DETAILED ACTION
This office action is in response to the correspondence filed on 02/17/2021. This application has a foreign application GB610171 filed on 06/10/2016. Claims 1-2, and 4-20 are still pending and are examined. Claims 1, 2, 4-8, and 15 are amended. Claim 3 is canceled.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
Applicant's claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.
	This application discloses and claims only subject matter disclosed in prior Application No. 15619102 and 15619028, filed 06/09/2017, and names the inventor or at least one joint inventor named in the prior application. Accordingly, this application may constitute a continuation or division. Should applicant desire to claim the benefit of the filing date of the prior application, attention is directed to 35 U.S.C. 120, 37 CFR 1.78, and MPEP § 211 et seq.


Terminal Disclaimer
The terminal disclaimer filed on 02/17/2021 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of U.S. Patent No. 10,728,759 and U.S. Patent No. 10,667,130 has been reviewed and is accepted.  The terminal disclaimer has been recorded. Accordingly, the non-statutory double patenting rejection is withdrawn.


Response to Arguments
The amendments and/or arguments submitted by Applicants for the objection(s)/rejection(s) listed below have been considered and are persuasive; thus, they have been withdrawn:
35 U.S.C. §112 for all claims except for independent clam 1.
For the 112(b) rejections, Applicants have addressed some of the prior rejections but there are remaining issues that need to be addressed. Please see the 112(b) section below.

Applicant’s arguments with respect to claims 1-2, 8, and 15 have been considered but are moot because the arguments do not apply to the new combination of the references being used in the current rejection. The new reference(s) was/were necessitated by the amendment filed by the applicant. The rejection is presented below. 
	The newly amended claims are rejected below in view of Moineau et al. (US Pub No. 2004/0215957 A1, referred to as Moineau).


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim 1 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. 
Regarding independent claim 1, network traffic and security status of the endpoint are described, however, those information are not used in other parts of the claims. It is not clearly stated if those should be used to change the settings of the wireless interface. Such claim limitations are directed toward non-functional descriptive language, which holds no patentable weight. 
Examiner notes that similar amendments that are made in other independent claims should also be made in claim 1. Namely, the change of the wireless interface setting being responsive to the transmitting of the indication of the security status of the end point.
Appropriate correction is required.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention 


Claims 1-2, 4-7, 9-14, and 16-20 are rejected under 35 U.S.C. 103 as being unpatentable over Caldwell, in view of Gupta et al. (US Pub No. 2016/0295410 A1, referred to as Gupta), and further in view of Moineau et al. (US Pub No. 2004/0215957 A1, referred to as Moineau).
Regarding claim 1, Caldwell discloses,
1. A computer-implemented method to provide security and wireless network service, the method comprising:
establishing a wireless link between a wireless interface of an endpoint and a wireless access point (WAP); (Caldwell: [0044]; the server 400 (wireless interface) connects to the access point 300 with a secure network channel (wireless link).)
exchanging, through the wireless link, network traffic associated with execution of an application by a processor of the endpoint; (Caldwell: [0030]; the access point serves as a communication link between mobile devices and a computer network.)  
Caldwell does not explicitly disclose, however Gupta teaches,
executing, by the processor of the endpoint, a security routine to monitor a security status of the endpoint; (Gupta: [0022]; a Home Security Gateway (HSG) can monitor the status of connected devices.)
establishing, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application, the secure channel extending from the security routine through the wireless link and the WAP… (Gupta: [0022]; the HSG can report status, in addition to network traffic, to an operator network through secured protocol.)
conveying, from the security routine and through the secure channel … an indication of the security status; (Gupta: [0022]; the HSG can report status.)
receiving, at the security routine and through the secure channel, a command to change a setting of the wireless interface associated with a characteristic of the wireless link; and (Gupta: [0022]; the HSG can receive configuration update through secured protocol.)
accessing, from the security routine, the wireless interface to effect the change of the setting in the wireless interface in response to receiving the command. (Gupta: [0050-0051]; initiate an update of the endpoint security configuration in response to receiving available updates.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings Gupta of into the teachings of Caldwell with a motivation to improve protection of home or other private networks by using a HSG to monitor connected devices (Gupta: [0022]).
Caldwell does not explicitly disclose, however Moineau teaches,
	… to a remote resource (Moineau: Fig. 2; [0032], [0040]; an external network firewall (remote resource) is connected to a router and an external network that is controlled by the VPN server (secure channel). An encrypted link is created between a mobile unit and the VPN server via the firewall system and the router.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings Moineau of into the combination of Caldwell and Gupta with a motivation to allow a secure connection of a user client station to a base unit and enable authentication and encryption for a Wireless Local Area Network (WLAN) by using a VPN server to control different entities in the network (Moineau abstract).

