DETAILED ACTION
This Action is in consideration of the Applicant’s response on June 24, 2025. Claims 1, 8, and 15 are amended by the Applicant. Claims 1, 3 – 8, 10 – 15, and 17 – 20, where Claims 1, 8, and 15 are in independent form, are presented for examination.
Notice of Pre-AIA or AIA Status
The present application is being examined under the pre-AIA first to invent provisions.
Response to Arguments
Applicant’s arguments filed June 24, 2025 have been fully considered but they are not persuasive. Applicant argued:
a) Regarding Claims 1, 8, and 15, Bidaud does not disclose that the audit device directly performs the vulnerability assessment.
b) Regarding Claims 1, 8, and 15, Bidaud does not disclose that the extension audit device is in communication with a second firewall.
The Office respectfully disagrees with Applicant’s assertions.
1. With regards to a), the Office reminds the Applicant that the pending claims must be "given the broadest reasonable interpretation consistent with the specification" [In re Prater, 162 USPQ 541 (CCPA 1969)] and "consistent with the interpretation that those skilled in the art would reach" [In re Cortright, 49 USPQ2d 1464 (Fed. Cir. 1999)].
While the amendment appears to be in response to the Office’s rebuttal in the last Office Action [See Remarks, Pg. 9], the term “vulnerability assessment” does not specifically preclude the performance of other functions that can be considered part of a vulnerability assessment. For example, the vulnerability assessment does not specifically indicate that a test or audit is to be performed by the audit device. The terms audit and vulnerability assessment are specifically distinguished in the claims [e.g., Claim 1].
Bidaud discloses that the console controls the operations and configurations of the test agents and distributes the task between local and remote agents [Para. 0013, 0046-47]. Therefore, the sending of commands and configurations to the security agents to run particular tests throughout the network can be interpreted as performing a directly performing a “vulnerability assessment on one or more servers in a network” as claimed. Unless the term vulnerability assessment specifically indicates that the audit device performs the audit or testing of one or more of the servers, the limitation is not distinguishable over the cited reference.
2. With regards to b), the Applicant appears to allege that there is no communication between agent 18d and the firewall 30 because the reference is silent as to any communication between the firewall and security agent [See Remarks, Pg. 11].
However, Bidaud clearly discloses that the results of the tests performed by the agent 18d are reported back to the console along communication path 22d, which the internet and a firewall between the internet and network 20d [Fig. 1, Para. 0041-42]. In other words, for agent 18d to communicate with the console, communications must travel through firewall 30 [Fig. 1]. Therefore, Bidaud discloses the claimed limitation.
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim 1, 3 – 8, 10 – 15, and 17 – 20 are rejected under pre-AIA 35 U.S.C. 103(a) as being unpatentable over PGPub. 2003/0051163 (hereinafter “Bidaud”), in view of U.S. Patent 7,926,113 (hereinafter “Gula”).
3. Regarding Claims 1 and 8, Bidaud discloses of a non-transitory computer-readable medium (Claim 8) storing executable instructions that, when executed, cause one or more processors (to perform operations (Claim 1; method), [Figs, 1, 5, 8, and 10; Abstract] comprising:
performing, by an audit device, a vulnerability assessment on one or more devices in the network that are subject to a common security policy [Figs. 1, 5, 8, 10, and 12; Para. 0046-55, 0071, 0073, 0081; console (audit device) initiates testing of the integrity of each of the firewalls and general security of the network system (common security policy) to be performed on various remote networks to the remote agents within these networks; testing on one host in a first external network], wherein the audit device directly performs the vulnerability assessment [Figs. 1, 5, 8, 10, and 12; Para. 0013, 0046-55, 0071, 0073, 0081; console (audit device) controls the operations and configurations of the test agents and distributes the task between local and remote agents to perform a network vulnerability assessment],
in response to receiving a request to perform an audit from the audit device, performing, by an extension audit device, the audit of one or more other servers in a network at a remote site [Figs. 1, 5, 8, and 10; Para. 0046-53, 0071, 0073, 0081; console (audit device) initiates testing of the integrity of each of the firewalls and general security of the network system to be performed on various remote networks to the remote agents (extension audit device) within these external networks; multiple remote agents being deployed for testing other hosts in other networks in addition to one host in the first external network], wherein the extension audit device is in communication with a second firewall that is disposed between the extension audit device and the Internet [Fig. 1, items 18d, 28, and 30; Para. 0041-42]; and
obtaining information about an audit being performed by the audit device, the extension audit device, or both the audit device and the extension audit device [Fig. 10; Para. 0053, 0071, 0073, 0081]; and
providing a report including results of the audit being performed [Fig. 10; Para. 0053, 0081].
