DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continuation
This application is a continuation application of US 15/920,049 (filed on Mar. 13, 2018 – now US Patent No. 12,261,887). The prosecution history and references cited in the above application have been fully considered.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-8, 10-17, 19-26, and 28-35 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3, 6, 10, 11, 13, and 14 of U.S. Patent No. 12,261,887. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims 1-8 of the instant application are anticipated by claims 1-3, 6, 10, 11, 13, and 14 of the conflicting patent. Furthermore, claims 10-17, 19-26, and 28-35 are directed to a non-transitory computer-readable medium, an apparatus, and a system, respectively, corresponding to the method of claims 1-8. Thus, the aforementioned claim sets only differ in scope, while reciting non-distinct subject matter, and would have been obvious variants to the method.
Claims 9, 18, 27, and 36 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 10, 19, and 28 of U.S. Patent No. 12,261,887 in view of US 2016/0173446 to Nantel. Claim 9 recites various examples of what the “network security status” may indicate. It was common in the art to provide customizable reports from threat monitoring. In [Nantel, ¶0039], customized reports (i.e., “network security status”) can include different attributes of threats, such as source-destination details of threats, action taken, and any other such parameters preferable by a network administrator. Thus, it would have been obvious to one having ordinary skill in the art to provide any desired details of threat monitoring reports to inform users of the status of a network. Claims 18, 27, and 36 are also rejected for the same combined reasons provided for claim 9 and their respective claim sets discussed earlier.
For example, refer to the following comparison table depicting how the method claims of the instant application are not distinct with corresponding method claims in the conflicting patent.
Instant Application (19/051728)
Conflicting Patent (12,261,887)
1. A method comprising:
1. A method comprising:
sending, by a computing device, a request to activate a network security service, on a network security service entity external to a gateway device, for a first network associated with the gateway device;
sending, by a computing device, a request to activate a network security service, on a network security service entity external to a gateway device, for a first network associated with the gateway device;
causing, by the computing device, activation of a security agent on the gateway device, wherein the security agent is configured to support the network security service;
sending, by the computing device to the gateway device, an instruction to activate a security agent configured to execute on the gateway device to support the network security service;
causing modification, of an application on a user device associated with the gateway device, with information indicative of activation of the network security service;
causing, after receiving an indication that the network security service has been activated, modification, of an application on a user device associated with the gateway device, with information indicative of activation of the network security service;
and receiving, by the computing device and from the network security service entity, an indication of a network security status associated with one or more devices connected to the first network.
and receiving, by the computing device and from the network security service entity, an indication of one or more network security threats associated with one or more devices connected to the first network.
2. The method of claim 1, further comprising: monitoring data traffic associated with the one or more devices connected to the first network;
2. The method of claim 1, further comprising: monitoring, after activation of the network security service, data traffic associated with the one or more devices connected to the first network;
and blocking, based on the monitoring and on the network security status, a device, of the one or more devices, from connecting to the gateway device.
and blocking, based on the monitoring and the indication of the one or more network security threats, a device, of the one or more devices, from connecting to the gateway device.
3. The method of claim 1, wherein the computing device is in a first cloud network in communication with the first network via the gateway device, and wherein the network security service entity is in a second cloud network linked to the first cloud network via the computing device.
3. The method of claim 1, wherein the computing device is in a first cloud network in communication with the first network via the gateway device, and wherein the network security service entity is in a second cloud network linked to the first cloud network via the computing device.
4. The method of claim 1, further comprising requesting the activated network security service to block unauthorized access from an external network to the one or more devices connected to the first network.
6. The method of claim 1, wherein the sending the request to activate the network security service comprises requesting the network security service to block unauthorized access from an external network to one or more devices connected to the first network.
5. The method of claim 1, further causing, based on the network security status, one or more of: directing a request from a device of the one or more devices to a resource; redirecting a request, for a resource, from a device of the one or more devices to a proxy for the resource; or blocking a request from a device of the one or more devices.
