DETAILED ACTION
The amendment to Application Ser. No. 18/511,918 filed on December 14, 2025, has been entered. Claims 5, 6, 12, 13, 19 and 20. Claims 1, 8 and 15 are currently amended. Claims 1-4, 7-11 and 14-18 are pending and are examined.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Response to Arguments
The arguments with respect to the rejection of Claims 1-4, 7-11 and 14-18 under 35 U.S.C. 112(b) have been fully considered by the Examiner but are moot in view of the new grounds of rejection under 35 U.S.C. 112(b), necessitated by the amendment, set forth in this Office Action.
The arguments with respect to the rejection of Claims 1-4, 7-11 and 14-18 under 35 U.S.C. 103 have been fully considered by the Examiner but are not persuasive. Specifically, on page 12 of the response filed December 14, 2025, Applicant argues, “All claims are in condition for allowance over the combination of teachings in Kaciulis, Burks, Pilkauskas and Ademiluyi.”
The Examiner respectfully disagrees. The features of the amended claims are disclosed by the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi as shown in the updated grounds of rejection under 35 U.S.C. 103, necessitated by the amendment, set forth in this Office Action.
Claim Rejections - 35 USC § 112(b)
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 1-4, 7-11 and 14-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the limitation “determine the attempt to establish the data session failed” in line 6. There is insufficient antecedent basis for the terms “the attempt” and “the data session” in the claims.
Additionally, Claim 1 recites the limitation “assigning, by the VPN server, a first proxy device and a second proxy device to perform a data exchange with the remote server for the first data session, wherein the first proxy device is assigned for a limited period of time and for a limited amount of data and the second proxy device is assigned for another limited period of time and for another limited amount of data” in lines 12-17. The relationship between “a first proxy device and a second proxy device” that are assigned by the VPN server “to perform a data exchange with the remote server” and “proxy devices registered in a list” selected by the VPN server “to provide data connections to the remote server” is unclear, rendering the claim indefinite. Are the assigned proxy devices the same proxy devices or a subset of the selected proxy devices?
Dependent Claims 2-4 and 7 are rejected for the reasons presented above with respect to rejected Claim 1 in view of their dependence thereon.
For examination purposes, the terms “the attempt” and “the data session” are interpreted as “an attempt” and “the first data session”, respectively, and the term “a first proxy device and a second proxy device” is interpreted as “a first proxy device and a second proxy device of the selected proxy devices”.
Insofar as they recite similar claim elements, Claims 8 and 15 are rejected for substantially the same reasons presented above with respect to Claim 1.
Dependent Claims 9-11, 14, and 16-18 are rejected for the reasons presented above with respect to rejected Claims 8 and 15 in view of their dependence thereon.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, 8-10 and 15-17, as best understood, are rejected under 35 U.S.C. 103 as being unpatentable over Kaciulis et al., Pub. No. US 2022/0311695 A1, hereby “Kaciulis”, in view of Burks et al., Pub. No. US 2015/0351145 A1, hereby “Burks”, in further view of Pilkauskas et al., Pat. No. US 11,553,058 B1, hereby “Pilkauskas”, and in view of Ademiluyi et al., Pat. No. US 11,394,694 B1, hereby “Ademiluyi”.
