Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-4, 13-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Foxhoven (US 2021/0168142) in view of Bansal (US 2024/0372880)
Regarding Claim 1,
Foxhoven (US 2021/0168142) teaches a system for deployment of decoupled threat management applications, wherein the system is configured to:
deploy, at a regional compute resource of a cloud environment, a backend tier of a threat management application, wherein the regional compute resource is located within a geographic region having one or more geographic zones (Fig .2, paragraph [0045] teaches cloud-based system, wherein enforcement nodes are “geographically distributed, and the user connects to the nearest”)(Paragraph [0131] teaches application 350);
and deploy, each of a plurality of local compute resources of the cloud environment, a frontend tier of the threat management application, wherein the one or more local compute resources are located within the one or more geographic zones of the geographic region, each of the one or more local compute resources comprising a respective first cache (Fig. 19, in particular step 1104, teaches a “local map”)(Paragraph [0132] teaches “The local map can be referred to as a cache of security policies”);
wherein the frontend tier of the threat management application, when executed by a respective local compute resource, causes the respective local compute resource to: receive, from an endpoint, a threat lookup request in relation to an object associated with the endpoint (Fig. 19 and associated text, teaches intercepting traffic based on a set of local rules and security policies)(Paragraph [0132] teaches the local approach “decreases the average latency”)(Fig. 5 and associated text, teaches a threat lookup request, i.e. a request for resources)
determine if a local threat response to the threat lookup request is available within the first cache of the respective local compute resource; if the local threat response is available within the first cache, cause the local threat response to be provided to the endpoint as a response to the threat lookup request (Fig. 19, 1106, teaches local map blocking or allowing traffic to access resources)and if the local threat response is not available within the first cache, forward the threat lookup request to the regional compute resource (Fig. 19, 1108, teaches, responsive to the connection not having an entry in the local map, forwarding a request to a cloud-based system for processing)
Foxhaven does not explicitly teach route a threat lookup request, received form an endpoint, to a respective local compute resource of the plurality of local compute resources, wherein the respective local compute resource is determined by comparing a latency between the endpoint and each of the plurality of local compute resources and selecting one of the plurality of local compute resources that has the lowest latency as the respective local compute resource
Bansal (US 2024/0372880) teaches route a threat lookup request, received form an endpoint, to a respective local compute resource of the plurality of local compute resources, wherein the respective local compute resource is determined by comparing a latency between the endpoint and each of the plurality of local compute resources and selecting one of the plurality of local compute resources that has the lowest latency as the respective local compute resource (Paragraph [0018] teaches distributing and localizing security enforcement modules…minimizing…network latency)(Paragraph [0044] teaches by having the localized security enforcement modules geographically close to the physical locations so that it reduces latency)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Foxhaven with the low latency method of Bansal
The motivation is to ensure low latency security control and increase real-time enforcement of security policies (Bansal (Paragraph [0044])
Regarding Claim 2,
Foxhoven and Bansal teaches the system of claim 1. Foxhoven teaches wherein the frontend tier of the threat management application, when executed by the respective local compute resource, further causes the local compute resource to:
receive, from the regional compute resource, a remote threat response based on the threat lookup request; and cause the remote threat response to be provided to the endpoint as the response to the threat lookup request (Paragraph [0136] teaches receiving an update from the cloud-based system and updating the local map based on the update).
Regarding Claim 3,
Foxhoven and Bansal teaches the system of claim 2. Foxhoven wherein the frontend tier of the threat management application, when executed by the respective local compute resource, further causes the local compute resource to: store the remote threat response within the first cache of the respective local compute resource (Paragraph [0136] teaches receiving an update from the cloud-based system and updating the local map based on the update, wherein the remote threat response is the cloud-based update)
Regarding Claim 4,
Foxhoven and Bansal teaches the system of claim 2. Foxhoven wherein the backend tier of the threat management application is configured to obtain the remote threat response from one of a plurality of response units accessible to the regional compute resource (Fig .2, teaches cloud-based system, comprising a plurality of enforcement nodes)
Regarding Claims 13-14,
Foxhoven and Bansal teaches the system of claim 1. Foxhoven wherein the object associated with the endpoint is processing logic requested to be performed at the endpoint, wherein the response provided to the endpoint an instruction to allow or deny the processing logic to be performed at the endpoint (Paragraph [0134] teaches the process intercepting traffic and allowing or blocking traffic).
Regarding Claims 15-19,
Claims 15-18 are similar in scope to Claims 1-4 and are rejected for a similar rationale.
Regarding Claim 20,
Claim 20 is similar in scope to Claim 1 and is rejected for a similar rationale.
Claim(s) 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Foxhoven and Bansal in view of Yang (US 2025/0141894)
Regarding Claim 5,
Foxhoven and Bansal teaches the system of claim 4 but does not explicitly teach wherein the plurality of response units accessible to the regional compute resource comprise a second cache, one or more databases, and a prediction model.
Yang (US 2025/0141894) teaches plurality of response units accessible to the regional compute resource comprise a second cache, one or more databases, and a prediction model (Paragraph [0136] teaches a database)(Paragraph [0034] teaches second cache)(Paragraph [0031-0032] teaches machine learning predictive model)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the regional compute resources of Foxhoven to include one or more cache, database and prediction model as taught by Yang and the results would be predictable (i.e. the enforcement points of Foxhoven would comprise a cache, database and prediction model)
Claim(s) 9-12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Foxhoven and Bansal in view of Lahiano (US 2024/0039892)
Regarding Claims 9,
Foxhoven and Bansal teaches the system of claim 1 but does not explicitly teach wherein the object associated with the endpoint is a uniform resource locator, URL, requested to be accessed from the endpoint,
Lahiano (US 2024/0039892) teaches wherein the object associated with the endpoint is a uniform resource locator, URL, requested to be accessed from the endpoint, (Paragraph [0019] teaches checking whether an address (e.g. URL) is trusted or contains malicious data fingerprints and blocking or allowing the connection)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Foxhoven with the method of allowing or denying access to a URL as taught by Lahiano and the results would be predictable (i.e. a URL associated with the endpoint would be allowed or blocked based on access policy)
Regarding Claim 10,
Foxhaven, Bansal and Lahiano teaches the system of Claim 9. Lahiano teaches
wherein the response provided to the endpoint comprises an instruction to allow or deny the endpoint to access the URL (Paragraph [0019] teaches checking whether an address (e.g. URL) is trusted or contains malicious data fingerprints and blocking or allowing the connection)
Regarding Claims 11,
Foxhoven and Bansal teaches the system of claim 1 but does not explicitly teach wherein the object associated with the endpoint is a file requested to be opened at the endpoint,
Lahiano (US 2024/0039892) teaches the object associated with the endpoint is a file requested to be opened at the endpoint (Paragraph [0049-51] teaches a file)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Foxhoven with the method of allowing or denying the opening of a file as taught Lahiano and the results would be predictable (i.e. a file associated with the endpoint would be allowed or blocked based on access policy)
Regarding Claim 12,
Foxhoven, Bansal and Lahiano teaches the system of Claim 11.
Lahiano (US 2024/0039892) teaches the object associated with the endpoint is a file requested to be opened at the endpoint, wherein the response provided to the endpoint comprises an instruction to allow or deny the file to be opened at the endpoint (Paragraph [0049-0051], teaches granting or denying request to access a target file)
Allowable Subject Matter
Claims 6-8 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARRIS C WANG whose telephone number is (571)270-1462. The examiner can normally be reached M-F 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached at 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HARRIS C WANG/Primary Examiner, Art Unit 2439
Prosecution Insights