One Pro for cert inspection is it doesn't involve needing to install a security certificate on workstation computers to avoid the certification warning that comes with implementing deep inspection. This is/was the Fortigate's original method of detecting web traffic on HTTPS and takes up less resources than deep inspection.
One con for cert inspection is it is does not recognize sites/domains that use the same wildcard *. security certificate as other sites, such as Youtube (which uses *.google.com certificate).
Pro for Deep inspection is it works well with detecting any URL access on HTTPS; but to get it to work, the Fortigate plays a MITM by substituting it's own security certificate in order to peek into the encrypted SSL tunnel between a client computer and the target website -- This is why you get those cert warnings. You need to either install the Fortigate's cert on client computers or install a custom cert on both the client computers and Fortigate.
Personally, I would go with deep inspection, but circumstances often dictate otherwise: e.g. Fortigate doesn't support it or not powerful enough, client doesn't have the resources (IT personnel or network infrastructure) to implement it.
IMHO.
