DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the communication filed on 01/27/2026.
Examiner notes that in response to the Requirement for Restriction/Election mailed on 12/17/2025, Applicant has elected via the Response to Restriction Requirement filed on 01/27/2026, without traverse, invention Group I comprising claims 1-7 for examination, and has withdrawn claims 8-20.
Claims 1-20 are pending, of which, claims 8-20 have been withdrawn.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, and 4-6 are rejected under 35 U.S.C. 103 as being unpatentable over Boire-Lavigne et al. (US 2014/0334481) in view of deRuijter et al. (US 7,903,672).
Claim 1, Boire teaches:
A firewall device, comprising:
one or more computer processors; and a non-transitory memory containing computer program code that, when executed by operation of the one or more computer processors, performs an operation comprising: (e.g., [0088])
maintaining a firewall data structure for use in managing register operations sent to one or more endpoint devices; (e.g., [0039], “To establish a TCP connection with the application server 140, the relay agent 110A, 110B sends a registration request to the application server 140” [0040], “Upon receipt of the outbound registration request, the firewall/NAT 30A, 30B…creates an entry in its NATing table”)
receiving, over a secure communications channel, an entry to the firewall data structure, the entry specifying (i) a register operation for an endpoint device, (ii) a value for the register operation; (e.g., [0039], “To establish a TCP connection with the application server 140, the relay agent 110A, 110B sends a registration request to the application server 140…The registration request includes the AccountID and password for the user being registered, the IP address (natip) of the firewall/NAT 30A, 30B discovered during the firewall punching procedure, and the private address on which the PBX agent 110A, 110B would like to receive SIP requests” [0040], “Upon receipt of the outbound registration request, the firewall/NAT 30A, 30B allocates a port on the firewall/NAT 30A, 30B and creates an entry in its NATing table that associates the public address of the port with the private address of the relay agent 110A, 110B from which the registration request was sent”)
updating the firewall data structure to add the received entry to the firewall data structure; (e.g., [0040], “Upon receipt of the outbound registration request, the firewall/NAT 30A, 30B allocates a port on the firewall/NAT 30A, 30B and creates an entry in its NATing table that associates the public address of the port with the private address of the relay agent 110A, 110B from which the registration request was sent”)
receiving a first register operation for the endpoint device over an unsecured communications channel; (e.g., [0071], “The corporate firewall/NAT 30A, 30B receives the FWPP on the LAN side and searches its NATing table to see if there is already an association between the private source address of the FWPP and the public destination address of the FWPP”)
determining that the added entry within the firewall data structure corresponds to the received first register operation; (e.g., [0071], “The corporate firewall/NAT 30A, 30B receives the FWPP on the LAN side and searches its NATing table to see if there is already an association between the private source address of the FWPP and the public destination address of the FWPP…If a matching entry is found, the firewall/NAT 30A, 30B updates the time to live of this NATing entry and sends the FWPP to the public destination address using the same public source address that was found in the table”)
forwarding the received first register operation to the endpoint device for execution. (e.g., [0071], “If a matching entry is found, the firewall/NAT 30A, 30B updates the time to live of this NATing entry and sends the FWPP to the public destination address using the same public source address that was found in the table”)
Boire teaches the register operation, and the register operation can be performed within the firewall data structure (see above), Boire does not appear to explicitly teach but deRuijter teaches:
a count of times that a register operation can be performed; and decrementing the count of times that the register operation can be performed. (e.g., col., 6 ll. 49-66, “If registration database…contains a corresponding active registration transaction entry…uses the content of the active registration transaction entry to generate autonomous registration response…After generating autonomous registration response…decrements a counter associated with the active registration transaction entry…If the counter associated with the registration transaction entry is zero…erases or otherwise makes the registration transaction entry inactive”)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by deRuijter into the invention of Boire, and the motivation for such an implementation would be for the purpose of facilitating registration load reduction (deRuijter col. 8 ll. 46).
Claim 2, Boire-deRuijter teaches:
wherein data is transmitted across the unsecured communications channel in cleartext. (e.g., Boire [0070])
Claim 4, Boire-deRuijter teaches:
upon determining that the count of times that a second register operation can be performed is equal to zero, removing an entry corresponding to the second register operation from the firewall data structure. (e.g., deRuijter col. 6 ll. 63-66)
Same motivation as presented in claim 1 would apply.
Claim 5, Boire-deRuijter teaches:
wherein the endpoint device is configured to execute the first register operation upon receiving the first register operation. (e.g., Boire [0071])
Claim 6, Boire-deRuijter teaches:
wherein the first register operation is forwarded to the endpoint device for execution using a second unsecured communications channel, wherein the firewall device, the endpoint device and the second unsecured communications channel are located within a secured physical environment. (e.g., Boire [0071]-[0074])
Claims 3, and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Boire-Lavigne et al. (US 2014/0334481) in view of deRuijter et al. (US 7,903,672) further in view of Cianfrocca (US 2013/0139247).
Claim 3, Boire-deRuijter teaches the unsecured communications channel is used to transmit data (see above) and does not appear to explicitly teach but Cianfrocca teaches:
conforming to a Modbus data communications protocol. (e.g., [0047])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Cianfrocca into the invention of Boire-deRuijter, and the motivation for such an implementation would be for the purpose of protecting against attacks and unauthorized accesses ([0006]-[0008]).
Claim 7, Boire-deRuijter teaches the second unsecured communications channel is used to transmit data (see above) and does not appear to explicitly teach but Cianfrocca teaches:
conforming to a Modbus data communications protocol. (e.g., [0047])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Cianfrocca into the invention of Boire-deRuijter, and the motivation for such an implementation would be for the purpose of protecting against attacks and unauthorized accesses ([0006]-[0008]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: US 2009/0025077 discloses method and system for managing firewall configurations.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMIE C LIN whose telephone number is (571)272-7752. The examiner can normally be reached M-F 9:00AM -5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached at (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AMIE C. LIN/Primary Examiner, Art Unit 2436