Hope you dont keep much confidential info on your Comp..
Hope you understand SSL just keeps people from peeking into a connection, also lets you know if someone has hijacked a domain, doesn't keep them from breaking into a computer system nor network. That aside, traditional network based blocking doesn't properly work with SSL and blocking malicious adverts or even files that are loaded on a secure website, unless you want to buy a NGFW that does DPI and can decide things on its own.
SSL gives a false sense of security, remember that. This website has only one thing personal, an email address, nothing else. Banking websites on the other hand should be fully encrypted to keep prying eyes out, but that doesn't prevent their server from being compromised. It just keeps prying eyes partially out.
Imagine this scenario, which frequently happens.
1: Popular website that is secured is breached, hacker doesn't change anything about the domain but changes the way an advertisement or script is run to load a malicious script.
2: Network firewall can't see what's being transmitted on a secure connection so it has to allow the connection to tunnel through with out traffic being scanned provided the domain wasn't fully blocked.
3: Q.Q user is now infected with god knows what and it can propagate through out the network because a "secure" website was in fact, not "secure".
4: Can't have full control of a network, because lets face it, someone above you is going tell you that they don't need to be monitored, they are cautious users or need to visit commonly blocked websites *rolls eyes*
5: Your entire network it self is now compromised because of a single script that a well known website loaded.
6: You later find out the script could have been blocked by traditional methods if the website didn't uselessly use SSL, because said website has ZERO user input!
