DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 1/20/2021 has been entered.

Claim status in the amendment received on 1/20/2021:
Claims 1-3, 5, 8, 10-11, 15 and 19 have been amended.
Claims 7 and 18 have been cancelled.
Claims 1-6, 8-17 and 19-20 are pending.





Priority
Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date as follows:
The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA  35 U.S.C. 112, except for the best mode requirement.  See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994)
The disclosure of the prior-filed application, Application No. 16023284, fails to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA  35 U.S.C. 112, first paragraph for one or more claims of this application.  

Claims 1-20 are not adequately supported by the prior-filed application. The parent application does not provide any adequate support for at least the features of determining and displaying the plurality of groups, as claimed in the independent claims. Accordingly, claims 1-20 are not entitled to the benefit of the prior application.





Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4-6, 8-12, 14-17 and 19-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kumar et al. (Pub. No.: US 20180176185 A1) in view of Dotan et al. (Pub. No.: US 20160301717 A1).
As to claim 1, Kumar teaches a method comprising: accessing a plurality of segmentation rules (paragraph [0027]);
determining one or more characteristics of a plurality of entities communicatively coupled to a network (paragraph [0027]);
determining a plurality of groups based on at least one characteristic of the one or more characteristics, wherein each group comprises at least one entity of the plurality of entities (paragraph [0027]);
selecting a first group and a second group from the plurality of groups (paragraph [0043]);
determining a first set of one or more segmentation rules associated with the first group, wherein the first set of one or more segmentation rules is associated with a respective environment of the at least one entity of the first group (paragraphs [0027] ;
determining a second set of one or more segmentation rules associated with the second group, wherein the second set of one or more segmentation rules is associated with a respective environment of the at least one entity of the second group (paragraphs [0027] and [0043], the respective environments are not assumed to be different and are not required to be based on the claim language);
determining communication properties between the first group and second group (paragraph [0027]); 
determining a subgroup of the first group based on at least one characteristic associated with at least one entity of the first group (fig. 5, for example the subgroup “doctors” of the first group “medical staff” based on entities of the subgroup being doctors, and paragraph [0034]); and
providing an indication of the communication properties between the first group and the second group, wherein the subgroup of the first group is displayed in a hierarchy with the first group (paragraph [0034], “Table 1”).
Kumar does not explicitly teach displaying the indication of the communication properties between the groups.
However, in the same field of endeavor (computer network management) Dotan teaches selecting a first group and a second group from the plurality of groups (fig. 36);
determining a first set of one or more segmentation rules associated with the first group, wherein the first set of one or more segmentation rules is associated with a respective environment of the at least one entity of the first group (fig. 36);
determining a second set of one or more segmentation rules associated with the second group, wherein the second set of one or more segmentation rules is associated with a respective environment of the at least one entity of the second group (fig. 36);
determining communication properties between the first group and second group (fig. 36); 
determining a subgroup of the first group based on at least one characteristic associated with at least one entity of the first group (fig. 36, 7016, of 7010); and
displaying an indication of the communication properties between the first group and the second group, wherein the subgroup of the first group is displayed in a hierarchy with the first group (fig. 36, 7016 and 7010).
Based on Kumar in view of Dotan, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate displaying the indication of the communication properties between the groups (taught by Dotan) with network group policy (taught by Kumar) in order to provide users with a visual representation of the network policy which will make the system more user friendly and easy to use.
As to claim 4, Kumar teaches wherein the at least one characteristic of the one or more characteristics of an entity is determined without use of an agent (paragraph [0027]).
wherein the indication comprises at least one of a green color associated with allowed communication, a yellow color associated with some allowed communication, or a red color associated with blocked communication (paragraph [0280]). The limitations of claim 5 are rejected in view of the analysis of claim 1 above, and the claim is rejected on that basis.

As to claim 6, Kumar teaches wherein the indication is displayed as part of a matrix comprising a first entity characteristic of the first group and a second entity characteristic of the second group (paragraph [0043]). The limitations of claim 6 are rejected in view of the analysis of claim 1 above, and the claim is rejected on that basis.

As to claim 8, Dotan further teaches wherein the at least one characteristic is at least one of location, device type, compliance, risk, or network connection (fig. 36). The limitations of claim 8 are rejected in view of the analysis of claims 7 and 1 above, and the claim is rejected on that basis.

As to claim 9, Dotan further teaches wherein a subgroup based on a plurality of characteristics of at least one entity of the first group is displayed in a hierarchy with the first group (fig. 36). The limitations of claim 9 are rejected in view of the analysis of claim 1 above, and the claim is rejected on that basis.

As to claim 10, Kumar teaches wherein the plurality of characteristics are user configurable (paragraph [0027]).
wherein the hierarchy is based on a plurality of tags (paragraph [0044]).

As to claim 12, Kumar teaches wherein the matrix is user configurable (paragraph [0043]).

As to claim 14, Kumar teaches wherein the plurality of entities comprises at least one of a device, an endpoint, a virtual machine, a service, a serverless service, a container, or a user (paragraph [0027]).
	As to claim 15, Kumar further teaches a system comprising: a memory; and a processing device, operatively coupled to the memory (paragraph [0016]). Therefore, the limitations of claim 15 are substantially similar to claim 1. Please refer to claim 1 above.
As to claim 16, Dotan further teaches storing traffic from the network; and displaying a second indicator of blocked traffic between the first and the second group based on the stored traffic and based on the plurality of segmentation rules (paragraph [0077]). The limitations of claim 16 are rejected in view of the analysis of claim 15 above, and the claim is rejected on that basis.
	As to claim 17, Kumar teaches wherein the indication is displayed as part of a matrix comprising a first entity characteristic of the first group and a second entity characteristic of the second group (paragraph [0043]). The limitations of claim 17 are rejected in view of the analysis of claim 15 above, and the claim is rejected on that basis.

As to claim 20, Kumar teaches wherein the indication is displayed as part of a matrix comprising a first entity characteristic of the first group and a second entity characteristic of the second group (paragraph [0043]). The limitations of claim 20 are rejected in view of the analysis of claim 19 above, and the claim is rejected on that basis.

Claims 2-3 and 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kumar et al. (Pub. No.: US 20180176185 A1) in view of Dotan et al. (Pub. No.: US 20160301717 A1) and further in view of Singh et al. (Pub. No.: US 20070157286 A1).

As to claim 2, Kumar teaches storing traffic from the network (paragraph [0024]).
Kumar in view of Dotan does not explicitly teach displaying indicator based on rule simulation.
However, in the same field of endeavor (network security analysis) Singh teaches displaying another indication of communication properties between the first and the second group based on a simulation of at least one of the plurality of segmentation rules (paragraph [0032]).
Based on Kumar in view of Dotan and further in view of  Singh, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate displaying indicator based on rule simulation (taught by Singh)  with displaying the indication of the communication properties between the groups (taught by Dotan) with network 

As to claim 3, Singh further teaches wherein the another indication is associated with a violation of a segmentation rule of the plurality of segmentation rules (paragraph [0032]). The limitations of claim 3 are rejected in view of the analysis of claim 2 above, and the claim is rejected on that basis.

As to claim 13, Kumar in view of Dotan does not explicitly teach displaying indicator based on rule simulation.
However, in the same field of endeavor (network security analysis) Singh teaches indication of the communication properties between the first group and the second group is based on a simulation of at least one of the plurality of segmentation rules (paragraph [0032]).
Based on Kumar in view of Dotan and further in view of  Singh, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate displaying indicator based on rule simulation (taught by Singh)  with displaying the indication of the communication properties between the groups (taught by Dotan) with network group policy (taught by Kumar) in order to provide users with a visual representation of the network policy which will make the system more user friendly and easy to use, and in order to test the network for any vulnerabilities. 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  
McNamara (TrustSec Overview), teaches indication is displayed as part of a matrix comprising a first entity characteristic of the first group and a second entity characteristic of the second group (Please see “staging Matrix” section).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABDULKADER M ALRIYASHI whose telephone number is (313)446-6551.  The examiner can normally be reached on Monday - Friday, 8AM - 5PM Alt, Friday, EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JOON HWANG can be reached on (571)272-4036.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to 



/Abdulkader M Alriyashi/Primary Examiner, Art Unit 2447                                                                                                                                                                                                        2/27/2021