US 11,722,394 B2
Method and system for implementing high availability (HA) web application firewall (WAF) functionality
Ronald A. Lewis, Monroe, LA (US)
Assigned to CenturyLink Intellectual Property LLC, Broomfield, CO (US)
Filed by CenturyLink Intellectual Property LLC, Broomfield, CO (US)
Filed on Sep. 2, 2022, as Appl. No. 17/901,921.
Application 17/901,921 is a continuation of application No. 16/942,472, filed on Jul. 29, 2020, granted, now 11,438,253.
Application 16/942,472 is a continuation of application No. 16/119,382, filed on Aug. 31, 2018, granted, now 10,735,291, issued on Aug. 4, 2020.
Claims priority of provisional application 62/711,352, filed on Jul. 27, 2018.
Prior Publication US 2022/0417125 A1, Dec. 29, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 43/0852 (2022.01); H04L 9/40 (2022.01); H04L 67/01 (2022.01)
CPC H04L 43/0852 (2013.01) [H04L 63/02 (2013.01); H04L 63/0263 (2013.01); H04L 63/10 (2013.01); H04L 63/1408 (2013.01); H04L 67/01 (2022.05)] 20 Claims
OG exemplary drawing
 
1. A method, comprising:
launching, with a first computing system, at least one first web application firewall (“WAF”) container, each being tuned to a corresponding software application among a plurality of software applications provided by at least one server;
monitoring, with a second computing system, network communications between each client device of a plurality of client devices and the at least one server providing the client devices with access to software applications;
determining, with the second computing system and based on the monitored network communications, whether latency has been introduced as a result of the at least one first WAF container having been launched and whether any introduced latency exceeds a predetermined threshold;
based on a determination that latency has been introduced as a result of the at least one first WAF container having been launched and based on a determination that the introduced latency exceeds the predetermined threshold, launching, with the first computing system, one or more second WAF containers;
determining, with the second computing system and based on the monitored network communications, at least one of whether one or more client devices of the plurality of client devices are no longer accessing the corresponding software applications or whether use of hardware resources associated with the one or more software applications accessed by at least one client device among the plurality of client devices has decreased below a predetermined amount required by all implemented or launched software applications and first WAF containers; and
based on a determination that at least one of one or more client devices of the plurality of client devices are no longer accessing the corresponding software applications or that use of hardware resources associated with the one or more software applications accessed by at least one client device among the plurality of client devices has decreased below the predetermined amount required by all implemented or launched software applications and first WAF containers, decommissioning, with the first computing system, at least one third WAF container among a combination of the at least one first WAF container and the one or more second WAF containers.