By tunneling technics it's possible to penetrate none L7 firewalls as they don't inspect the content of the packet.
as usually port 80 and 443 is allowed for internal users and also SSH protocol supports socks proxy, this can be used to connect remote ssh servers that runs from port:443, you may place your own or find public ssh servers on net
here is the screenshot doing it via putty
some other ways of penetration may be using proxy softwares like ultrasurf, making vpn to outside,using remote connection softwares like teamviewer (reverse connection), note that all of these techniques uses port 443
I wanted to draw your attention to importance of inspecting SSL traffic as it can be used for several illegal connections that can cause data leakage in your network