Use Transparent Proxy or Non-Transparent Proxy?

Somewhere I read that through transparent Proxy it is possible that not all Content is scanned, and the LAN is better isolated from WAN when using non-transparent, is that correct?

Regards

There is a difference between standard and transparent proxy in the "DNS handling" of the clients.Standard proxy = your client can only resolve the internet in the HTTP connect phase via proxy port. Transparent proxy = your client tries to resolve the target server via DNS port 53.

Some of the attacks are DNS based. If you are blocking DNS port 53 from the clients and only use 3128 for proxy, the client (hacker/software) is not able to do a lookup on DNS base. Most of the software nowadays is trying to resolve there C&C server via DNS port 53. If this is blocked, they give up.

I know, quite insecure comment, but can give you a small "advantage" against the bot software.

There is a difference between standard and transparent proxy in the "DNS handling" of the clients.Standard proxy = your client can only resolve the internet in the HTTP connect phase via proxy port. Transparent proxy = your client tries to resolve the target server via DNS port 53.

Some of the attacks are DNS based. If you are blocking DNS port 53 from the clients and only use 3128 for proxy, the client (hacker/software) is not able to do a lookup on DNS base. Most of the software nowadays is trying to resolve there C&C server via DNS port 53. If this is blocked, they give up.

I know, quite insecure comment, but can give you a small "advantage" against the bot software.