DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Hunter E. Webb on 01/07/2021.

This listing of claims will replace all prior versions and listings of claims in the application:

IN THE CLAIMS:
1.	(Currently Amended) A method for performing network intrusion detection and prevention service (NIDPS) detection on a proxy server in a networked computing environment, comprising:
	obtaining, by a NIDPS component located on a proxy server, a set of decoded communications from a front end proxy located on the proxy server, the decoded communications being communications sent by external users to content servers over a network that are intercepted by the proxy server and decoded by the front end proxy;
	performing, by an NIDPS component, a verification of the decoded communications to detect whether the communication comprises a network threat;
	forwarding, by the NIDPS component in response to the verification that the decoded communication does not comprise a network threat, a verified communication to a back end proxy;
	forwarding, in response to a detection of a network threat by the NIDPS component, an indication of the network threat to a cognitive server; and
	initiating an automatic scaling of the NIDPS component by the cognitive server that is based on an associated characteristic of the network threat in response to indications of network threats from the NIDPS component, the initiating of the automatic scaling further comprising:
	identifying, by the cognitive server, the associated characteristic of the network threat within the communication sent by the NIDPS component; 
	creating a number of new NIDPS queues in the NIDPS component based on the associated characteristic; and
distributing communications among the new NIDPS queues. 

2.	(Original) The method of claim 1, further comprising generating, by the back end proxy, routing information between the external users and the content servers for the verified communication.

3.	(Original) The method of claim 1, further comprising:
	receiving, at the front end proxy, a communication of the set of communications; 
	determining whether the communication is a secure sockets layer (SSL) communication;
	terminating, in response to a determination that the communication is a SSL communication, the SSL for the communication; and 
	decoding the communication for forwarding to the NIDPS component.

4.	(Canceled).

5.	(Currently Amended) The method of claim 1, wherein the associated characteristic includes a time of day that has previously been subject to network threats.

6.	(Currently Amended) The method of claim 1, wherein, in response to the associated characteristic including a source of the communication, at least one of the new queues is a source-based dedicated queue that is dedicated to the source of the communication.

7.	(Original) The method of claim 1, 
	wherein the networked computing environment is a cloud computing environment, and
	wherein the proxy server is a cloud server in the cloud computing environment.

8.	(Currently Amended) A computer system for performing network intrusion detection and prevention service (NIDPS) detection on a proxy server in a networked computing environment, the computer system comprising: 
	a proxy server located between a content server and a network and having:
	a front end proxy that decodes a set of communications from external users over the network into decoded communications;
	a back end proxy operating independently from the front end proxy that generates routing information between the content servers and the external users for verified communications; 
	a NIDPS component operating independently from the front end proxy and the back end proxy that verifies that the decoded communications are free from network threats and forwards the verified communications to the back end proxy; and
	a cognitive server that initiates automatic scaling of the NIDPS component that is based on an associated characteristic of the network threat in response to indications of network threats from the NIDPS component, the cognitive server further:
identifying the associated characteristic of the network threat within the communication sent by the NIDPS component; 
	creating a number of new NIDPS queues in the NIDPS component based on the associated characteristic; and
	distributing communications among the new NIDPS queues. 

9.	(Original) The system of claim 8, the front end proxy further:
	receiving a communication of the set of communications; 
	determining whether the communication is a secure sockets layer (SSL) communication;
	terminating, in response to a determination that the communication is a SSL communication, the SSL for the communication; and 
	decoding the communication for forwarding to the NIDPS component.

10.	(Canceled). 

11.	(Currently Amended) The system of claim 8, wherein the associated characteristic includes a time of day that has previously been subject to network threats. 

12.	(Currently Amended) The system of claim 8, wherein, in response to the associated characteristic including a source of the communication, at least one of the new queues is a source-based dedicated queue that is dedicated to the source of the communication.

13.	(Original) The system of claim 8, 
	wherein the networked computing environment is a cloud computing environment, and
	wherein the proxy server is a cloud server in the cloud computing environment.

14.	(Currently Amended) A computer program product embodied in a computer readable storage medium that, when executed by a computer device, performs a method for performing network intrusion detection and prevention service (NIDPS) detection on a proxy server in a networked computing environment, the method comprising:
	obtaining, by a NIDPS component located on a proxy server, a set of decoded communications from a front end proxy located on the proxy server, the decoded communications being communications sent by external users to content servers over a network that are intercepted by the proxy server and decoded by the front end proxy;
	performing, by an NIDPS component, a verification of the decoded communications to detect whether the communication comprises a network threat;
	forwarding, by the NIDPS component in response to the verification that the decoded communication does not comprise a network threat, a verified communication to a back end proxy;
	forwarding, in response to a detection of a network threat by the NIDPS component, an indication of the network threat to a cognitive server; and
an associated characteristic of the network threat in response to indications of network threats from the NIDPS component, the initiating of the automatic scaling further comprising:
	identifying, by the cognitive server, [[an]] the associated characteristic of the network threat within the communication sent by the NIDPS component; 
	creating a number of new NIDPS queues in the NIDPS component based on the associated characteristic; and
	distributing communications among the new NIDPS queues.

15.	(Original) The program product of claim 14, the method further comprising generating, by the back end proxy, routing information between the external users and the content servers for the verified communication.

16.	(Original) The program product of claim 14, the method further comprising:
	receiving, at the front end proxy, a communication of the set of communications; 
	determining whether the communication is a secure sockets layer (SSL) communication;
	terminating, in response to a determination that the communication is a SSL communication, the SSL for the communication; and 
	decoding the communication for forwarding to the NIDPS component.

17.	(Canceled).

18.	(Currently Amended) The program product of claim 14, wherein the associated characteristic includes a time of day that has previously been subject to network threats.

19.	(Currently Amended) The program product of claim 14, wherein, in response to the associated characteristic including a source of the communication, at least one of the new queues is a source-based dedicated queue that is dedicated to the source of the communication.

20.	(Original) The method of claim 14, 
	wherein the networked computing environment is a cloud computing environment, and
	wherein the proxy server is a cloud server in the cloud computing environment.


Allowable Subject Matter

Claims 1-3, 5-9, 11-16, and 18-20 are allowed.

This communication warrants No Examiner's Reason for Allowance, applicant's reply make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule 37 CFR 1.104(e). Specifically, the substance of applicant’s remarks filed 09/25/2020 are persuasive, as such the reasons for allowance are in all probability evident from the record and no statement is deemed necessary (see MPEP 1302.14).
    
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance.

	
Conclusion

Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure..

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976.  The examiner can normally be reached on Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.