Prosecution Insights
Last updated: July 17, 2026
Application No. 19/207,722

Methods and Systems for Efficient Cybersecurity Policy Enforcement on Network Communications

Non-Final OA §103
Filed
May 14, 2025
Priority
May 23, 2023 — provisional 63/468,401 +3 more
Examiner
DEBNATH, SUMAN
Art Unit
Tech Center
Assignee
Centripetal Networks LLC
OA Round
1 (Non-Final)
75%
Grant Probability
Favorable
1-2
OA Rounds
2y 10m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 75% — above average
75%
Career Allowance Rate
310 granted / 413 resolved
+15.1% vs TC avg
Strong +33% interview lift
Without
With
+33.0%
Interview Lift
resolved cases with interview
Typical timeline
4y 0m
Avg Prosecution
9 currently pending
Career history
424
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
84.8%
+44.8% vs TC avg
§102
11.9%
-28.1% vs TC avg
§112
1.5%
-38.5% vs TC avg
Black line = Tech Center average estimate • Based on career data from 413 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim 1 is pending in this application. Information Disclosure Statement The information disclosure statement (IDS) submitted on 05/14/2025. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim 1 is rejected under 35 U.S.C. 103 as being unpatentable over Teplitsky (US 2003/0161272 A1) in view of Bansal et al. (US 9,215,214 B2) (hereinafter, “Bansal”). As to claim 1, Teplitsky discloses a method comprising: receiving … policy comprising a plurality of rules (“… rules for packet processing are presented to a networking device in priority order. These rules may be presented to the networking device through an interface such as a Command Line Interface, or CLI. Alternatively, the rules may be presented by one or more software applications; these software applications may, in some embodiments, reside at least partially on the networking device itself.” -e.g., see, Teplitsky: [0006]; see also: “… loading a set of prioritized classification rules for classifying network traffic, wherein the set of prioritized rules is listed in an priority ordering, and the set of prioritized rules include a plurality of values, each of the plurality of values corresponding to a parameter used to identify packets;” -e.g., see, claim 1 of Teplitsky; see also: “… prior to loading the set of prioritized rules, receiving the set of prioritized rules from a command line interface.” -e.g., see, claim 4 of Teplitsky; see also: “… a series of prioritized rules 200 are presented to the networking device 100 via the CLI; these rules are presented in order of priority, such that when a packet arrives at the Networking Device from an external interface, the headers of the packet are matched against the rules in the order of priority.” -e.g., see, Teplitsky: [0015]; herein, Teplitsky: teaches a set of classification rules comprising a plurality of rules. These rules are received/loaded (via CLI or a networking application) for classifying/filtering network traffic (i.e., determining how packets are handled in a network security/packet filtering context)); selecting a data structure for searching for rule identifiers of rules, of the plurality of rules, applicable to received packets (“… the forwarding layer includes hardware and/or software designed to perform longest match searches on packets. The prioritized rules are converted into a data structure for the forwarding layer, which may include one or more longest match trees; this transformation ensures that for any given packet entering the networking device, a longest match search performed by the forwarding layer on the data structure is equivalent to a priority order search on the prioritized rules.” -e.g., see, Teplitsky: [0007]; see also: “Embodiments of the invention supplement the Longest Match Tree 300 with Virtual Trees; each of the filters 300 302 304 306 may include one or more Virtual Trees, and each Virtual Tree may be identified by a distinct Virtual Tree Number.” -e.g., see, Teplitsky: [0023]; see also: “When a packet arrives at the forwarding layer 104, a longest match search of the headers of the packet is performed against the Longest Match Tree (LMT) 300. If a value in the LMT is matched, then a corresponding action is taken.” -e.g., see, Teplitsky: [0025]; see also: “… wherein each virtual tree includes one or more entries, the one or more entries including the value, and a pointer, the pointer pointing to one of another virtual tree and an instruction; such that longest match searches performed on the one or more longest match trees are identical to prioritized searches on the set of classification rules.” -e.g., see, claim 1 of