DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment

Applicant’s amendment to claims 16-20 by adding “non-transitory” to the computer-readable device overcomes the 101 (CRM) rejection to claims 16-20.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 7-9, 12, 15-16, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Johnsen (US 20170214633 A1) in view of Jiang (US 20130097335 A1), and further in view of Perez (US 20120151210 A1).
Regarding claim 1, Johnsen teaches a method comprising:

defining allowable communications as being between hosts having different roles within the common subnet; ([0034] teach there is one active master subnet manager (e.g. first role) responsible for configuring, activating and maintaining (e.g. allowable communications) the IB subnet (e.g. devices in second role). [0035]:  the subnet manager exchanges control packets, which are referred to as subnet management packets (SMPs), with subnet management agents (SMAs). The subnet management agents reside on every IB subnet device.)
receiving a transmission request for a data packet, wherein the request includes identification of another host within the common subnet as a destination for the data packet; ()0036]: intra-subnet routing in an IB network can be based on linear forwarding tables (LFTs) stored in the switches. When a packet arrives at a switch, its output port is determined by looking up the DLID in the forwarding table of the switch. The routing is deterministic as packets take the same path in the network between a given source-destination pair (LID pair).)
evaluating the data packet transmission request based on the generated policy for the host; and ([0057]: in a partitioned subnet, nodes that are not members of a common data partition are not allowed to communicate.)
providing instructions to the switch based on the evaluation, wherein the provided instructions are configured to instruct the switch to transmit the data packet from the host to the 
Johnsen does not explicitly disclose receiving a notification from a switch that a host joined an enterprise network; assigning the host an address within a common subnet associated with the enterprise network.
However, Jiang teaches receiving a notification from a switch that a host joined an enterprise network; assigning the host an address within a common subnet associated with the enterprise network. ([0076]:  End host EH1 may send DHCP discovery request 112A to a client switch that is coupled to end host EH1 (e.g., client switch SW1). In response to receiving DHCP discovery request 112A, client switch SW1 may forward DHCP discovery request 112A to controller server 18. [0080]: In response to receiving controller-modified DHCP discovery request 112B, DHCP server S1 may allocate an available IP address to end host EH1 (e.g., an IP address that is not currently assigned to another end host or network device) and respond to the request by sending DHCP server offer reply packet 114 of FIG. 9C.) 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen to include above limitations. One would have been motivated to do so because to communicate with other end hosts, each end host must first obtain a corresponding IP address from the network. The forwarding of unnecessary DHCP requests can impact performance of switches in the network. It would therefore be desirable to be able to provide improved arrangements for performing address assignment to end hosts in a network. As taught by Jiang, [0004]-[0006].

However, Perez teaches in response to receiving the notification, validating the host is authorized to access the enterprise network; in response to the host being authorized to access the enterprise network, allow the host to join the enterprise network. ([0035]: Security access may be required before a device may join network, such as through access codes or passwords.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen and Jiang to include above limitations. One would have been motivated to do so because for security reasons, it is common for a network administrator to only allow authorized devices to join the network. 

Regarding claim 7, Johnsen, Jiang and Perez teach the method of claim 1.
Johnsen teaches receiving notification from the switch that the host disconnected from the common subnet of the enterprise network; unregistering generated policies related to the host that disconnected from the enterprise network; detecting that the host rejoined the enterprise network at a subsequent time period; re-assigning the host a new address within the common subnet associated with the enterprise network; and generating a new policy for the host at the subsequent time period that the host rejoined the enterprise network based on the new address, wherein the generated new policy includes re-assigning to the host the first role or the second role associated with the enterprise network. ([0037]: In a situation where a master subnet manager fails, however, a new master subnet manager is negotiated by the standby subnet managers. The master subnet manager also performs periodic sweeps of the subnet to detect any 

Regarding claim 8, Johnsen, Jiang and Perez teach the method of claim 1.
Johnsen teaches wherein the first role is that of a provider and the second role is that of a subscriber. ([0034]: The subnet manager (e.g. provider) is responsible for configuring, activating and maintaining the IB subnet (e.g. subscriber).)