	
Regarding claims 2, Caldwell discloses,
A computer-implemented method to provide security and wireless network service, the method comprising: 
establishing a wireless link between a wireless interface of an endpoint and a wireless access point (WAP); (Caldwell: [0044]; the server 400 connects to the access point 300 with a secure network channel (wireless link).)
exchanging, through the wireless link, network traffic associated with execution of an application by a processor of the endpoint; (Caldwell: [0030]; the access point serves as a communication link between mobile devices and a computer network.)   
establishing, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application… (Caldwell: [0044]; a secure network channel is established between the server and the access point, and a status report is sent from the access point to the server.)
transmitting … through the secure channel, an indication of the security status of the endpoint… (Caldwell: [0044], [0030]; a secure network channel is established between the server and the access point, and a status report is sent from the access point to the server. The status report pertains to information regarding the communication link between the mobile devices and the computer network which can include security related information.) 
receiving, through the secure channel, a command, that when processed by the processor effects a change to a setting of the wireless interface associated with a characteristic of the wireless link, (Caldwell: [0044]; the server (has a processor) analyzes the status report and determines whether an updated configuration file needs to be sent to the access point.) the change being responsive to the transmitting of the indication of the security status of the end point. (Caldwell: [0044], [0030]; a status report is sent from the access point to the server. The server analyzes the status report and determines whether an updated configuration file needs to be sent to the access point.)
Caldwell does not explicitly disclose, however Gupta teaches,
monitoring with the security routine a security status of the endpoint; (Gupta: [0022]; a Home Security Gateway (HSG) can monitor the status of connected devices.)
the transmitting being responsive to the monitoring; and (Gupta: [0022]; the HSG can report status, in addition to network traffic, to an operator network through secured protocol.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings Gupta of into the teachings of Caldwell with a motivation to improve protection of home or other private networks by using a HSG to monitor connected devices (Gupta: [0022]).
Caldwell does not explicitly disclose, however Moineau teaches,
… the secure channel extending from the endpoint through the WAP to a remote resource and used by a security routine executing on the processor; (Moineau: Fig. 2; [0032], [0040]; an external network firewall (remote resource) is connected to a router (WAP) and an external network that is controlled by the VPN server (secure channel). An encrypted link is created between a mobile unit (endpoint) and the VPN server via the firewall system and the router. Firewall has security routines.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings Moineau of into the combination of Caldwell and Gupta with a motivation to allow a secure connection of a user client station to a base unit and enable authentication and encryption for a Wireless Local Area Network (WLAN) by using a VPN server to control different entities in the network (Moineau abstract).


Regarding claims 4, 10 and 17, taking claim 17 as exemplary, the combination of Caldwell, Gupta and Moineau discloses,
17. The apparatus of claim 16, 
Caldwell further discloses,
wherein the processor is further caused to extend the secure channel from the security routine to a firewall or a supervisor through the wireless link and the WAP. (Caldwell: [0032]; the status report can also be sent to a service provider or customer care center to diagnose problems (supervisor).)


Regarding claims 9 and 16, taking claim 16 as exemplary, the combination of Caldwell and Moineau discloses,
16. The apparatus of claim 15, 
Caldwell does not explicitly disclose, however Gupta teaches,
wherein the processor is further caused to execute a security routine to monitor the security status of the endpoint. (Gupta: [0022]; a Home Security Gateway (HSG) can monitor the status of connected devices.)
The same motivation that was utilized for combining Caldwell and Gupta as set forth in claim 1 is equally applicable to claim 16.



Regarding claims 5, 11, and 18, taking claim 18 as exemplary, the combination of Caldwell and Gupta and Moineau discloses,
18. The apparatus of claim 16, 
Caldwell does not explicitly disclose, however Gupta teaches,
wherein the processor is further caused to designate a portion of the storage in which the security routine is stored during execution as restricted from access by at least the application. (Gupta: [0022], [0040]; the HSG has a private and restricted storage from the endpoint applications.)
The same motivation that was utilized for combining Caldwell and Gupta as set forth in claim 16 is equally applicable to claim 18.


Regarding claim 6, the combination of Caldwell, Gupta and Moineau discloses,
6. The computer-implemented method of claim 2, 
Caldwell does not explicitly disclose, however Gupta teaches,
further comprising generating, by execution of the security routine, the indication of the security status, wherein the indication of the security status comprises at least one of an indication of security health of the endpoint, an indication of suspicious activity by the application, an indication of compromise of the application, an indication of compromise of the endpoint, an indication of commencement of execution of the application, an indication of cessation of execution of the application, an indication of an observed data rate of the network traffic associated with execution of the application, and an indication of an observed pattern of a time of execution of the application. (Gupta: [0022], [0028]; a Home Security Gateway (HSG) can monitor the status of connected devices including out-of-date security updates (security health).)
The same motivation that was utilized for combining Caldwell and Gupta as set forth in claim 2 is equally applicable to claim 6.


