Resolution
The inspect http command protects against specific attacks and other threats that can be associated with HTTP traffic. HTTP inspection performs several functions:
- Enhances HTTP inspection
- URL screening through N2H2 or WebSense
- Java and ActiveX filtering
The enhanced HTTP inspection feature, which is also known as an application firewall, verifies that HTTP messages conform to RFC 2616, use RFC-defined methods, and comply with various other criteria. This can help prevent attackers from using HTTP messages to circumvent a network security policy.
However, turning on the HTTP inspection feature sometimes makes the internet traffic slow when the WebSense server is integrated with the PIX Firewall. In many cases, turning off the HTTP inspection feature fixes the issue.
For more information, refer to the Managing HTTP Inspection section of Applying Application Layer Protocol Inspection.