Regarding claim 9, Johnsen teaches a system comprising:
a processor; and
a computer-readable device storing instructions which, when executed by the processor, cause the processor to perform operations comprising:
generating a policy for the host based on the assigned address, wherein the generated policy includes assigning to the host a first role or a second role associated with the common subnet; ([0034]: there can be a master management entity, the subnet manager (SM), which resides on a designated device in the subnet. The subnet manager is responsible for configuring, activating and maintaining the IB subnet. [0037]: all other subnet managers, excepting the master subnet manager, act in standby mode for fault-tolerance.)
defining allowable communications as being between hosts having different roles within the common subnet; ([0034] teach there is one active master subnet manager (e.g. first role) responsible for configuring, activating and maintaining (e.g. allowable communications) the IB subnet (e.g. devices in second role). [0035]:  the subnet manager exchanges control packets, 
receiving a transmission request for a data packet, wherein the request includes identification of another host within the common subnet as a destination for the data packet; ()0036]: intra-subnet routing in an IB network can be based on linear forwarding tables (LFTs) stored in the switches. When a packet arrives at a switch, its output port is determined by looking up the DLID in the forwarding table of the switch. The routing is deterministic as packets take the same path in the network between a given source-destination pair (LID pair).)
evaluating the data packet transmission request based on the generated policies for the host; and ([0057]: in a partitioned subnet, nodes that are not members of a common data partition are not allowed to communicate.)
providing instructions to the switch based on the evaluation, wherein the provided instructions are configured to instruct the switch to prevent transmission of the data packet from the host to the other host using the common subnet. ([0036]: intra-subnet routing in an IB network can be based on linear forwarding tables (LFTs) stored in the switches. [0057]: in a partitioned subnet, nodes that are not members of a common data partition are not allowed to communicate.)
Johnsen does not explicitly disclose receiving a notification from a switch that a host joined an enterprise network; assigning the host an address within a common subnet associated with the enterprise network.
However, Jiang teaches receiving a notification from a switch that a host joined an enterprise network; assigning the host an address within a common subnet associated with the enterprise network. ([0076]:  End host EH1 may send DHCP discovery request 112A to a client 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen to include above limitations. One would have been motivated to do so because to communicate with other end hosts, each end host must first obtain a corresponding IP address from the network. The forwarding of unnecessary DHCP requests can impact performance of switches in the network. It would therefore be desirable to be able to provide improved arrangements for performing address assignment to end hosts in a network. As taught by Jiang, [0004]-[0006].
Johnsen and Jiang do not explicitly disclose in response to receiving the notification, validating the host is authorized to access the enterprise network; in response to the host being authorized to access the enterprise network, allow the host to join the enterprise network. 
However, Perez teaches in response to receiving the notification, validating the host is authorized to access the enterprise network; in response to the host being authorized to access the enterprise network, allow the host to join the enterprise network. ([0035]: Security access may be required before a device may join network, such as through access codes or passwords.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen and Jiang to include above limitations. One 

Regarding claim 12, Johnsen, Jiang and Perez teach the system of claim 9.
Johnsen teaches wherein the host shares resources or services with the other hosts assigned the second role associated with the common subnet of the enterprise network. ([0034]: The subnet manager (e.g. the host) is responsible for configuring, activating and maintaining the IB subnet (e.g. services). Additionally, the subnet manager (SM) can be responsible for performing routing table calculations in an IB fabric.)

Regarding claim 15, Johnsen, Jiang and Perez teach the system of claim 9.
Johnsen teaches to: receive notification from the switch that the host disconnected from the common subnet of the enterprise network; unregister generated policies related to the host that disconnected from the enterprise network; detect that the host rejoined the enterprise network at a subsequent time period; re-assign the host a new address within the common subnet associated with the enterprise network; and generate a new policy for the host at the subsequent time period that the host rejoined the enterprise network based on the new address, wherein the generated new policy includes re-assigning to the host the first role or the second role associated with the enterprise network. ([0037]: In a situation where a master subnet manager fails, however, a new master subnet manager is negotiated by the standby subnet managers. The master subnet manager also performs periodic sweeps of the subnet to detect any topology changes and reconfigures the network accordingly. The cited reference disclose there is only 1 

