If we're strictly doing web filtering and the appliance can still detect and filter HTTPS sites with SSL inspection off, why would we want to decrypt? Solely for the extra granularity like blocking facebook games and such?
One example could be that AMP on the WSA finds malicious downloads that your desktop AV would miss. Or Data loss prevention that you can inspect what your users are uploading to cloud-services.
