As far as we know, IPS signatures that look for SSL/TLS details like the version, do so in common SSL/TLS ports like TCP 443. We get that inspecting for SSL/TLS on every port will degrade performance, but it would be nice if the admin had the option to enable SSL/TLS inspection on IPS signatures in non-common ports.
This might be needed in scenarios where a company has to change the default port for services that use SSL/TLS and would like to keep the controls provided by the IPS signatures.
Miguel,
Actual inspection, as defined, is only for HTTPS, not other protocol that can use SSL/TLS for security. You can clone the HTPS and define different port for it and it should still be inspected, if this is all that you are trying to accomplish: