Client has BM3.6, is licensed for 3.7. We would like to upgrade to 3.7
w/SP1 and Field Patch 4C and use as a one-armed, transparent HTTP proxy.
Currently, it has 2 NICs, and all workstations are configured with the 2nd
NIC as the proxy address.

Firewall services are provided by a dedicated CheckPoint firewall;
likewise, we have a standalone SurfControl server.

I have read all of your previous posts about transparent proxy, which
advise against it. However, everyone else seems to be using much more of
BM's built-in functionality than we will (once we remove the second NIC).

Please tell me what is so broken/damaged in Novell's implementation of
transparent proxy that we should not proceed as planned.