DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending.
Information Disclosure Statement
The IDS filed 4/3/2024 has been considered by the Examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over US PG Pub. No. 2023/0247087 to Nagaraja et al. (hereinafter Nagaraja) in view of US PG Pub. No. 2016/0034442 to Levy et al. (hereinafter Levy).
As to claims 1, 8, and 15, Nagaraja teaches creating a security gateway in a cloud service provider (CSP) (virtual routers (gateways) are created with virtual cloud networks (VCNs) in a CSP Infrastructure (CSPI)) (Nagaraja, [0068]). comprising:
a. Receiving one or more first user inputs in a security gateway creation user interface (UI) provided by a controller, wherein the one or more first user inputs includes account information for a CSP account and a region within the CSP in which the CSP in which the CSP account has deployed at least one virtualized network environment (customer creates, via a transceiver, a virtual network through the CSP user interface that includes a subscription/registration procedure within a region which can be further subdivided into available domains using processors) (Nagaraja, at least [0017, 0052, 0054, 0057, 0063, and 0324]).
b. Generating a security gateway within a region of the CSP using the received inputs (creation of VCN includes gateways) (Nagaraja, [0071]).
c. Querying, by the controller, the CSP using Application Programming Interfaces (APIs) to retrieve information about applications within the at least one virtualized network environment (various services (applications) are available to the customer through the multi-cloud control plane (MCCP)) (Nagaraja, at least [0048-0049] and figs. 6-17).
Nagaraja teaches security of the environment (Nagaraja, [0055]) but does not expressly mention indicating the status of the security. However, in an analogous art, Levy teaches:
d. Presenting a security status user interface that identifies the at least one virtualized network environment application configured in the CSP account and a respective status indicating whether the at least one virtualized network environment is protected by the security gateway (threat models are used to protect system resources and customer is alerted to breaches of the protection) (Levy, [0051-0051 and [0070]).
Therefore, one of ordinary skill in the art before the effective filing date of the instant invention would motivated to implement the protected virtual environment of Nagaraja with the notification of breaches of protection of Levy in order to better protect and warn the customer of breaches as suggested by Levy (Levy, [0052]).
Nagaraja as modified further teaches:
e. Receiving a second user input within the security status user interface, the second user input is effective to enable protection of the at least one virtualized network environment by the security gateway, wherein the second user input triggers the controller to configure the at least one virtualized network environment to create a connection to the security gateway and update routing tables to direct traffic to the security gateway (configuring of routing tables and other security rules are automatically set/updated upon creation of the VCN and do not require an active involvement of the customer) (Nagaraja, [0079-0082]).
As to claims 2, 9, and 16, Nagaraja as modified teaches the security status user interface further categorizes the at least one virtualized network environment into multiple gateway zones based on their functional dependencies or security requirements, allowing users to selectively apply security policies to respective virtualized network environments within specific zones (security lists and security rules are customizable by the customer and applied to different environments and zones (areas/regions)) (Nagaraja, [0080].
As to claims 3, 10, and 17, Nagaraja as modified teaches:
a. Detecting, through continuous monitoring of the CSP account, data originating from a new virtualized network environment not previously identified in the security gateway (creation of a new tenancy/account is detected) (Nagaraja, [0227]).
b. Presenting the new virtualized network environment in the security status user interface as not protected along with an option to protect the new virtualized network environment (configuring of routing tables and other security rules are automatically set/updated upon creation of the VCN and do not require an active involvement of the customer) (Nagaraja, [0079-0082]).
As to claims 4, 11, and 18, Nagaraja as modified Nagaraja as modified teaches:
a. Detecting, through continuous monitoring of the CSP account, data originating from a new virtualized network environment not previously identified in the security gateway (creation of a new tenancy/account is detected) (Nagaraja, [0227]).
b. Automatically, without further user interaction, enabling protection of the new virtualized network environment by the security gateway, wherein the controller configures the new virtualized network environment to create a second connection to the security gateway and update routing tables to direct traffic to the security gateway (created tenancy is automatically linked with other accounts and communication channels) (Nagaraja, [0228-0232]).
As to claims 5, 12, and 19, Nagaraja as modified teaches:
a. Monitoring the CSP to dynamically to learn of changes in the status of the application, the at least one virtualized network environments, and new applications and new virtualized network environments within the CSP account (update information including at least forwarding and routing tables to update configurations as necessary/required) (Nagaraja, [0081-0082 and 0282]).
b. Updating the security status user interface with the changes in the status and the new applications and new virtualized network environments (update information including at least forwarding and routing tables to update configurations as necessary/required) (Nagaraja, [0081-0082 and 0282]).
As to claims 6, 13, and 20, Nagaraja as modified teaches:
a. Presenting the application in the security status user interface as not protected along with an option to protect the application, wherein the application needs to be within a protected virtualized network environment in order to be protected by the security gateway (configuring of routing tables and other security rules are automatically set/updated to all entities upon creation of the VCN and do not require an active involvement of the customer) (Nagaraja, [0079-0082]). There is no option for applications to be “not protected”.
b. Receiving an input by the security status user interface to associate the application with a security policy, whereby network traffic to and from instances of the application will be inspected by the security gateway according to the security policy (security lists and security rules are customizable by the customer and applied to different environments and zones (areas/regions), but are not optional) (Nagaraja, [0080].
As to claims 7, 14, Nagaraja as modified teaches a security policy assigned to an active application is determined by evaluating the security information provided by the active application, taking into account factors such as data sensitivity, communication protocols, and one or more security vulnerabilities (configuring of routing tables and other security rules are automatically set/updated to all entities upon creation of the VCN and do not require an active involvement of the customer) (Nagaraja, [0079-0082]).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM S POWERS whose telephone number is (571)272-8573. The examiner can normally be reached M-F 7:30-17:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L Ortiz-Criado can be reached at (571) 272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/WILLIAM S POWERS/Primary Examiner, Art Unit 2496