DETAILED ACTION
This Office Action is in response to the Amendment filed on 01/15/2021.
Claims 8 and 17 have been canceled.
Claims 1-2, 4-7, 10-11, 13-16 and 19-20 have been amended.
  	Claims 1-6, 9-16, and 18-20 are pending in the application.

Examiner’s Note
Claims 19-20 are directed to “computer readable storage media” in line 1. The term “storage media” is defined in the specification as “the storage media may be a non-transitory storage media…. It should be understood that in no case is the storage media a propagated signal” (paragraph [0052]). Therefore, claims 19-20 are statutory. 

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-6, 9-16, and 18-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over Claims 1-18 of U. S. Patent No. 10,530,750. Although the conflicting claims at issue are not identical, they are not patentably distinct 
Current Application No. 16/713,416
US Patent No. 10,530,750


Independent Claim 1
Independent Claim 1
Independent Claim 10
Independent Claim 10
Independent Claim 19
Independent Claim 1


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4-7, 10, and 13-16, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Wood (USPGPUB No. 20150326530 A1) listed in IDS dated 07/16/2020 hereinafter Wood in view of Bloch et al. (US Patent No. 7,849,502 B1) listed in IDS dated 07/16/2020 hereinafter Bloch.


one or more computer readable storage media (para 0066, computer inherently including memory); 
a processing system operatively coupled with the one or more computer readable storage media (para 0066, computer inherently including processor); and 
program instructions stored on the one or more computer readable storage media that, when read and executed by the processing system (para 0066, computer), direct the processing system to: 
receive a first reply (DNS reply) from a first Domain Name System (DNS) server (Fig. 1, DNS Server 105) directed to a requestor system (para 0070, user’s computer) (para 0071, The DNS Server responds to each DNS request using a DNS reply for its corresponding DNS request); 
in response to determining that the DNS server comprises a DNS server trusted by the firewall (para 0087-0088, the Destination IP Address is compared to the IP Addresses of all known DNS Servers 501. (Known DNS Servers can either be manually entered in at setup, or be obtained from the operating system, or be obtained from any other trusted source. All such methods are well-known in the art)),  
inspect at least one first packet included in the first reply to obtain a first Internet Protocol (IP) address included in the first reply by the first DNS server (para 0066, the firewall platform may analyze communication data packet and para 0071, when a DNS request is sent for www.apple.com, the DNS server will send back a DNS reply which essentially says: "The IP address for www.apple.com is 17.178.96.59."); 
 para 0097, the process updates the Domain Name/IP table with the received IP address(es) for the embedded domain name 703) (Please note that domain/IP table keeps track of all Domain Name/IP pairs, therefore, the table contains allowed domain name/IP based on status table); and 
after updating the data structure to include the first IP address, allow at least one packet from the requestor system directed to an element at the first IP address to traverse the firewall system based on the data structure (para 0083, if the status of the outgoing packet is "allowed" 308 then the packet is transmitted onto the network and para 0096-0097, the DNS reply (including at least packet) is forward to the operating system), but does not explicitly disclose to allow at least one second packet from the requestor system directed to a first destination at the first IP address to traverse the firewall system upon determining that the first IP address is in the data structure. However, Block discloses to allow at least one second packet from the requestor system (Fig. 4A, step 402) directed to a first destination (Fig. 1 and 4A, server) at the first IP address (IP address) to traverse the firewall system upon determining that the first network address is in the data structure (white list) (Fig. 4, 

Regarding Claims 4, 13, and 20,  Wood in view of Bloch discloses the system of claim 10, wherein to update the data structure with the first IP address, the program instructions direct the processing system to at least: apply a plurality of rules to a domain name associated with the first IP address, wherein the rules define whether communications directed to particular domain names should be allowed; and in response to determining that the first domain name satisfies at least one rule of the plurality of rules for allowing communications associated with the first domain name, add the first IP address to the data structure (Wood, para 0097 and 0112). 