Regarding claim 16, Johnsen teaches a non-transitory computer-readable device storing instructions which, when executed by a computer device, cause the computer device to perform operations comprising:
generating a policy for the host based on the assigned address, wherein the generated policy includes assigning to the host a first role or a second role associated with the common subnet; ([0034]: there can be a master management entity, the subnet manager (SM), which resides on a designated device in the subnet. The subnet manager is responsible for configuring, activating and maintaining the IB subnet. [0037]: all other subnet managers, excepting the master subnet manager, act in standby mode for fault-tolerance.)
defining allowable communications as being between hosts having different roles within the common subnet; ([0034] teach there is one active master subnet manager (e.g. first role) responsible for configuring, activating and maintaining (e.g. allowable communications) the IB subnet (e.g. devices in second role). [0035]:  the subnet manager exchanges control packets, which are referred to as subnet management packets (SMPs), with subnet management agents (SMAs). The subnet management agents reside on every IB subnet device.)
receiving notification from the switch that the host disconnected from the common subnet of the enterprise network; unregistering generated policies related to the host that disconnected from the enterprise network; detecting that the host rejoined the enterprise network at a subsequent time period; re-assigning the host a new address within the common subnet associated with the enterprise network; and generating a new policy for the host at the 
receiving a transmission request for a data packet, wherein the request includes identification of another host within the common subnet as a destination for the data packet; ()0036]: intra-subnet routing in an IB network can be based on linear forwarding tables (LFTs) stored in the switches. When a packet arrives at a switch, its output port is determined by looking up the DLID in the forwarding table of the switch. The routing is deterministic as packets take the same path in the network between a given source-destination pair (LID pair).)
evaluating the data packet transmission request based on the generated policies for the host; and ([0057]: in a partitioned subnet, nodes that are not members of a common data partition are not allowed to communicate.)
providing instructions to the switch based on the evaluation, wherein the provided instructions are configured to instruct the switch to transmit the data packet from the host to the other host using the common subnet. ([0036]: intra-subnet routing in an IB network can be based on linear forwarding tables (LFTs) stored in the switches. The routing is deterministic as packets take the same path in the network between a given source-destination pair (LID pair).)

However, Jiang teaches receiving a notification from a switch that a host joined an enterprise network; assigning the host an address within a common subnet associated with the enterprise network. ([0076]:  End host EH1 may send DHCP discovery request 112A to a client switch that is coupled to end host EH1 (e.g., client switch SW1). In response to receiving DHCP discovery request 112A, client switch SW1 may forward DHCP discovery request 112A to controller server 18. [0080]: In response to receiving controller-modified DHCP discovery request 112B, DHCP server S1 may allocate an available IP address to end host EH1 (e.g., an IP address that is not currently assigned to another end host or network device) and respond to the request by sending DHCP server offer reply packet 114 of FIG. 9C.) 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen to include above limitations. One would have been motivated to do so because to communicate with other end hosts, each end host must first obtain a corresponding IP address from the network. The forwarding of unnecessary DHCP requests can impact performance of switches in the network. It would therefore be desirable to be able to provide improved arrangements for performing address assignment to end hosts in a network. As taught by Jiang, [0004]-[0006].
Johnsen and Jiang do not explicitly disclose in response to receiving the notification, validating the host is authorized to access the enterprise network; in response to the host being authorized to access the enterprise network, allow the host to join the enterprise network. 

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen and Jiang to include above limitations. One would have been motivated to do so because for security reasons, it is common for a network administrator to only allow authorized devices to join the network.

Regarding claim 18, Johnsen, Jiang and Perez teach the non-transitory computer-readable device of claim 16.
Johnsen teaches wherein the host shares resources or services with the other hosts assigned the second role associated with the common subnet of the enterprise network. ([0034]: The subnet manager (e.g. the host) is responsible for configuring, activating and maintaining the IB subnet (e.g. services). Additionally, the subnet manager (SM) can be responsible for performing routing table calculations in an IB fabric.)

