You have to distinguish three scenarios:
1) IPSec/SSL through the ASA with the IPS-module
The IPS can not look into the encrypted traffic, but can analyse the cleartext-headers for attacks. To inspect the payload you need an IPS-apliance that sits behind the VPN-termination-point.
2) IPSec and SSL-VPNs (tunneled) that are terminated on the ASA
This traffic can be inspected by the IPS-module in the ASA.
3) clientless SSL terminated on the ASA
This traffic is not inspected by the IPS-module in the ASA.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni