Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), filed on 12/17/2021 in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/17/2021 has been entered.  Claims 1-5 and 9-12 are pending.  Claims 6-8 and 13-15 were previously withdrawn from consideration.
Response to Arguments
2.	Applicant's arguments have been fully considered but they are not persuasive. The applicant argues the following issues.
(A)	Rejection under 35 U.S.C. 103(a)
Issue 1: The applicant argues with respect to independent claim such as claim 9 that the amended limitations overcome current references, in particular, “create a management mirror…”
Examiner respectfully disagrees. See Examiner’s response in the rejection section below. 
Claim Rejections - 35 USC § 112
3.	The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

4.	The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:


5.	Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Claim 1 recites “receiving, by a proxy server from a Network Management System (NMS), a pong command…wherein the proxy server and the NMS both reside on a same physical device… “which does not find support in the originally filed application.  See specification [0035]-[0037].  Although the specification discloses a possibility for the proxy to be a functional module of the NMS, however, 1) the proxy is disclosed to be part of the NMS as an functional module not separate entities both residing on a physical device as claimed, and 2) the ping command approach is disclosed to be associated with the case when the proxy and NMP reside on different devices.  Therefore the claimed limitations as a whole is not supported by the originally filed application. Claims 2 -5 and 9-12 are similarly rejected.
6.	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

7.	The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

8.	Claims 1-5 and 9-12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Claim 1 recites “receiving, by a proxy server from a Network 
Claim Rejections - 35 USC § 103
9.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
10.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

11.	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
12.	Claims 1-2, 5 and 9-10 are rejected under 35 U.S.C. 103 as being unpatentable over Yu et al (CN102710644, submitted by IDS), in view of Pankratov (US 2007/0157303).

receiving, from a managed object via a tunnel, and forwarding, by a proxy server to a Network Management System (NMS), wherein the proxy server is associated with a Network Management System (NMS) and the proxy server and the NMS both reside on a same physical device on a first side of the firewall, a message indicating a discovery of a managed object resides on a second side of the firewall, thereby facilitating the NMS in discovering the managed object (see 112 rejections and Examiner’s interpretation above.  See figure 5, step 1, the registration message that VM gets from EC or VC that indicates EC or VC’s inner tunnel IP, self address, and equipment identifier reads on the claimed “a message indicating a discovery of a managed object on a second side of the firewall.” Also see [0035], the tunnel connection request from LAC to LNS.  See figure 1 wherein VM and EC are on different sides of the firewall, and wherein messages from EC to VM need to go through the proxy server (i.e., LNS server). See also figure 2, LAC is on a different side of the firewall from LNS and VM.  See also [0004], firewall), 
create a management mirror for the managed object, wherein the management mirror and the NMS reside on a same side of the firewall, and wherein the management mirror has a management address accessible to the NMS to allow the NMS to perform management functions for the managed object using the management address (this limitation is interpreted as having the same scope of other claimed limitations claims, in light of the disclosure of specification that the creating of a management mirror is a result of those other steps, see [0040]-[0041], “…Thus a virtual mirror with a management address accessible to the NMS is equivalently created by the proxy server for each managed object…” and [0059]-0064], “…With the flow above, such a management mirror is equivalently is created in the cloud5for the switch 122 that is connected with the port of the proxy 111 over the cloud network using 
wherein the message comprises management information allocated by the proxy server to the managed object, and wherein the management information comprises a management address of the managed object, the management address being reachable by the NMS on the first side of the firewall (see citation above, and also [0026], once the tunnel is established, LAC receives tunnel inner IP address that has been allocated by LNS, wherein the tunnel inner IP address can be considered a management address since it enables the private network nodes to communicate with public side managing nodes.  The tunnel inner IP address is obtained from an address pool that is separate from inner network and outer network therefore can be considered within the private network, wherein the private network includes the branch network and the network address space represented by the address pool); 
receive, from the NMS subsequent to the NMS discovering the managed object, a first network management message with a destination address associated with the management mirror ([0035], the receiving direction from LNS to LAC.  Also see figure 5, VM responds to VC and inform EC to send content, wherein the message including tunnel inner IP address, opposite self IP address.  See figure 1, VM to VC will need to go through LNS.  See [0029]-[0030], the inner DIP.  It is to be noted that the claimed “associated with” is broadly interpreted as “related to”);
forward, by the proxy server, the first network management message to the managed object on the second side of the firewall over a tunnel across the firewall (see citation and explanation above.  For tunnel, see figures 1-2; [0026],  branch network in which the monitoring nodes located belongs to a private network, and LAC initiates tunneling request to LNS for setting up a tunnel therefore the tunnel can be considered to be established by LNS.  See figure 2, wherein LNS is in a public network and LAC is in a private network. See also [0035]);
r (see figure 5, in response, VC sends to opposite side node a response.  See figure 1, responding from VC to opposite VM will need to go through LNS the proxy.  See [0029-[0030], the “inner SIP” is source address.  VM can be considered a network management system (NMS), see also [0035], out network monitoring/management node.  It is to be noted that the claimed “associated with” is broadly interpreted as “related to”), and
forward the second management message to the NMS (see citation in rejection to preceding limitation, wherein responding from VC to opposite VM will need to go through LNS the proxy).
However, Yu does not expressly disclose that the message received by the proxy server and forwarded to the NMS is in response to a Ping command for a managed object received by the proxy server from the NMS directed to a management address of the managed object, and transmitted by the proxy server to the managed object via the tunnel.  Pankratov discloses a concept of a Ping command received by a proxy server on behalf of a network system directed to a management address of another network system, and transmit by the proxy server a response from the managed object to the first network system, via a tunnel ([0072]-[0073]).
Before the effective filing date of the invention, it would have been obvious for an ordinary skilled in the art to combine Yu with Pankratov.  The suggestion/motiviatio of the combination would have been to perform discovery (Pankratov, [0072]).
As to claim 1, see similar rejection to claim 9.
As to claim 10, Yu discloses the proxy server according to claim 9, wherein the non-transitory storage medium is further to store machine readable instructions that are executable by the processer to cause the proxy server to:

As to claim 2, see similar rejection to claim 10, wherein “allowing…” is interpreted as “not prohibiting….”
As to claim 5, Yu- Pankratov discloses the method according to claim 1, wherein the tunnel is initiated by the managed object as a client in a Client/Server (CS) mode (Yu, see citation in rejection to claim 9, specifically, [0026] and [0035]).
13.	Claims 3 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Yu-Pankratov as applied to claim 9 above, and further in view of Gai et al (US 6651096).
As to claim 11, Yu-Pankratov discloses the claimed invention substantially including receiving registration information transmitted by the managed object (Yu, [0035];[0038]-[0040]; and figure 5); and wherein said allocating management information for the managed object comprises allocating the management information for the managed object (Yu, [0039]), but does not expressly disclose checking the managed object for legality against the registration information.  
Gai discloses a concept of checking legality of an address before perform additional tasks (col. 8, last paragraph, “an intermediate device examines the source address of messages requesting access to a web server to ascertain whether the source is valid.  If the source is valid, the request is permitted.  If not, the request is dropped before ever reaching the web server”).
Before the effective filing date of the invention, it would have been obvious for an ordinary skilled in the art to combine Yu-Pankratov with Gai.  The suggestion/motivation of the combination would have been to improve security.  
As to claim 3, see similar rejection to claim 11.
s 4 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Yu-Pankratov as applied to claim 9 above, and further in view of Shi (US 2013/0022033).
As to claim 12, Yu-Pankratov discloses the claimed invention substantially as discussed in claim 9, but does not expressly disclose the proxy service is configured to: add a local route with a next-hop outgoing interface of the management address being the tunnel.  Shi discloses a concept of adding a local route with a next-hop outgoing interface of a management address being a tunnel ([0156]).
Before the effective filing date of the invention, it would have been obvious for an ordinary skilled in the art to combine Yu-Pankratov with Shi.  The suggestion/motivation of the combination would have been to enable communicating using tunnel.
	As to claim 4, see similar rejection to claim 12.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HUA FAN whose telephone number is (571)270-5311.  The examiner can normally be reached on 9-6.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached on (571)272-7304.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.





/HUA FAN/, J.D., Ph.D.Primary Examiner, Art Unit 2449