Regarding Claim 1, Kaciulis discloses “A method (Kaciulis figs. 5A-5D and paragraphs 28-30 and 142: a method for routing traffic dynamically through different VPN servers based on specific criteria or strategies) comprising:
receiving a data session request at a VPN server from a client device to establish a data session to receive data from a remote server (Kaciulis figs. 1 and 5A and paragraphs 61 and 149-150: VPN gateway 106 of primary VPN server (PVPNS) 104 receives a request to access Target One 130, i.e., a remote server, from User Device 102);” and
“selecting by the VPN server, proxy devices registered in a list to provide respective data connections to the remote server, wherein the proxy devices are selected based on one or more data session requirements associated with the first data session... (Kaciulis figs. 1 and 5A-5C and paragraphs 29, 66, 102, 107, 144, 150-156 and 171-176: VPN gateway 106 selects, from a list of VPN servers available for connection, secondary VPN server (SVPNS) One 122 and SVPNS Two 124 to act as exit VPN servers, i.e., proxy devices, for exchanging session data between User Device 102 to Target One 130 at different times during the session, wherein the selection is made by considering several factors, e.g., latency requirements of the requested service or application);
assigning, by the VPN server, a first proxy device and a second proxy device to perform a data exchange with the remote server for the first data session... (Kaciulis figs. 1 and 5A-5C and paragraphs 29, 150-156 and 171-176: based on the selections of VPN gateway 106, requests and responses are first routed between User Device 102 and Target One 130 via SVPNS One 122 (Fig. 5A, steps 509-519) and later routed between User Device 102 and Target One 130 via SVPNS Two 124 (Figs. 5B-5C, steps 533-543));
receiving, at the VPN server, the data from the remote server based on the data exchange (Kaciulis figs. 5A and 5C and paragraphs 153-154 and 174-175: SVPNS One 122 and SVPNS Two 124 forward the data received from Target One 130 to VPN Gateway 106);
receiving a second data session request at the VPN server from the client device to establish a second data session to receive data from another remote server (Kaciulis fig. 5D and paragraphs 178-179: VPN gateway 106 of primary VPN server (PVPNS) 104 receives a request to access Target Two 132, i.e., another remote server, from User Device 102);” and
“forwarding, via the VPN server, the data from the first data session and the second data session to the client device (Kaciulis figs. 5A-5D and paragraphs 154-155, 175-176 and 182-183: VPN Gateway 106 returns the request data received from Target One 130 and Target Two 132 to User Device 102).”
However, while Kaciulis discloses selecting an exit VPN server, e.g., SVPNS One or SVPNS Two, for exchanging session data between the target server and the user device in response to receiving the request from the user device (Kaciulis paragraphs 116 and 135), Kaciulis does not explicitly disclose “transmitting data from the VPN server to the remote server in an attempt to establish the data session with the VPN server;
determining the attempt to establish the data session failed;” and
“transmitting a second data request from the VPN server to the another remote server without using a registered proxy device”.
In a related field of endeavor, Burks discloses “transmitting data... to the remote server in an attempt to establish the data session... (Burks figs. 5 and 6 and paragraphs 14, 70 and 72: in step 608, controller 502 first attempts to establish a direct connection with accessory 504 by sending a message directly to accessory 504);
determining the attempt to establish the data session failed (Burks figs. 5 and 6 and paragraphs 70-71 and 74: controller 502 establishes an indirect communication path with accessory 504 via proxy 510 in response to determining the attempt to establish a direct connection with accessory 504 is unsuccessful);” and
“transmitting a... data request... to the another remote server without using a registered proxy device (Burks figs. 5 and 6 and paragraphs 70-71 and 74: controller 502 communicates directly with accessory 504 when the direct connection is successfully established).”
It would have been obvious to one of ordinary skill in the art at the time of the effective filing to modify the method of Kaciulis to select an exit VPN server for establishing a connection to the target server when an attempt to establish a direct connection with the remote server is unsuccessful as taught by Burks. One of ordinary skill in the art would have been motivated to combine selecting an exit VPN server for establishing a connection to the target server when an attempt to establish a direct connection with the remote server is unsuccessful to enforce a preference for utilizing a direct connection when available (Burks paragraph 70).
However, while Kaciulis discloses selecting the Exit VPN server by considering several factors, e.g., latency requirements associated with the requested service or application (Kaciulis figs. 1 and 2A and paragraphs 26, 66, 81 and 107), the combination of Kaciulis and Burks does not explicitly disclose “selecting by the VPN server, proxy devices registered in a list to provide respective data connections to the remote server, wherein the proxy devices are selected based on one or more data session requirements associated with the first data session and based on available data connections associated with the respective proxy devices (emphasis added)”.
In the same field of endeavor, Pilkauskas discloses selecting an exit node for routing a request from a client device to a target server or endpoint based on connections associated with the exit node (Pilkauskas figs. 1A; column 3, lines 41-57; column 7, lines 45-67; and column 8, lines 29-49: metadata manager 172 selects an appropriate exit node 130 to establish a session with target 132 based in part on the health and status of the connections of the exit node).
It would have been obvious to one of ordinary skill in the art at the time of the effective filing to modify the method of Kaciulis, as modified by Burks, to select the Exit VPN server based in part on the health and status of connections associated with the Exit VPN server as taught by Pilkauskas. One of ordinary skill in the art would have been motivated to combine selecting the Exit VPN server based in part on the health and status of connections associated with the Exit VPN server to ensure selection of an Exit VPN server that meets requirements of the requested service or application.