Claims 2, 4, and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Johnsen (US 20170214633 A1) in view of Jiang (US 20130097335 A1), and in view of Perez (US 20120151210 A1), and further in view of Lambert (US 20120096138 A1).
Regarding claim 2, Johnsen, Jiang and Perez teach the method of claim 1.
Johnsen, Jiang and Perez do not explicitly disclose assigning the host the first role and any subsequent host that joins the enterprise network with the second role.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang and Perez to include above limitations. One would have been motivated to do so because in some conventional IBSS network, the first member can authenticate new member and acts as DHCPP server to assigns addresses to the new members. As taught by Lambert, [0004].

Regarding claim 4, Johnsen, Jiang, Perez and Lambert teach the method of claim 2.
Johnsen teaches wherein the host shares resources or services with the other hosts assigned the second role associated with the common subnet of the enterprise network. ([0034]: The subnet manager (e.g. the host) is responsible for configuring, activating and maintaining the IB subnet (e.g. services). Additionally, the subnet manager (SM) can be responsible for performing routing table calculations in an IB fabric.)

Regarding claim 10, Johnsen, Jiang and Perez teach the system of claim 9.
Johnsen, Jiang and Perez do not explicitly disclose assigning the host the first role and any subsequent host that joins the enterprise network with the second role.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang and Perez to include above limitations. One would have been motivated to do so because in some conventional IBSS network, the first member can authenticate new member and acts as DHCPP server to assigns addresses to the new members. As taught by Lambert, [0004].

Claims 3 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Johnsen (US 20170214633 A1) in view of Jiang (US 20130097335 A1), and in view of Perez (US 20120151210 A1), and in view of Lambert (US 20120096138 A1), and further in view of Yun (WO 2007136863 A2).
Regarding claim 3, Johnsen, Jiang, Perez and Lambert teach the method of claim 2.
Johnsen, Jiang, Perez and Lambert do not explicitly disclose wherein the host is associated with a headquarter site, and wherein the host manages the other hosts assigned the second role associated within the common subnet of the enterprise network.
However, Yun teaches wherein the host is associated with a headquarter site, and wherein the host manages the other hosts assigned the second role associated within the common subnet of the enterprise network. (Fig. 1 and Page 5 paragraph 3: Fig. 1 is an illustration showing 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang, Perez and Lambert to include above limitations. One would have been motivated to do so because headquarters usually is the most critical facility of an enterprise and need to provide network services to majority of the employees and customers. It is desirable to have management server(s) at headquarter for performance and security reasons.

Regarding claim 17, Johnsen, Jiang and Perez teach the non-transitory computer-readable device of claim 16.
Johnsen, Jiang and Perez do not explicitly disclose wherein the host is assigned the first role and any subsequent host that joins the enterprise network with the second role.
However, Lambert teaches wherein the host is assigned the first role and any subsequent host that joins the enterprise network with the second role. ([0004]: a mobile device that was the first wireless member in a given IBSS network, can periodically beacon to identify the given IBSS network, and can authenticate new members. Hence, this wireless client acts as a Dynamic Host Configuration Protocol (DHCP) server that assigns addresses to the new members (e.g. subsequent host).)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang and Perez to include above limitations. One would have been motivated to do so because in some conventional IBSS network, the first 
Johnsen, Jiang, Perez and Lambert do not explicitly disclose wherein the host is associated with a headquarter site, and wherein the host manages the other hosts assigned the second role associated within the common subnet of the enterprise network.
However, Yun teaches wherein the host is associated with a headquarter site, and wherein the host manages the other hosts assigned the second role associated within the common subnet of the enterprise network. (Fig. 1 and Page 5 paragraph 3: Fig. 1 is an illustration showing elements of the headquarters system including a management side server having network configuration functionality.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang, Perez and Lambert to include above limitations. One would have been motivated to do so because headquarters usually is the most critical facility of an enterprise and need to provide network services to majority of the employees and customers. It is desirable to have management server(s) at headquarter for performance and security reasons.

Claims 6 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Johnsen (US 20170214633 A1) in view of Jiang (US 20130097335 A1), and in view of Perez (US 20120151210 A1), and further in view of Freitas (US 20160173405 A1).
Regarding claim 6, Johnsen, Jiang and Perez teach the method of claim 1.

