DETAILED ACTION
1.	This office action is in response to the communication filed on 02/26/2019.
2.	Claims 1-20 are pending.

Notice of Pre-AIA  or AIA  Status
3.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

4.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 

Examiner Notes
5.	Regarding claim 15, the limitation “intelligent switch”, in light of the specification (para. 19), is a hardware device.

Claim Objections
6.	Claim(s) 1 and 3 is/are objected to because of the following informalities:  
Regarding claim 1, there is a typographical error in the last paragraph (“send communications between the send communications between the intelligent switch and the primary computing environment”).
request request to”).
Appropriate correction(s) is/are required.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


7.	Claim(s) 1, 8 and 15 is/are rejected under 35 U.S.C. 102(a)(1)/102(a)(2) as being anticipated by Bernoth (US 20060174337 A1).
Regarding claim 1:
Bernoth discloses a method for providing computer security, the method comprising: 
receiving data at an intelligent switch from a secondary computing environment that originated from an external computing device and that was sent to a primary computing environment (see fig. 2 and paras. 18, 20-22 where a switch, e.g. switch 80, receives (and/or sends to pass) communication/message/packet(s) between a server/database (i.e. an external computing device) of a plurality of servers/databases, e.g. servers/database 21, 12, 42, 13, (i.e. a secondary computing environment) and one of more of servers/workstations, e.g. servers/workstations 11, 41, ; 
performing a test on the data sent to the primary computing environment (see fig. 2 and para. 21 where a switch determines whether to pass a message based on a firewall; see para. 24 where a firewall determines whether the parameters of a message match a rule); 
identifying that the data sent to the primary computing environment can be provided to the primary computing environment based on a test result associated with the test (see fig. 2 and paras. 21, 24); and 
providing the data to the primary computing environment based on the test result, the data provided after the intelligent switch is configured to send communications between the send communications between the intelligent switch and the primary computing environment (see fig. 2 and paras. 21, 24).

Regarding claims 8 and 15:
	See similar rejection to claim 1.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


(s) 2-6, 9-12 and 16-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bernoth in view of Komu et al. (US 20180091557 A1).
Regarding claims 2, 9 and 16:
Bernoth discloses:       
communicatively coupling the intelligent switch to the secondary computing environment by enabling one or more communication signals to pass between the secondary computing environment and the intelligent switch (see fig. 2 and para. 21). 
Bernoth does not, but Komu discloses:   
disabling the one or more communication signals between the secondary computing environment and the intelligent switch before the intelligent switch is configured to send communications to the primary computing environment (see Komu, fig. 1 and paras. 37-38 where there is only one intermediate node/switch providing communication between a server (i.e. secondary computing environment) and a client (i.e. first computing environment), wherein the intermediate node/switch does not connect to the server and connects to the client to send communications to the client).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Bernoth's invention by enhancing it for disabling the one or more communication signals between the secondary computing environment and the intelligent switch before the intelligent switch is configured to send communications to the primary computing 

