I think it would be an alternative idea to put the MWG into transparent bridge mode, and put it between WLAN Controller and Firewall. In transparent bridge mode MWG will intercept all requests to port 80/443 for filtering, while all other packets will just be forwarded. Since we act in bridge mode, there is no need for configuration changes on other network devices. MWG basically works like a smart cable in this case :-)
Thanks for your response, I have read around further today and managed to speak to someone else at McAfee who also recommended the same.