If you are running a UTM or firewall and are not inspecting SSL traffic I am sorry to say your firewall is useless.
Why is this?
well first of all most traffic now is going over HTTPS even malware sites the fact of the matter is that just like you and I can get an SSL certificate so can the hackers.
Even if it’s not a hacker but a compromised site that has malware on it if your firewall can’t inspect the encrypted traffic it cannot block it.
But this feature can be pricey and require a beefier device for the extra overhead but the cost is necessary if you are running a network.
The deployment can be tricky on a large network but a smaller network is usually a breeze usually just a matter of importing an SSL certificate that acts as a main in the middle.
The traffic is decrypted between the client and the device and re-encrypted and sent back to the internet.
Here is a video showing what happens I download a malware file without SSL encryption.
Let me know if you have any questions!