However, while Kaciulis discloses selecting different exit VPN servers, e.g., SVPNS One and SVPNS Two for exchanging session data between the target server and the user device at different times (Kaciulis paragraphs 116, 122, 135 and 141), the combination of Kaciulis, Burks and Pilkauskas does not explicitly disclose “assigning, by the VPN server, a first proxy device and a second proxy device to perform a data exchange with the remote server for the first data session, wherein the first proxy device is assigned for a limited period of time and for a limited amount of data and the second proxy device is assigned for another limited period of time and for another limited amount of data (emphasis added)”.
In the same field of endeavor, Ademiluyi discloses selecting, by a proxy manager, multiple proxies to facilitate a data exchange with a destination device based on a request received from a source device, wherein the selected proxies forward traffic between the source device and the destination device at separate, i.e., non-overlapping, times based on time or use constraints (Ademiluyi figs. 4-5; column 3, lines 55-65; column 6, lines 3-14 and column 6, line 47 through column 7, line 2: proxy manager 404 selects multiple proxies, e.g., proxies 422 and 424, for exchanging traffic between source network device 402 and destination network device 414, wherein the selected proxies are used at separate times to forward traffic between source network device 402 and destination network device 414 based on a proxy disposal trigger comprising a time or use constraint).”
It would have been obvious to one of ordinary skill in the art at the time of the effective filing to modify the method of Kaciulis, as modified by Burks and Pilkauskas, to use different exit VPN servers to exchange traffic with the target server at separate times as taught by Ademiluyi. One of ordinary skill in the art would have been motivated to combine use different exit VPN servers to exchange traffic with the target server at separate times to protect the privacy of the user device (Ademiluyi column 2, line 67 through column 3, line 7).
Regarding Claim 2, the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi discloses all of the limitations of Claim 1.
Additionally, Kaciulis discloses “wherein the selecting the proxy devices further comprises selecting the proxy devices which are located closest to the remote server (Kaciulis figs. 1 and 5A and paragraphs 26, 107 and 150: VPN gateway 106 may select exit VPN servers that are closest to Target One 130).”
Regarding Claim 3, the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi discloses all of the limitations of Claim 1.
Additionally, Kaciulis discloses “wherein the data session requirements comprise one or more of threshold rates comprising one or more of a data rate, a jitter rate and a latency rate (Kaciulis figs. 1 and 4A and paragraphs 26, 66, 107, 150, 159 and 165-166: the factors considered when selecting an exit VPN server for routing the request may include latency requirements of the requested service or application).”
Insofar as it recites similar claim elements, Claim 8 is rejected for substantially the same reasons presented above with respect to Claim 1.
Additionally, Kaciulis discloses “An apparatus (Kaciulis figs. 1 and 7 and paragraphs 50 and 240: computing system 700 implementing primary VPN server (PVPNS) 104) comprising
a receiver configured to receive a first data session request from a client device to establish a first data session to receive data from a remote server (Kaciulis figs. 1 and 7 and paragraphs 50, 81 and 244: a network adapter coupled to computing system 700);
a processor configured to... (Kaciulis figs. 1 and 7 and paragraphs 50 and 240-243: one or more processors 702)”.
Insofar as it recites similar claim elements, Claim 9 is rejected for substantially the same reasons presented above with respect to Claim 2.
Insofar as it recites similar claim elements, Claim 10 is rejected for substantially the same reasons presented above with respect to Claim 3.
Insofar as it recites similar claim elements, Claim 15 is rejected for substantially the same reasons presented above with respect to Claim 1.
Additionally, Kaciulis discloses “A non-transitory computer readable storage medium configured to store instructions... (Kaciulis fig. 2A and 7 and paragraphs 28, 75 and 240-242: computer readable medium 706 comprising executable instructions implementing a method for routing traffic dynamically through different VPN servers based on specific criteria or strategies)”.
Insofar as it recites similar claim elements, Claim 16 is rejected for substantially the same reasons presented above with respect to Claim 2.
Insofar as it recites similar claim elements, Claim 17 is rejected for substantially the same reasons presented above with respect to Claim 3.
