Hi Javi,
Using Application Control you can allow, monitor, or block 'HTTPS/SSL/TLS' traffic passing through the device for particular users, groups or IP's .
The device can also stop users from browsing to bad sites and url's Symantec can identify by IP.
What the device currently can't do is scan uploads or downloads transferred via secure sites, we are looking to introduce this in the SWG v5, currently slated for an autumn release.
Thanks,
Kevin