claims 7, 12, and 19, taking claim 19 as exemplary, the combination of Caldwell, Gupta and Moineau discloses,
19. The apparatus of claim 16, 
Caldwell does not explicitly disclose, however Gupta teaches,
wherein the processor is further caused to access, by execution of the security routine, the wireless interface to effect the change of the setting in the wireless interface in response to receiving the command. (Gupta: [0050-0051]; initiate an update of the endpoint security configuration in response to receiving available updates.)
The same motivation that was utilized for combining Caldwell and Gupta as set forth in claim 16 is equally applicable to claim 19.


Regarding claims 13 and 20, taking claim 20 as exemplary, the combination of Caldwell, Gupta and Moineau discloses,
20. The apparatus of claim 19, 
Caldwell does not explicitly disclose, however Gupta teaches,
wherein the processor is further caused to isolate access to the wireless interface by the security routine from a network device driver associated with the wireless interface. (Gupta: [0022]; devices from the home network can only communicate through the HSG.)
The same motivation that was utilized for combining Caldwell and Gupta as set forth in claim 16 is equally applicable to claim 20.


Regarding claim 14 the combination of Caldwell, Gupta and Moineau discloses,
14. The non-transitory machine-readable medium of claim 12, 
Caldwell does not explicitly disclose, however Gupta teaches,
wherein the setting comprises at least one of a frequency of the wireless link, an encoding of the network traffic, a signal strength of transmission of the network traffic by the wireless interface, and a protocol timing of the wireless link. (Gupta: [0050-0051]; updates can include a variety of protection settings.)
The same motivation that was utilized for combining Caldwell and Gupta as set forth in claim 12 is equally applicable to claim 14.


Claims 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Caldwell et al. (US Pub No. 2012/0317224 A1, referred to as Caldwell), in view of Moineau et al. (US Pub No. 2004/0215957 A1, referred to as Moineau).

Regarding claims 8 and 15, taking claim 15 as exemplary, Caldwell discloses,
15. An apparatus to provide security and wireless network service, the apparatus comprising:
a processor of an endpoint; (Caldwell: [0030]; mobile devices (endpoint) has a processor.)
a wireless interface of the endpoint coupled to the processor; and (Caldwell: [0030]; an access point with a server serves as a communication link (wireless interface).)
a storage of the endpoint coupled to the processor to store instructions, that when executed by the processor cause the processor to: (Caldwell: [0030]; mobile devices (endpoint) has a storage.)
establish a wireless link between the wireless interface and a wireless access point (WAP); (Caldwell: [0044]; the server 400 connects to the access point 300 with a secure network channel (wireless link).)
exchange, through the wireless link, network traffic associated with execution of an application by the processor; (Caldwell: [0030]; the access point serves as a communication link between mobile devices and a computer network.)   
establish, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application; (Caldwell: [0044]; a secure network channel is established between the server and the access point, and a status report is sent from the access point to the server.)
transmit, through the secure channel, an indication of a security status of the endpoint; and (Caldwell: [0044], [0030]; a secure network channel is established between the server and the access point, and a status report is sent from the access point to the server. The status report pertains to information regarding the communication link between the mobile devices and the computer network which can include security related information.)
receive, through the secure channel, a command to change a setting of the wireless interface associated with a characteristic of the wireless link, (Caldwell: [0044]; the server analyzes the status report and determines whether an updated configuration file needs to be sent to the access point.) the command being responsive to the indication of the security status of the endpoint. (Caldwell: [0044], [0030]; a status report is sent from the access point to the server. The server analyzes the status report and determines whether an updated configuration file needs to be sent to the access point.)
Caldwell does not explicitly disclose, however Moineau teaches,
… the secure channel extending from the endpoint through the WAP to a remote resource; (Moineau: Fig. 2; [0032], [0040]; an external network firewall (remote resource) is connected to a router (WAP) and an external network that is controlled by the VPN server (secure channel). An encrypted link is created between a mobile unit (endpoint) and the VPN server via the firewall system and the router.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings Moineau of into the teachings of Caldwell with a .



	Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The listed references disclose relevant inventions of changing network configuration based on traffic monitoring.
Anderson; Jason L. et al. (US 20150172204 A1) 
Yau; Herman et al. (US 20150052578 A1) 
Narasimhan; Vineeth et al. (US 9172766 B2) 
Please see PTO-892. 

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KA SHAN CHOY whose telephone number is (571) 272-1569.  The examiner can normally be reached on MON - FRI: 9AM-5:30PM EST Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571) 272-3685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/KA SHAN CHOY/Examiner, Art Unit 2435                                                                                                                                                                                                        

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435