However, Lambert teaches wherein the provided instructions further instructs the switch to encapsulate the data packet being transmitted from the host to the other host within the common subnet. (Abstract: Both the first LISP router and the second LISP router are on the same subnet. Fig. 9 and [0014]: a LISP tunnel for transporting LISP-encapsulated packets between a LISP router at the original data center and a LISP router at the target data center in order to route intra-subnet traffic.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang and Perez to include above limitations. One would have been motivated to do so because it is desirable to encapsulate packets between hosts in the same subnet for security reasons in some cases, such as protecting traffic between different enterprise locations/facilities.

Regarding claim 20, Johnsen, Jiang and Perez teach the non-transitory computer-readable device of claim 16.
Johnsen, Jiang and Perez do not explicitly disclose wherein the instructions further cause the computing device to instructs the switch to encapsulate the data packet being transmitted from the host to the other host within the common subnet.
However, Lambert teaches wherein the instructions further cause the computing device to instructs the switch to encapsulate the data packet being transmitted from the host to the other host within the common subnet. (Abstract: Both the first LISP router and the second LISP router intra-subnet traffic.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang and Perez to include above limitations. One would have been motivated to do so because it is desirable to encapsulate packets between hosts in the same subnet for security reasons in some cases, such as protecting traffic between different enterprise locations/facilities.

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Johnsen (US 20170214633 A1) in view of Jiang (US 20130097335 A1), and in view of Perez (US 20120151210 A1), and further in view of Yun (WO 2007136863 A2).
Regarding claim 3, Johnsen, Jiang and Perez teach the system of claim 9.
Johnsen, Jiang and Perez do not explicitly disclose wherein the host is associated with a headquarter site, and wherein the host manages the other hosts assigned the second role associated within the common subnet of the enterprise network.
However, Yun teaches wherein the host is associated with a headquarter site, and wherein the host manages the other hosts assigned the second role associated within the common subnet of the enterprise network. (Fig. 1 and Page 5 paragraph 3: Fig. 1 is an illustration showing elements of the headquarters system including a management side server having network configuration functionality.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang and Perez to include above limitations. .

Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Johnsen (US 20170214633 A1) in view of Jiang (US 20130097335 A1), and in view of Perez (US 20120151210 A1), and further in view of Paramaguru (US 20080037539 A1).
Regarding claim 14, Johnsen, Jiang and Perez teach the system of claim 9.
Johnsen, Jiang and Perez do not explicitly disclose wherein preventing the transmission of the data packet from the host to the other host comprises instructing the switch to drop the data packets associated with the data packet transmission request.
However, Paramaguru teaches wherein preventing the transmission of the data packet from the host to the other host comprises instructing the switch to drop the data packets associated with the data packet transmission request. ([0061]: The packet-class identity and the packet-filter identity of the packet are obtained by FSM 206 by using packet-classification rules. Thereafter, network device 104 can log, send-response, or drop packets, based on the policy map and packet-class identity or packet-filter identity.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Johnsen, Jiang and Perez to include above limitations. One would have been motivated to do so because in a typical network, packets are classified, in part, to ensure Quality of Service (QoS), and to provide differentiated services to classified flows. As taught by Paramaguru, [0004].

Allowable Subject Matter
Claims 5, 13 and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:  The prior art of record fail to explicitly teach each and every limitation of the combination of claims 1-2 and 5, especially “the generated policy first assigns a host a first role and any subsequent host that joins the network with a second role, then defining allowable communications as being only between hosts having different roles within the common subnet”. Same rationales apply to claims 13 and 19.

Response to Arguments
Applicant's arguments, see pages 9-12, filed 12/21/2020, with respect to the rejection(s) of independent claim(s) 1-4, 6-12, 14-18, and 20 under 35 U.S.C. § 103 have been fully considered but are moot in view of new ground(s) of rejection.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZI YE whose telephone number is (571)270-1039.  The examiner can normally be reached on Monday - Friday, 8:00am - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emmanuel Moise can be reached on 5712723865.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to 


/ZI YE/Primary Examiner, Art Unit 2455