation. The knowledge gained is vital, but real-world SMB admins work in a context that is not so neatly confined to proxy pros and cons. As a real world admin trying to keep technology as transparent to my "customers" as I can while dealing with business and budget realities, I am faced with trying to depoy virtualization technology that understadably assumes a Windows environment while increasing our use of mobile and road warrior solutions but trying to retain Zentyal, which almost entirely lacks the GUI tools I need to make things work even when the underlying technology doesn't. And I'd like maybe even to take a day off once in a while during all this ...
I dunno ... I'm a little tired and just a little guy in a rapidly changing SMB market. I probably should just throw in the towel and do what the majority are doing on the infrastructure side of things and go camping more often ... I'm getting too old to do much else.