Stop running a web proxy
So we currently run a transparent web proxy in sucs.
All outbound HTTP connections from SUCSNet go through squid running on silver. All HTTP connections from guestnet go through squid on silver as well.
We don't do anything to HTTPS traffic.
As more and more of the internet becomes ssl enabled I really don't see the point of us running the proxy, think about all the web browsing traffic in the room, how much of that is https? We can't see/log any of that with our current setup.
There's an argument for redeploying squid in such a way that we can deal with HTTPS traffic but I don't think we should be doing that at all.
I say we drop squid and the idea of a proxy altogether. that means there's one less thing to debug, and there's less crazy nat rules in the firewall.