13. The method of claim 1, further comprising sending, by the computing device to the gateway device, information for determining whether a request, from a second computing device to the gateway device, for a resource, should be: directed to the resource, redirected to a proxy of the resource; or blocked.
6. The method of claim 1, further comprising causing output, via the user device, of an interface indicating an option to perform one or more of:
10. The method of claim 1, further comprising causing output, via the user device, of an interface indicating an option to perform one or more of:
allowing access to a blocked resource, or downloading or updating software on a device of the one or more devices.
allow access to a blocked resource, or download or update software on a device of the one or more devices.
7. The method of claim 1, further comprising causing output, via the user device, of an interface indicating an option to view one or more of:
11. The method of claim 1, further comprising causing output, via the user device, of an interface indicating an option to view one or more of:
devices associated with a quantity of network security threats, one or more locations of the one or more devices, or network security statuses associated with similar premises to a premises associated with the gateway device.
devices associated with a quantity of network security threats, one or more locations of the one or more devices associated with the one or more network security threats, or quantities of network security threat associated with similar premises to a premises associated with the gateway device.
8. The method of claim 1, wherein the network security service is configured to, based on being activated for the first network, perform one or of more of:
14. The method of claim 1, wherein the network security service is configured to, based on being activated for the first network, perform one or of more of:
content access control; intrusion detection; intrusion prevention; device fingerprinting; or device intelligence.
content access control; intrusion detection; intrusion prevention; devices fingerprinting; or device intelligence.
Allowable Subject Matter
There are currently no prior art rejections to the claims. References with an * are cited in the IDS filed 7/07/2025.
The most relevant prior arts are Yin (US 2014/0366118*) and Barnes et al. (US 2015/0087258*).
Yin is directed to a cloud-based logging service for user. Yin discloses one or more computing device 102 (i.e., the claimed “a computing device”) that enables a user or network administrator to access a graphical interface of a network security gateway appliance 108 (i.e., the claimed “gateway device”). Through this interface, the user can request a cloud-based logging service 118 (i.e., the claimed external “network security service”), through the network security gateway appliance, to enable logging services. See [0038]. However, such disclosure in Yin is the extent of the computing devices functionality and features. In contrast to the features of independent claims 1, 10, 19, and 28, Yin fails to disclose, teach, or reasonably suggest each and every limitation of the independent claims.
Barnes discloses a user device executing a monitor application that interacts with a remotely executed monitoring service. A user can active the monitoring service (“network security service”) through the monitor application (i.e., an “application on a user device”). See [0005] & [0085]. However, Barnes is not reasonably considered as analogous art by one having ordinary skill in the art. According to Barnes, event data obtained by the monitor application is provided via a network 104 to a server computer hosting the monitoring service. Furthermore, the event data is applied in the context of monitoring the physical safety of a user of a mobile device that includes data such as state information in proximity of the user device, location information, or the like [0030]. Therefore, there is no gateway appliance/agent associated with a “first” network, nor is the scope of Barnes directed to providing network security services or requesting network resources. Hence, combining the teachings of Yin and Barnes would be impossible and/or non-obvious to one having ordinary skill in the art. See also the BACKGROUND section of Barnes.
Other relevant prior arts to the scope of the claimed invention include:
Chen (US 2016/024811*) discloses provisioning security services by a cloud computing system to tenants (see Abstract).
Dilley et al. (US 2011/022564*) discloses a cloud-based firewall system and service that is provided to customers in conjunction with a content delivery network (see Abstract).
Ferris et al. (US 2011/0295727) discloses a user, application, process, and/or service that can initiate a usage monitoring service, such as by accessing an access-controlled Web site/portal. The usage monitoring service is an external server from a set of host clouds to be monitored (see [0029]-[0030] & [0039]).
Tripathi et al. (US 2008/0320548) discloses a proxy or a component that is external from a subject network services component can be enabled for monitoring. The monitoring includes virus scan (see [0034]).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROBERT B LEUNG whose telephone number is (571)270-1453. The examiner can normally be reached Mon - Thurs: 10am-7pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG KIM can be reached at 571-272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ROBERT B LEUNG/Primary Examiner, Art Unit 2494