I would recommend opening a support case with McAfee on the issues you describe or posting the question on the McAfee community support forums. My organization uses these devices for email edge devices only and not for web traffic filtering. Web traffic filtering is handled by 8e6 or Websense type devices.
You should also make sure that the user’s traffic is hitting the SIG devices. Capture traffic to/from the SIG(s) and ensure that the device is in the traffic path between the clients and the internet. It may be that the users are bypassing the device in some way and therefore the rules are being ignored.