Claims 4, 11 and 18, as best understood, are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi in view of Paralikar et al., US 2021/0234919 A1, hereby “Paralikar”.
Regarding Claim 4, the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi discloses all of the limitations of Claim 3.
However, while Kaciulis discloses routing the request to the most suitable exit VPN server based on factors including server location, performance history, bandwidth limitations and request processing functionality (Kaciulis paragraph 26), the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi does not explicitly disclose “monitoring, via the VPN server, the proxy devices for a period of time;
identifying the first proxy device which is operating within an acceptable range of the one or more threshold rates; and
assigning the first proxy device to the data session.”
In the same field of endeavor, Paralikar discloses “monitoring... the proxy devices for a period of time (Paralikar figs. 2A and 4B and paragraphs 49-50, 61-62 and 69-71: management server 215 aggregates current performance telemetry data received from a plurality of proxy devices 205 with previous performance telemetry data to generate a performance map);
identifying the first proxy device which is operating within an acceptable range of the one or more threshold rates (Paralikar figs. 2A and 4B and paragraphs 47, 60-61 and 72-73: cloud proxy service 225 uses the performance map to identify proxy devices 205 that meet the characteristics of the requested application); and
assigning the first proxy device to the data session (Paralikar figs. 2A and 4B and paragraphs 47, 61 and 72-73: cloud proxy service 225 selects the proxy device 205 that has optimal characteristics for the requested application to serve as the intermediary for the flow between client device 220 and application server 210).”
It would have been obvious to one of ordinary skill in the art at the time of the effective filing to modify the method of Kaciulis, as modified by Burks, Pilkauskas and Ademiluyi, to select the exit VPN server from the plurality of exit VPN servers based on performance telemetry data received from the plurality of exit VPN servers as taught by Paralikar. One of ordinary skill in the art would have been motivated to combine selecting the exit VPN server from the plurality of exit VPN servers based on performance telemetry data received from the plurality of exit VPN servers to provide the most optimal experience for current network conditions (Paralikar paragraphs 43 and 45).
Insofar as they recite similar claim elements, Claims 11 and 18 are rejected for substantially the same reasons presented above with respect to Claim 4.
Claims 7 and 14, as best understood, are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi in view of Sahin et al., Pub. No. US 2016/0080505 A1, hereby “Sahin”.
Regarding Claim 7, the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi discloses all of the limitations of Claim 1.
However, while Kaciulis discloses routing the request to the most suitable exit VPN server based on factors including server location, performance history, bandwidth limitations and request processing functionality (Kaciulis paragraph 26), the combination of Kaciulis, Burks, Pilkauskas and Ademiluyi does not explicitly disclose “detecting the data session has ended; and
assigning a different proxy device to a next data session request.”
In a related field of endeavor, Sahin discloses “detecting the data session has ended (Sahin figs. 2 and 4 and paragraphs 59 and 66: load balancer 111 determines the session is terminated, e.g., by examining the headers of the session's packets); and
assigning a different proxy device to a next data session request (Sahin figs. 2 and 4 and paragraphs 54, 58-59, 63 and 66: load balancer 111 selects a server from server farm 170 when a new session is received, e.g., using round-robin or random selection - while not explicitly stated, it is understood that the server selected for the new session may be (indeed even likely to be) different from the server selected for a previous session).”
It would have been obvious to one of ordinary skill in the art at the time of the effective filing to modify the method of Kaciulis, as modified by Burks, Pilkauskas and Ademiluyi, to use round-robin or random selection to select from a plurality of equally suitable secondary VPN servers as taught by Sahin. One of ordinary skill in the art would have been motivated to combine using round-robin or random selection to select from a plurality of equally suitable secondary VPN servers to optimize resource use, maximize throughput, minimize response time and avoid overload of any one of the secondary VPN servers (Sahin paragraph 2).
Insofar as it recites similar claim elements, Claim 14 is rejected for substantially the same reasons presented above with respect to Claim 7.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office Action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM C MCBETH whose telephone number is (571)270-0495. The examiner can normally be reached on Monday - Friday, 8:00AM - 4:30PM ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached on 571-272-7304. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/WILLIAM C MCBETH/Examiner, Art Unit 2449
/VIVEK SRIVASTAVA/Supervisory Patent Examiner, Art Unit 2449