Regarding Claims 5 and 14, Wood in view of Bloch discloses the system of claim 13, wherein the program instructions further direct the processing system to: indicate the at least one rule in the data structure along with the first IP address (Wood, para 0097 and 0112). 

Regarding Claims 6 and 15, Wood in view of Bloch discloses the system of claim 10, wherein the program instructions further direct the processing system to: associate 

Regarding Claims 7 and 16, Wood in view of Bloch discloses the system of claim 10, wherein the program instructions further direct the processing system to: receive a user defined set of trusted identification systems including the first DNS server (Wood, para 0023-0024 and 0087-0088). 

Claims  9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Wood and Bloch as applied in claims 1 and 10 and further in view of Lee (USPGPUB No. 20150341318 A1) listed in IDS dated 07/16/2020 hereinafter Lee.

Regarding Claims 9 and 18, Wood in view of Bloch discloses the system of claim 10 above, but does not explicitly disclose wherein the firewall system comprises a distributed firewall having distinct instances distributed across a plurality of hypervisors executing on a plurality of host computing systems. However, Lee discloses a distributed firewall having distinct instances distributed across a plurality of hypervisors executing on a plurality of host computing systems (abstract and para 0060 and 0086). Therefore, it would have been obvious to one of ordinary skill in the art before effective filing date of claimed invention to modify the teachings of Wood in view of Bloch to include a distributed firewall having distinct instances distributed across a plurality of hypervisors executing on a plurality of host computing systems as taught by Lee in order to provide firewall rules for enhancing security of a network (Lee abstract).

Allowable Subject Matter
Claims 2-3 and 11-12 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Response to Arguments
Applicant's arguments filed on 01/15/2021 have been fully considered but they are not persuasive.
On pages 7 and 8 of Remarks, Applicant appears to argue that Wood fails to disclose the claimed limitations “in response to determining that the DNS server comprises a DNS server trusted by the firewall, inspecting at least one first packet included in the first reply to obtain a first Internet Protocol (IP) address included in the first reply by the first DNS server; in response to obtaining the first IP address, updating a data structure, comprising allowed IP addresses to include the first IP address” as recited in independent claims 1, 10, and 19. 
	This is found unpersuasive because Wood discloses in response to determining that the DNS server comprises a DNS server trusted by the firewall (para 0087-0088, the Destination IP Address is compared to the IP Addresses of all known DNS Servers 501. (Known DNS Servers can either be manually entered in at setup, or be obtained from the operating system, or be obtained from any other trusted source. All such methods are well-known in the art)), 

in response to obtaining the first IP address (para 0071, when a DNS request is sent for www.apple.com, the DNS server will send back a DNS reply which essentially says: "The IP address for www.apple.com is 17.178.96.59."), update a data structure (The Domain Name/Status table), comprising allowed IP addresses to include the first IP address (para 0081, The Domain Name/IP table may keep track of all Domain Name/IP pairs listed in DNS Reply Packets. The Domain Name/Status table may keep track of the current status of each domain name (i.e. allowed or blocked) and para 0097, the process updates the Domain Name/IP table with the received IP address(es) for the embedded domain name 703) (Please note that domain/IP table keeps track of all Domain Name/IP pairs, therefore, the table contains allowed domain name/IP based on status table).
	For at least the above reasons, the rejection is maintained.
	The Double Patenting rejection is also sustained because the Terminal Disclaimer has not been submitted to obviate the Double Patenting rejection.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  


Any inquiry concerning this communication or earlier communications from the examiner should be directed to BAOTRAN N TO whose telephone number is (571)272-8156.  The examiner can normally be reached on M-F: 7-3.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph P Hirl can be reached on 571-272-3685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  


BAOTRAN N. TO
Primary Examiner
Art Unit 2435



	/BAOTRAN N TO/          Primary Examiner, Art Unit 2435