Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
	This communication is in response to Applicant’s Remarks filed on 12/18/2020. Claims 1-4, 9-10, 19-20, 30, 42-45, 50, 59, 70, 73 were amended. An interview held on 2/1/2021 resulted in further amendments to claims 1, 42 and 73. Claims 1-73 were pending.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with attorney Renee Danega on 2/1/2021.

The application has been amended as follows: 
Claim 1. (Currently Amended) A system for handling packet flows between a pair of network security zones in a communications network, and protecting one of the network security zones from an attack by the other network security zone, the system comprising:

a receiver to receive a packet flow that is sent from  a first network security zone of the network security zones toward  a second network security zone of the network zones, wherein the packet flow is a group of data packets with a set of common characteristics, wherein the set of common characteristics includes at least Internet Protocol (IP) source and destination addresses and IP protocol;

an enforcement module, coupled to the receiver, to direct all of the data packets of the packet flow to a network protection or packet inspection the packet flow all of the data packets of the packet flow to one of the service chain instances within the service chain;

a transmitter, coupled to the enforcement module, to transmit[[ a]] all of the data packets of the packet flow processed by  the one of the service chain instances to the  second network security zone,

the enforcement module comprising a Field Programmable Gate Array,

wherein the data packets of the packet flow traveling between the first security zone and the second security zone through the system do not require an address of the system for packet
forwarding purposes.

wherein the system is configured to enforce internally or externally derived security rules comprising redirecting the data packets of the packet flow, dropping the data packets of the packet flow, and rate limiting the data packets of the packet flow.

Claim 42. (Currently Amended) ...  
	
	directing ...

	transmitting [[a]] all of the data packets of the packet flow processed by the one of
the service chain instances to the second network security zone, 

	enforcing internally or externally derived security rules comprising redirecting the data packets of the packet flow, dropping the data packets of the packet flow, and rate limiting the data packets of the packet flow.

	the directing ...

Claim 73. (Currently Amended) ...
	
	directing ...
	transmitting [[a]] all of the data packets of the packet flow processed by the one of
the service chain instances to the second network security zone, 

	enforcing internally or externally derived security rules comprising redirecting the data packets of the packet flow, dropping the data packets of the packet flow, and rate limiting the data packets of the packet flow.

	the directing ...
 

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
The Instant Invention discloses a load-balancing appliance for processing packet flows organized as virtualized service chain instances. The closest prior art, Paramasivam and Bosch, discloses similar appliances, however, the distinguishing features of the Invention are brought forth in the claims.  Therefore, 

Allowable Subject Matter
Claims 1-73 are allowed.
 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Basil Ma whose telephone number is (408)918-7571.  The examiner can normally be reached on Monday-Thursday 8AM-6PM PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffery Rutkowski can be reached on (571) 270-1215.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  






/B.M./Examiner, Art Unit 2415        

/JEFFREY M RUTKOWSKI/Supervisory Patent Examiner, Art Unit 2415