I am looking for some in depth documentation about how Cisco Cloud Web Security (formerly ScanSafe) scans / inspects HTTPS encrypted traffic. Do the ScanSafe towers act as a "man in the middle"? Any info is appreciated, otherwise I will have to figure it out the hard way a.k.a. packet capture.