By default, the Symantec Web Security Service does not intercept inbound HTTPS traffic from destination web locations and applications. With the default configuration, the Web Security Service applies content filtering policy to the furthest extent possible; however, it cannot apply policies to transactions that require deeper inspection, such as web application controls or malware scanning. Enabling SSL interception allows the Web Security Service to decrypt HTTPS connections, examine the contents, and perform policy checks.
To retain the security of personal private information, Symantec recommends excluding some content filtering categories from termination and inspection. By default, the Web Security Service does not intercept HTTPS traffic categorized as Brokerage/Trading, Financial Services, and Health, because this content usually involves private, sensitive personal account information.
Note: If your policy allows uploading and downloading attachments in Gmail, you must enable SSL Interception. See Define a User-Based Web Applications Policy. See Also: About the All Ports License.
Link to complete article: