AUTOMATIC REMEDIATION OF A NETWORK COMPONENT CONFIGURATION

§102 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statement (IDS) submitted on 11/05/2025 was filed after the mailing date of the Non-Final Rejection on 8/05/2025. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Response to Arguments Specification Substitute paragraphs as amended on 11/05/2025 has been reviewed and entered. Drawings Applicant's arguments filed on 11/05/2025 have been fully considered, and with respect objection to the Drawings, they are persuasive. Examiner withdraws prior objections to Figures 1 and 2. Claim Objections Amendment to Claim 17 is noted and the prior objection is withdrawn. Claim Rejections - 35 USC § 112 Applicant's arguments with respect to 35 USC 112 has been considered but they are not persuasive. With respect to claim 7, the Applicant reiterates the Examiner’s cited paragraphs in the previous office action, from the instant Specification para [0021], and argues that “additional or new” terminologies are used interchangeably to support “automatically remediating the current configuration of the network of the network component includes deleting the new firewall rule.” Examiner respectfully disagrees. Instant specification para [0021] explicitly discloses, if the current configuration is identified as having an additional firewall rule, then automatically remediating the current configuration may include deleting the additional network security parameter (such as an additional rule). Para [0021] does not disclose “automatically remediating the current configuration of the network component includes deleting the new firewall rule”. Examiner maintains 35 USC 112 rejection for Claim 7. With respect to claim 11, the Amendment to claim 11 along with the Applicant’s remarks, are persuasive and Examiner withdraws 35 USC 112 rejection. With respect to claim 14, the Applicant’s remarks are persuasive, and Examiner withdraws 35 USC 112 rejection. Claim Rejections - 35 USC § 102 With respect to prior art rejection of claims 1 – 9 and 12 – 20, Examiner disagrees with the Applicant’s characterization of the prior art US Patent 9894100, issued to Pernicha. With respect to claims 1 and 20, Applicant primarily argues that the prior art does not disclose “identifying that the current configuration of the network component differs from the most-recent authenticated configuration of the network component”; “automatically remediating the current configuration of the network component”. Examiner respectfully disagrees and elaborates the teachings from the prior art (and, as detailed in the previous prior art rejection below). Pernicha discloses managing and updating network policy rules automatically, identifies and/or determines dependencies, updates set of policy rules based on one or more categories assigned to particular types of traffic, preference settings, priority settings and network traffic characteristics. In particular, Pernicha discloses “identifying that the current configuration of the network component differs from the most-recent authenticated configuration of the network component”, [grouping policy] identifies policy rules with the existing/current configuration along with identifying conflicts among policy rules [additional rules]. See Fig.1 and associated text; Pernicha further discloses “automatically remediating the current configuration of the network component”, automatically determining policy rules by updating a set of policy rules, along with deleting sub-set of policy rules of the updated set of policy rules based on particular types of traffic preference/priority settings, See Fig.1 and associated text. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection. With respect to Claim 2, Applicant agrees that Pernicha teaches “optimizing” the updated set of policy rules but does not disclose “automatically causing the network component to revert to the most-recent authenticated configuration”. Examiner directs to Pernicha for “policy rules can be automatically modified or deleted to maintain consistency and automatically optimize the updated set of policy rules, including deleting the updated policy rules, i.e., revert back to previous version [by deleting the later additional rules]. See Column 8 lines 18 – 42. Applicant’s arguments are not persuasive and Examiner maintains the prior art rejection for claim 2. With respect to Claim 3, Applicant agrees that Pernicha teaches “optimizing an updated set of policy rules” but argues Pernicha does not disclose “identifying a network component within a network infrastructure, wherein the network component operates with a current configuration of network security parameters; periodically accessing the current configuration of network security parameters for the network component”. Examiner respectfully disagrees and directs to Pernicha teachings for existing rules modified/updated to current rules and managing thru’ optimization module to retrieve information regarding current set of policy rules [that differs from the most recent set of policy rules] and that the optimization is performed in the real-time based on flow of traffic. See Fig.1 and associated text. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 3. With respect to Claim 4, Applicant argues that Pernicha does not disclose “automatically remediating the identified network security parameter includes automatically replacing the current value of the identified network security parameter with the authenticated value of the identified network security parameter”, Examiner respectfully disagrees and directs to Column 8 lines 25 – 37 and Column 15 lines 46 – 53, where Pernicha discloses “updating policy rules based on predetermined or configurable parameters including priority setting, policy rules along with evaluating valid [authenticated] security policy. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 4. With respect to Claim 5, Applicant reiterates the rejection, however does not provide any remarks. With respect to Claims 6 and 7, Applicant argues that Pernicha does not teach “most-recent authenticated configuration” and “identifying that the current configuration includes a new firewall rule that is not included in the most-recent authenticated configuration”. Examiner respectfully disagrees and directs to Pernicha teachings for existing rules modified/updated to current rules and managing thru’ optimization module to retrieve information regarding current set of policy rules [that differs from the most recent set of policy rules] and that the optimization is performed in the real-time based on flow of traffic. See Fig.1 and associated text. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claims 6 – 7. With respect to Claim 8, Applicant argues that Pernicha does not teach “monitoring a volume of the network traffic that is accepted only as a result of the new firewall rule” or “throttling, filtering or blocking the network traffic in response to detecting a sudden burst in the volume of the network traffic”. Examiner respectfully disagrees and directs to Summary; Fig.2 and the associated text; Column 15 lines 46 – 53 for teaching of Pernicha for “monitoring a volume of the network traffic that is accepted only as a result of the new firewall rule and filtering traffic flow”, “blocking traffic flow” and protecting or controlling [throttling] network traffic to enforce network traffic/flow policy rules. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 8. With respect to Claim 9, Applicant argues that Pernicha does not disclose “most-recent authenticated configuration of the network component” and “network traffic that is accepted under a firewall rule included in the most-recent authenticated configuration of the network component”. Examiner respectfully disagrees and directs to the explanation under claims 6-7, rebuttal of Applicant’s remarks and further refers to Pernicha for “policy rules can be automatically modified or deleted to maintain consistency and automatically optimize the updated set of policy rules, including deleting the updated policy rules, i.e., revert back to previous version [by deleting the later additional rules]. See Column 8 lines 18 – 42” and details for network traffic that is accepted under a firewall rule in column 13 lines 1 - 7. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 9. With respect to Claim 12, Applicant argues that Pernicha does not disclose any type of history or log and does not disclose “a history of configuration changes entered by an authorized user”. Examiner respectfully disagrees and directs to Pernicha column 14 lines 25 – 45, “while rendering policy rules, they can be executed based on statistical and/or historical data”, the configuration based on priority rules can be assigned by the user/administrator [authenticated and authorized user]. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 12. With respect to Claim 13 and 14, Applicant argues that the limitations of claim 13 are directed to “updating the most-recent authenticated configuration of the network component” and in doing so “in response to detecting that the current configuration of the network component has been changed by an authorized user “ are not disclosed in the cited Column 15 lines 4 – 36 and 30-33; Examiner respectfully disagrees and informs “most-recent” & “current configuration” have been clarified in the claims #2 to 12 explanations, and further Pernicha discloses “the configuration based on priority rules by the administrator [authenticated or authorized user]”. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claims 13 – 14. With respect to Claim 15, Applicant argues that Pernicha does not disclose “most-recent authenticated configuration” that is separated from the “current configuration” and does not teach “a rule that allows use of an insecure protocol of communication with network component”. Examiner respectfully disagrees and informs “most-recent” & “current configuration” has been clarified in the claims #2 to 12 explanations, and further Pernicha discloses network policy to allow FTP access in Column 13 lines 8 – 10. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 15. With respect to Claim 16, Applicant argues that Pernicha does not “most-recent authenticated configuration” that is separated from the “current configuration” and does not teach “an elevated user privilege, a sudden DNS server change, or enabling a rule allowing an external Remote Desktop Protocol connection”. Examiner respectfully disagrees and informs “most-recent” & “current configuration” has been clarified in the claims #2 to 12 explanations, and further Pernicha discloses multiple parameters including user/administrator service, or any other such priority service (Fig.5 A- E; Column 18 lines 48 – 55 and Column 19 lines 6 – 20). Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 16. With respect to Claim 17, Applicant argues that Pernicha does not “most-recent authenticated configuration” that is separated from the “current configuration” and does not teach “automatically generating and sending an alert in response to identifying that the current configuration of the network component differs from the most-recent authenticated configuration of the network component”. Examiner respectfully disagrees and informs “most-recent” & “current configuration” has been clarified in the claims #2 to 12 explanations, and further Pernicha discloses network security device configured to automatically determine policy rules updates based on predetermined and preference setting, priority settings. Furthermore, updates for the rules are in response to received requests for adding new traffic rule/policy using secure communications (Column 7 lines 46 – 55 and Column 8 lines 25 – 37). Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 17. With respect to Claim 19, Applicant argues that Pernicha does not disclose “storing, for each of a plurality of network components in the network infrastructure, a record” and does not teach “an Internet Protocol Address, DNS name, component type, operating system type and operating system version”. Examiner respectfully disagrees and informs “storing parameters and/or attributes” of incoming and outgoing network traffic, such as IP based communication information, different operating environments (systems) information. Applicant’s arguments are not persuasive and Examiner maintains prior art rejection for claim 19. Examiner requests Applicant to reconsider the cited prior art as whole, and not just the cited paragraphs in the office action. The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure as the prior art additionally discloses certain parts of the claim features (See PTO 892, Notice of References cited). Additionally, Applicant is requested to review the allowable subject matter and consider amending the independent claims. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claim 7 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 7 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential structural cooperative relationships of elements, such omission amounting to a gap between the necessary structural connections. See MPEP § 2172.01. The omitted structural cooperative relationships are: In para [0020 – 0023], the instant specification discloses embodiments, where “automatically remediating the current configuration may include deleting the additional network security parameter”; “deleting the additional firewall rule” and “the operation of automatically remediating the current configuration of the network component may include initiating a software upgrade of the network component”, however, the instant specification does not disclose “automatically remediating the current configuration of the network component includes deleting the new firewall rule” (Emphasis added). Furthermore, the instant specification provides a clear separation/distinction between an “additional firewall rule” as “identified as having an additional network security parameter, such as an additional firewall rule” and a “new firewall rule” as “that is not present in the most-recent authenticated configuration”. Claim 7 is rejected by including in the respective parent claims for the prior art rejection below, upon amendment to distinctly claim the instant invention, the updated claims will be reviewed on their own merits, in the subsequent office action. Examiner suggests amending the claim to distinctly recite the Applicant’s instant invention from the instant specification, without introducing any new subject matter. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – Claims 1 – 9 and 12 - 20 are rejected under 35 U.S.C. 102(a) as being anticipated by US Patent Number 9,894,100, issued to Pernicha, “Dynamically optimized security policy management”. As per claims 1 and 20, Pernicha teaches, “identifying a network component within a network infrastructure, wherein the network component operates with a current configuration of network security parameters; periodically accessing the current configuration of network security parameters for the network component (Summary; Fig.1; Column 7 lines 7 – 10); accessing a most-recent authenticated configuration of network security parameters for the network component; identifying that the current configuration of the network component differs from the most-recent authenticated configuration of the network component (Summary; Fig.1; Column 7 lines 15 – 22, Column 8 lines 2 – 25); and automatically remediating the current configuration of the network component” (Column 8 lines 25 – 37). Dependent claims 2 – 9 and 12 – 19 are rejected by the virtue of their dependencies on the above rejected parent claim 1. As per claim 2, Pernicha further teaches, “wherein automatically remediating the current configuration of the network component includes automatically causing the network component to revert to the most-recent authenticated configuration” (Column 8 lines 25 – 37). As per claim 3, Pernicha further teaches, “wherein identifying that the current configuration of the network component differs from the most-recent authenticated configuration of the network component includes identifying, for one or more of the network security parameters, that the network security parameter has a current value that differs from an authenticated value of the network security parameter in the most-recent authenticated configuration, and wherein automatically remediating the current configuration of the network component includes automatically remediating the identified network security parameter” (Column 8 lines 25 – 37 and Column 15 lines 4 – 36, user/administrator confirmed and approved rule changes taking affect). As per claim 4, Pernicha further teaches, “wherein automatically remediating the identified network security parameter includes automatically replacing the current value of the identified network security parameter with the authenticated value of the identified network security parameter” (Column 8 lines 25 – 37 and Column 15 lines 46 – 53). As per claim 5, Pernicha further teaches, “determining whether the current configuration of the network component causes a network security vulnerability, wherein automatically remediating the current configuration of the network component includes initiating a software upgrade of the network component in response to determining that the current configuration of the network component causes a network security vulnerability” (Column 8 lines 25 – 37 and Column 15 lines 46 – 53). As per claim 6 and 7, Pernicha further teaches, “wherein identifying that the current configuration of the network component differs from the most-recent authenticated configuration of the network component includes identifying that the current configuration includes a new firewall rule that is not included in the most-recent authenticated configuration, and wherein the new firewall rule accepts network traffic that is rejected by firewall rules set out in the most-recent authenticated configuration of the network component” (Summary; Fig.2 and the associated text; Column 15 lines 46 – 53). As per claim 8, Pernicha further teaches, “monitoring a volume of the network traffic that is accepted only as a result of the new firewall rule; and throttling, filtering or blocking the network traffic in response to detecting a sudden burst in the volume of the network traffic” (Summary; Fig.2 and the associated text; Column 15 lines 46 – 53). As per claim 9, Pernicha further teaches, “prioritizing network traffic that is accepted under a firewall rule included in the most-recent authenticated configuration of the network component” (Column 15 lines 46 – 53). As per claim 12, Pernicha further teaches, “wherein identifying that the current configuration of the network component differs from the most-recent authenticated configuration of the network component includes: accessing a change management record including a history of configuration changes entered by an authorized user (Column 14 lines 25 – 45); and determining that at least one of the network security parameters of the current configuration for the network component are not included the change management record” (Column 14 lines 45 – 50). As per claims 13 and 14, Pernicha further teaches, “updating the most-recent authenticated configuration of the network component in response to detecting that the current configuration of the network component has been changed by an authorized user” (Column 15 lines 4 – 36, user/administrator confirmed and approved rule changes taking affect). As per claim 15, Pernicha further teaches, “wherein the identified difference between the current configuration and the most-recent authenticated configuration of the network component is a rule that allows use of an insecure protocol of communication with network component” (Column 7 lines 15 – 22, Column 8 lines 2 – 25 and Column 13 lines 8 – 10). As per claim 16, Pernicha further teaches, “wherein the identified difference between the current configuration and the most-recent authenticated configuration of the network component is an elevated user privilege, a sudden DNS server change, or enabling a rule allowing an external Remote Desktop Protocol connection” (Fig.5 A- E; Column 18 lines 48 – 55 and Column 19 lines 6 – 20). As per claim 17, Pernicha further teaches, “automatically generating and sending an alert in response to identifying that the current configuration of the network component differs from the most-recent authenticated configuration of the network component, wherein the alert is an email message directed to an administrative person, a Short Message Service message directed to the administrative person, or a work ticket entry in a ticketing system” (Column 8 lines 25 – 37). As per claim 18, Pernicha further teaches, “wherein the network component is a firewall selected from a perimeter network firewall, software defined firewall, application layer firewall, operating system layer firewall, and hypervisor firewall” (Column 9 lines 46 – 51). As per claim 19, Pernicha further teaches, “storing, for each of a plurality of network components in the network infrastructure, a record including an Internet Protocol Address, DNS name, component type, operating system type and operating system version” (Fig.5; Column 18 lines 48 – 55). Examiner has cited portions and particular paragraphs (or, columns and line numbers) from the prior art applied to the claims above for the convenience of the Applicant. Applicant is advised to review the prior art to incorporate all of the embodiments disclosed, background information provided in the reference, along with the related art description, in formulating a response to this office action. Allowable Subject Matter Claim 10 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is an examiner’s statement of reasons for allowance: Pernicha teaches the limitations of parent claims 1 and 6 as described and rejected in this office action, however, Pernicha does not explicitly disclose “monitoring a volume of the network traffic that is accepted only as a result of the new firewall rule; searching a security advisory database to determine whether there is a security advisory record identifying a vulnerability associated with the new firewall rule and suggesting a software upgrade; and initiating the suggested software upgrade of the network component in response to determining that the security advisory database includes a security advisory record identifying a vulnerability associated with the new firewall rule”. Claim 11 is allowed by the virtue of its dependence on the indicated allowable subject matter in claim 10. Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.” Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to PRAMILA PARTHASARATHY whose telephone number is (571)272-3866. The examiner can normally be reached Mon-Fri: 7AM - 2PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hadi Armouche can be reached at (571)270-3618. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /PRAMILA PARTHASARATHY/Primary Examiner, Art Unit 2409