I think you might want to check out rule tracing if you havent seen it before: Web Gateway: Troubleshooting with Rule Engine Tracing
Rule tracing allows you to watch what happens when web traffic passes through the Web Gateway (MWG). You'll see each transaction sent by the browser, and how each transaction was handled by the rule engine. The rule trace will break down every fired/unfired rule so you can troubleshoot and understand how to adjust your rules to do what you want.
I'd suggest defining your tests and then validating them to see if they pass (i.e. is playboy blocked for x,y, but allowed for z; is cnn.com allowed for x, but not y,z).
Thanks for the welcome!
This method would would work for the testing and roll out phase where users know to expect back and forth questions, but wouldn't work so well for continued support.
The only issue I is that this method is sort of reactive. It requires us to create the rule and, in order to test it, bother the end user and ask them to try and get to the URL/category/etc. that they requested so we can perform the trace. I'm looking for a somewhat more transparent testing method where I can determine the outcome of the rule set against a particular user without having to involve that user until we're sure it functions properly.