Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 16 and 17 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 16 recites the limitation “[t]he non-transitory machine-readable medium of claim 1” in line 1. There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, claim 16 is interpreted as depending on claim 15. Appropriate correction is required.
Claim 17 depends on claim 3; however, claim 3 does not recite a non-transitory machine readable medium. For the purpose of examination, claim 17 is interpreted as depending on claim 16. Appropriate correction is required.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-6, 8-19, and 21-25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Vallepalli (US 2022/0006758) and further in view of Palavalli (US 11,088,902).
Regarding claim 1, Vallepalli teaches: A method of managing policy for a logical network spanning a plurality of datacenters that includes at least first and second datacenters (¶ 16, “a first local-site controller configured to manage a first switching fabric at a first site, a second local-site controller configured to manage a second switching fabric at a second site, and a multi-site controller communicatively coupled to the first and second local-site controllers”), the method comprising:
at a network management service operating in a public cloud to manage the plurality of datacenters (¶ 24, “The multi-site controller 140 communicates with the local-site controllers 135 in each of the sites”):
receiving (i) a first policy configuration specifying logical network policy at the first datacenter from a first local network manager at the first datacenter (¶ 31, “At block 305, the multi-site controller receives local namespaces from the local-site controllers”) and (ii) a second policy configuration specifying logical network policy at the second datacenter from a second local network manager at the second datacenter (¶ 31, “At block 305, the multi-site controller receives local namespaces from the local-site controllers”);
consolidating the first and second policy configurations into a global policy configuration that also includes policy configuration defined at the network management service (¶ 32, “At block 310, the multi-site controller generates and transmits namespace translation mappings for the sites. That is, the multi-site controller uses the namespace values received from the local-site controller to effectively stretch the EPGs (and the BDs, VRF instances, and tenant infrastructure) across two or more of the sites”); and
using the global policy configuration to manage the policy configurations for the logical network at the plurality of datacenters (¶ 18, “the multi-site controller can establish shadow EPGs to facilitate security contracts and access policies between EPGs at different sites. For example, a security contract (or security policy) may indicate that hosts or applications assigned to a Web-EPG in a first site can communicate with hosts or applications assigned to an Application-EPG (i.e., an App-EPG) in a second site”).
Vallepalli does not expressly teach; however, Palavalli discloses: a global policy configuration (col. 4:15-18, “a global manager that manages a logical network spanning multiple datacenters to a local manager that manages the logical network at a particular one of the datacenters”).
It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of a global policy configuration, as taught by Palavalli, in the same way to the multi-site controller, as taught by Vallepalli. Both inventions are in the field of managing multiple datacenters, and combining them would have predictably resulted in “providing logical network configuration data from a global manager that manages a logical network spanning multiple datacenters to a local manager that manages the logical network at a particular one of the datacenters,” as indicated by Palavalli (col. 1:24-28).
Regarding claim 2, Palavalli teaches: The method of claim 1, wherein the first policy configuration is stored as a first policy tree at the first local network manager and the second policy configuration is stored as a second policy tree at the second local network manager (col. 13:41-47, “the global on-boarding coordinator requests, from the local manager, first level children (e.g., logical routers, domains, etc.) from a policy tree maintained by the local manager (e.g., a local version of the global policy tree 400 described above). Accordingly, at 910, the global on-boarding coordinator receives the first level children from the local manager”).
Regarding claim 3, Palavalli teaches: The method of claim 2, wherein the global policy configuration is stored as a third policy tree that incorporates at least portions of the first and second policy trees (col. 8:4-7, “the global configuration of the logical network is expressed as a hierarchical tree (also referred to as a global policy tree) with nodes and connections between the nodes”).
Regarding claim 4, Palavalli teaches: The method of claim 3, wherein: the third policy tree comprises a set of sub-trees; and portions of the first and second policy trees are incorporated into a particular sub-tree of the third policy tree (col. 8:7-12, “The nodes, in some embodiments, represent logical network elements that span one or more sites (e.g., datacenters), and logical network policies that apply to those network elements, while the connections between the nodes represent relationships between the network elements represented by the nodes”).
Regarding claim 5, Palavalli teaches: The method of claim 4, wherein within the particular sub-tree, the network management service adds site identifiers to nodes from the first policy tree and nodes of the second policy tree in order to differentiate elements that have the same name in the first and second policy trees (col. 15:21-24, “the local manager on-boarding coordinator changes, at 1015, the paths for all first level entries from “/infra/xxx” to “/global-infra/xxx” to reflect the global paths of the global manager”).
Regarding claim 6, Palavalli teaches: The method of claim 4, wherein: a particular portion of the first policy tree defines a sub-network at the first datacenter; and the particular portion of the first policy tree is incorporated into a separate sub-tree of the third policy tree (col. 13:41-47, “the global on-boarding coordinator requests, from the local manager, first level children (e.g., logical routers, domains, etc.) from a policy tree maintained by the local manager (e.g., a local version of the global policy tree 400 described above). Accordingly, at 910, the global on-boarding coordinator receives the first level children from the local manager”).
Regarding claim 8, Palavalli teaches: The method of claim 4 further comprising: receiving a definition of a sub-network at the network management service, the sub- network spanning at least the first and second datacenters (col. 13:20-24 “a network administrator may want to add a new site (e.g., a datacenter) at which an existing logical network is implemented, thereby adding that datacenter (and at least some of the logical network elements) to the global logical network managed by the global manager”); storing the definition of the sub-network as a separate sub-tree of the third policy tree (col. 13:25-29, “The administrator, in some embodiments, invokes an on-boarding process for the global manager of the existing logical network spanning multiple datacenters to add the new datacenter, and use the network manager of the datacenter as the local manager”); and providing the separate sub-tree to the first and second local network managers for the first and second local network managers to incorporate the separate sub-tree into the first and second policy trees, respectively (col. 13:29-34, “FIG. 9 conceptually illustrates a process 900 of some embodiments for on-boarding a new datacenter at which a local manager currently manages a logical network. In some embodiments, the process 900 is performed by a global manager (e.g., by a global on-boarding coordinator of the global manager)”).