Bidaud, however, does not specifically disclose that the audit device is in communication with a first firewall that is disposed between the audit device and an Internet.
Gula discloses a system and method for performing vulnerability scans across one or more networks using a distributed security management system [Abstract]. Gula further discloses that management console scans network devices using various scanners and is in communication with an external firewall disposed between the audit device and the Internet [Fig. 8; Col. 7, lines 23-50]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Gula with Bidaud since both systems utilize multiple scanners to perform a vulnerability assessment for a plurality of networks. The combination would enable the console in Bidaud to be within its own network protected by a firewall. This would have been a designer’s choice as to placing a firewall between the console and the external network. The motivation to do so is to insulate the devices within the network from attacks to improve security [Col. 7, lines 41-43].
4. Regarding Claim 15, Bidaud discloses of a system to manage an audit of a remote server [Fig. 1; Abstract; Para. 0040-42], comprising:
an audit device configured to perform a vulnerability assessment on one or more servers in a network that are subject to a common security policy [Figs. 1, 5, 8, 10, and 12; Para. 0046-55, 0071, 0073, 0081; console (audit device) initiates testing of the integrity of each of the firewalls and general security of the network system (common security policy) to be performed on various remote networks to the remote agents within these networks; testing on one host in a first external network], wherein the audit device directly performs the vulnerability assessment [Figs. 1, 5, 8, 10, and 12; Para. 0013, 0046-55, 0071, 0073, 0081; console (audit device) controls the operations and configurations of the test agents and distributes the task between local and remote agents to perform a network vulnerability assessment], ; and
an extension audit device configured to in response to receiving a request to perform an audit from the auditor, perform the audit of one or more other servers in a network at a remote site [Figs. 1, 5, 8, and 10; Para. 0046-53, 0071, 0073, 0081; console (audit device) initiates testing of the integrity of each of the firewalls and general security of the network system to be performed on various remote networks to the remote agents (extension audit device) within these external networks; multiple remote agents being deployed for testing other hosts in other networks in addition to one host in the first external network], wherein the extension audit device is in communication with a second firewall that is disposed between the extension audit device and the Internet [Fig. 1, items 18d, 28, and 30; Para. 0041-42];
wherein the system is configured to obtain information about an audit being performed by the audit device, the extension audit device, or both the audit device and the extension audit device and provide a report including results of the audit being performed [Fig. 10; Para. 0053, 0071, 0073, 0081].
Bidaud, however, does not specifically disclose that the audit device is in communication with a first firewall that is disposed between the audit device and an Internet.
Gula discloses a system and method for performing vulnerability scans across one or more networks using a distributed security management system [Abstract]. Gula further discloses that management console scans network devices using various scanners and is in communication with an external firewall disposed between the audit device and the Internet [Fig. 8; Col. 7, lines 23-50]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Gula with Bidaud since both systems utilize multiple scanners to perform a vulnerability assessment for a plurality of networks. The combination would enable the console in Bidaud to be within its own network protected by a firewall. This would have been a designer’s choice as to placing a firewall between the console and the external network. The motivation to do so is to insulate the devices within the network from attacks to improve security [Col. 7, lines 41-43].
5. Regarding Claims 3, 10, and 17, Bidaud, in view of Gula, discloses all the limitations of Claims 1, 8, and 15 above. Bidaud further discloses that the audit being performed by the auditor, the extension auditor, or both the auditor and the extension auditor includes an audit of one or more end-points in the network [Fig. 12; Para. 0055; probing the firewalls].
6. Regarding Claims 4, 11, and 18, Bidaud, in view of Gula, discloses all the limitations of Claims 1, 8, and 15 above. Bidaud further discloses that the audit being performed by the auditor includes determining whether revisions to the common security policy are needed [Figs. 17-20; Para. 0076-81; configurations for the agents are synchronized to perform the tests].
7. Regarding Claims 5, 12, and 19, Bidaud, in view of Gula, discloses all the limitations of Claims 3, 10, and 17 above. Bidaud further discloses that the one or more end-point is a wireless end point [Fig. 2; Para. 0043].
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Contacts
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tae K. Kim, whose telephone number is (571) 270-1979. The examiner can normally be reached on Monday - Friday (10:00 AM - 6:30 PM EST).
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jorge Ortiz-Criado, can be reached on (571) 272-7624. The fax phone number for submitting all Official communications is (703) 872-9306. The fax phone number for submitting informal communications such as drafts, proposed amendments, etc., may be faxed directly to the examiner at (571) 270-2979.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free).
/TAE K KIM/Primary Examiner, Art Unit 2496