Regarding claims 3, 10 and 17:
Bernoth discloses:
[transitioning a switching configuration at the intelligent switch from a neutral position to a primary configuration] where communications can be sent between the primary computing environment and the intelligent switch (see fig. 2); 
receiving a request from the primary computing environment (see para. 23 where a message/request is received from a workstation 31); and 
[transitioning the switching configuration at the intelligent switch to a second switching configuration that does not connect the primary computing environment to the intelligent switch and that connects the intelligent switch to the secondary computing environment, thereby, allowing the intelligent switch to pass the request to the secondary computing environment based on the second switching configuration], wherein the second computing environment receives data from an external computer according to the request (see fig. 2).
Bernoth does not, but Komu discloses:   
transitioning a switching configuration at the intelligent switch from a neutral position to a primary configuration (see Komu, fig. 1 and paras. 37-38, where there is only one intermediate node/switch providing communication between a server (i.e. secondary computing environment) and a client (i.e. first computing environment), wherein the intermediate node/switch is at a middle position (i.e. neutral ;
transitioning the switching configuration at the intelligent switch to a second switching configuration that does not connect the primary computing environment to the intelligent switch and that connects the intelligent switch to the secondary computing environment, thereby, allowing the intelligent switch to pass the request to the secondary computing environment based on the second switching configuration (see Komu, fig. 1 and paras. 37-38, where the intermediate node/switch is at a position connected to the client (i.e. primary configuration) to receive/transmit communication from/to the client, and then at a position connected to the server (i.e. second  switching configuration) to transmit/receive communication to/from the server).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Bernoth's invention by enhancing it for transitioning a switching configuration at the intelligent switch from a neutral position to a primary configuration, transitioning the switching configuration at the intelligent switch to a second switching configuration that does not connect the primary computing environment to the intelligent switch and that connects the intelligent switch to the secondary computing environment, thereby, allowing the intelligent switch to pass the request to the secondary computing environment based on the second switching configuration, as taught by Komu, in order for repeating verifying received packets of a data flow based on a policy and type of protocol used for the data flow (Komu, abstract).

Regarding claims 4, 11 and 18:
Bernoth discloses:
receiving at the intelligent switch data associated with the request (see para. 23).

Regarding claims 5, 12 and 19:
Bernoth does not, but Komu discloses:
transitioning the switching configuration at the intelligent switch to a neutral position that isolates the intelligent switch from a first signal associated with the primary computing environment and from a second signal associated with the secondary computing environment (see Komu, fig. 1).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Bernoth's invention by enhancing it for transitioning the switching configuration at the intelligent switch to a neutral position that isolates the intelligent switch from a first signal associated with the primary computing environment and from a second signal associated with the secondary computing environment, as taught by Komu. The motivation is the same as presented in claim 3.

Regarding claims 6, 13 and 20:
Bernoth discloses:
wherein the test is performed [when the intelligent switch is in a neutral position that isolates the primary computing environment from the secondary computing environment] (see fig. 2 and para. 21).
Bernoth does not, but Komu discloses:   
when the intelligent switch is in a neutral position that isolates the primary computing environment from the secondary computing environment (see Komu, fig. 1 and paras. 37-38).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Bernoth's invention by enhancing it for the intelligent switch is in a neutral position that isolates the primary computing environment from the secondary computing environment, as taught by Komu, in order for repeating verifying received packets of a data flow based on a policy and type of protocol used for the data flow (Komu, abstract).

9.	Claim(s) 7 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bernoth in view of Eisenberg et al. (US 20030188001 A1).
Regarding claims 7 and 14:
Bernoth discloses:
wherein the secondary computing environment [performs one or more other tests on the data that originated from the external computing device before that] original data is received by the intelligent switch (see fig. 2 and paras. 20-21).
Bernoth does not, but Eisenberg discloses:
perform one or more other tests on the data that originated from the external computing device before that original data is received by the intelligent switch (see Eisenberg, paras. 42, 47, where a public server (i.e. external server) communicates data to a client device that is inside a network and behind a firewall, wherein the public server is also behind a firewall; see para. 6 where information contained in a data packet is compared to an access control list maintained in a firewall to determine whether to pass the data packet).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Bernoth's invention by enhancing it to perform one or more other tests on the data that originated from the external computing device before that original data is received by the intelligent switch, as taught by Eisenberg, in order to traversing communication network firewalls (Eisenberg, para. 2).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Bhargava et al., US 20190109876 A1, Server-initiated secure sessions.
Horton et al., US 20070250922 A1, Integration of social network information and network firewalls.
Koganti et al., US 20130223449 A1, Dynamic service insertion in a fabric switch.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HUAN V. DOAN whose telephone number is 571-272-
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KRISTINE KINCAID, can be reached on 571-272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/HUAN V DOAN/Primary Examiner, Art Unit 2437