Downfalls of Proxy Server

[john kerr <jkerr2 () csc com>]

All,
    I was wondering what the downfalls of using Microsofts proxy server
to authenticate internal users to the Internet for HTTP services only.
I realize that a rule must be put in the firewall to allow HTTP out from
the proxy servers IP Address and that you no longer have a centralized
location for all of the logs, but are their any other shortcomings?  The
internal network would be a windows NT network.  The problem I'm trying
to solve here is opposed to perfoming user authentication at the
firewall and setting up users.  I would use the NT groups already set-up
in the internal and then selectively allow each group HTTP access.  Any
thoughts?
            John