Regarding claim 9, Palavalli teaches: The method of claim 1 further comprising: receiving, at the network management service, a modification to the logical network policy at the first datacenter (col. 9:45-48, “Next, at 335, the process determines whether any modifications to the relevant portions of the logical network configuration have been made (e.g., since the start time indicated by the start marker)”); updating the global policy configuration based on the received modification (col. 9:52-58, “Identifying these modifications ensures that the logical network configuration provided to the particular datacenter is both complete and up-to-date, according to some embodiments, and additionally ensures that the particular datacenter is synchronized with the other datacenters that are a part of the global logical network configuration”); and providing the modification to the first local network manager for the first local network manager to update the first policy configuration based on the modification (col. 9:56-58, “ensures that the particular datacenter is synchronized with the other datacenters that are a part of the global logical network configuration”).
Regarding claim 10, Palavalli teaches: The method of claim 1, wherein the first policy configuration defines at least (i) logical forwarding elements implemented by physical network elements at the first datacenter (col. 15:39-42, “the process transitions to 1035 to change the path of the non-default object and update forwarding relationships of the object to refer to global paths (e.g., instead of local paths)”) and (ii) security policy enforced by the physical network elements at the first datacenter (col. 9:11-14, “A logical network configuration table may include any one of a logical router table, a logical switch table, a security group table, a policy rule table, etc., according to some embodiments”).
Regarding claim 11, Vallepalli teaches: The method of claim 1, wherein: the network management service operates in a container cluster of the public cloud (¶ 20, “The endpoints can include the hosts 125 and applications 130 as well as virtual machines, hypervisors, containers, physical servers, etc.”); and a plurality of additional network management services operate in the container cluster to manage additional pluralities of datacenters (¶ 21, “the switches 115, 120 may also be deployed to facilitate communication in a physical or virtual cloud. For example, Sites 1 and 2 may be different regions of the same cloud infrastructure.”).
Regarding claim 12, Vallepalli teaches: The method of claim 11, wherein: the plurality of datacenters belong to a first tenant of a network management system (¶ 27, “As shown, a tenant infrastructure 205 is stretched across the sites. The tenant infrastructure 205 can be a logical container for application policies or shared resource requirements.”) and the additional pluralities of datacenters belong to additional tenants of the network management system (¶ 27, “each customer that uses the underlying datacenter or cloud can have their own tenant infrastructure that establishes their desired policies. As such, the unified fabric can include multiple tenant infrastructures 205”); and the network management service and the additional network management services are isolated from each other (¶ 32, “the multi-site controller uses the namespace values received from the local-site controller to effectively stretch the EPGs (and the BDs, VRF instances, and tenant infrastructure) across two or more of the sites”).
Regarding claim 13, Vallepalli teaches: The method of claim 1, wherein the public cloud is a first public cloud, wherein the first datacenter is a physical on-premises datacenter of the first tenant and the second datacenter is a virtual datacenter of the second tenant operating in a second public cloud (¶ 21, “the switches 115, 120 may also be deployed to facilitate communication in a physical or virtual cloud. For example, Sites 1 and 2 may be different regions of the same cloud infrastructure.”).
Regarding claim 14, Palavalli teaches: The method of claim 1, wherein the policy configuration defined at the network management service is defined by a network administrator (col. 3:5-10, “a network administrator may want to add a new site (e.g., a datacenter) at which an existing logical network is implemented, thereby adding that datacenter (and at least some of the logical network elements) to the global logical network managed by the global manager”).
Claims 15-19 and 21-25 recite commensurate subject matter as claims 1-6 and 8-12. Therefore, they are rejected for the same reasons.
Claim(s) 7 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Vallepalli and Palavalli, as applied above, and further in view of Singh (US 11,811,558).
Regarding claim 7, Vallepalli and Palavalli do not teach; however, Singh discloses: the plurality of datacenters belong to an enterprise that is a tenant of a network management system that includes the network management service (col. 10:7-10, “Datacenter 1400 provides pooled resources on which customers or tenants can dynamically provision and scale applications as needed without having to add servers or additional networking”); and the sub-network is a network defined at the first datacenter for a sub-tenant of the enterprise (col. 13:44-48, “In another example, the compute instances are injected into different customer subnets on the virtual machine. In another example, different discrete eNICs are respectively associated with the different customer subnets.”).
It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of the plurality of datacenters belong to an enterprise that is a tenant of a network management system that includes the network management service; and the sub-network is a network defined at the first datacenter for a sub-tenant of the enterprise, as taught by Singh, in the same way to the plurality of datacenters, as taught by Vallepalli and Palavalli. Both inventions are in the field of managing a plurality of datacenters, and combining them would have predictably resulted in “data plane isolation for the customer's VNet to comply with applicable security policies without disrupting management traffic between the injected resources and the service provider,” as indicated by Singh (abstract).
Claim 20 recites commensurate subject matter as claim 7. Therefore, it is rejected for the same reason.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JACOB D DASCOMB whose telephone number is (571)272-9993. The examiner can normally be reached M-F 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached at 5712723759. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JACOB D DASCOMB/Primary Examiner, Art Unit 2199