>We use an iboss content filter which can decrypt ssl and rencrypt on the fly.

Is it safe to assume this is some sort of trusted MITM proxy?

I think this is really taking it too far. We use Lightspeed and they block SSL traffic during the handshake based on the domain its destined for. No need to decrypt anything.

It runs as a transparent proxy. We used to use Lightspeed but found it lacking in reporting. It can act as a MITM proxy if you turn the option on. We do however force safe search on search sites that the box works with.

THX for your efforts in bringing up the next generation of hackers and penetration testers!

(Perhaps you were being sarcastic) but these kids most probably won't be able to access a great many of the informative and educational websites that allow them to research and learn about how to properly secure computers and their online experience. Because (I've seen this) they are most likely dumped under the category of "hacking websites" ... even perfectly benign network tools.