Teplitsky; herein, Teplitsky teaches the reference selects (converts) to and employs longest match trees (supplemented with virtual trees) as the data structure specifically for the forwarding layer. These searches on the data structure identify the applicable rules (via longest-match matching on packet header values/fields), thereby determining which rules from the plurality apply to received packets); and populating the selected data structure base on the plurality of rules (“Embodiments of the invention include algorithms to convert the prioritized rules in the Rules Database 200 to populate Virtual Trees in the Longest Match Tree 300. This ensures that for any given packet entering the forwarding layer 104, longest match searches on the Longest Match Tree 300 produce isomorphic results to a search through the prioritized Rules Database.” -e.g., see, Teplitsky: [0027]; see also: “… populating the one or more longest match trees including inserting a plurality of virtual trees in the one or more longest match trees, each virtual tree of the plurality of virtual trees corresponding to a value from the plurality of values, wherein each virtual tree includes one or more entries, the one or more entries including the value, and a pointer, the pointer pointing to one of another virtual tree and an instruction;” -e.g., see, claim 1 of Teplitsky; herein, Teplitsky teaches longest match trees are populated directly from and based on the plurality of prioritized classification rules. The population process inserts rule driven values and pointers into the data structure so that subsequent searches on received packets produce results equivalent to searching the original policy rules). Teplitsky doesn’t explicitly disclose “cybersecurity policy” being received. However, in analogous art, Bansal discloses receiving cybersecurity policy comprising a plurality of rules (“… the process initially receives (at 605) the identity of the set of AppliedTo firewall rules that have been added to the high-level data storage. These rules may be specified in terms of high-level AppliedTo identifiers (e.g., high-level compute constructs, network constructs, and/or security groups) or low-level AppliedTo identifiers (e.g., VNIC and wildcard values).” -e.g., see, Bansal: Fig. 6, col. 16, lines 12-41; see also: “… from a controller, receiving a plurality of firewall rules that includes a first set of firewall rules for enforcing on packets of a first set of data end nodes connected to the firewall enforcing device and a second set of firewall rules for enforcing on packets of a second set of data end nodes not connected to the firewall enforcing device;” -e.g., see, claim 1 of Bansal; herein, Bansal teaches a plurality (sets) of firewall rules received from the controller constitute the cybersecurity policy comprising a plurality of rules; the enforcing device receives the rules (policy) and generates custom local firewall data stores/tables from them for packet enforcement). Therefore, it would have obvious to one of ordinary skill in the art before the effective filing date of the invention was to modify the teaching of Teplitsky as taught by Bansal in order to provide efficient, scalable policy enforcement in virtualized environments with dynamic provisioning and headless operation. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUMAN DEBNATH whose telephone number is (571)270-1256. The examiner can normally be reached Mon-Fri; 9:00am-5:00pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. SUMAN DEBNATH Patent Examiner Art Unit 2495 /S.D/Examiner, Art Unit 2495 /FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495
Read full office action

Prosecution Timeline

May 14, 2025
Application Filed
Jun 26, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12670807
METHOD AND SYSTEM FOR EVALUATING INDIVIDUAL AND GROUP CYBER THREAT AWARENESS
2y 2m to grant Granted Jun 30, 2026
Patent 12665879
SECURITY GROUP RESOLUTION AT INGRESS ACROSS VIRTUAL NETWORKS
1y 8m to grant Granted Jun 23, 2026
Patent 12639732
CENTRALIZED GATEWAY SERVER FOR PROVIDING ACCESS TO SERVICES
3y 9m to grant Granted May 26, 2026
Patent 12639446
PROTECTING SOFTWARE DEVELOPMENT ENVIRONMENTS FROM MALICIOUS ACTORS
3y 8m to grant Granted May 26, 2026
Patent 12639418
COMPUTER SYSTEM, SERVICE PROCESSING METHOD, READABLE STORAGE MEDIUM, AND CHIP
3y 6m to grant Granted May 26, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
75%
Grant Probability
99%
With Interview (+33.0%)
4y 0m (~2y 10m remaining)
Median Time to Grant
Low
PTA Risk
Based on 413 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month