If you want to inspect SSL traffic then you will need to perform outbound or inbound SSL Inspection, keep in mind that there is an increased resource usage when inspectin SSL traffic, I strongly suggest you to go with a gradual inspection approach. In other words: Inspect by segments and see how it impacts your GW.
When using SSL Inspection be sure to run R80.20 or R80.30, R80.30 works best but has less kernel flags that allow you to bypass certain things. You may want to look at this post that I made were I give advices about SSL Inspection: https://community.checkpoint.com/t5/General-Topics/Outbound-SSL-Inspection-A-war-story/m-p/58647
Finally be sure to check SSL Best practices in sk108202
Threat emulation is another blade that doesn't have to do with SSL Inspection or Antivirus, main purpose is to emulate files downloaded from emails and http/https, at the moment is the most eficient solution to detect zero days. You will need NGTX licensing to run it.
Regards,
____________
https://www.linkedin.com/in/federicomeiners/