Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This communication is in respond to Applicant’s Request for Continued Examination filed on 02/01/2021.
Status of claims
Claims 1-20 are pending. Claims 1-10 and 12-20 are allowed.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 FR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given via email on 03/03/2021 by the applicant Mr. Steven Avena (Reg. No. 75,211). 

The application has been amended as follows:

1.	(Currently Amended) A method of secure communication in a computer network at a destination server, comprising:
obtaining, at a server agent installed on the destination server and from a portal that is external to the destination server, a first command to initiate a secure connection with an intermediary server, wherein an inbound port of a firewall of the 
transmitting, by the server agent based at least in part on the first command, a message to the intermediary server that initiates an establishment of the secure connection between the server agent and the intermediary server and a second command to the destination server to open an outbound port of the firewall of the destination server associated with communicating using the secure connection; [[and]]
communicating with the endpoint device via the intermediary server using at least one secure communication protocol based at least in part on establishing the secure connection with the intermediary server and opening the outbound port of the firewall of the destination server, wherein: 
the inbound port of the firewall of the destination server remains closed during the communicating, and 
the communicating comprises receiving, from an intermediary server and over the secure connection, traffic associated with a browser session of the endpoint device in accordance with a first format used by the at least one secure communication protocol, the traffic from the browser session being connected to the at least one secure communication protocol based at least in part on being converted to the first format from a second format associated with the browser session.

2.	(Previously Presented) The method of claim 1, further comprising:
establishing the secure connection between the server agent and the intermediary server based at least in part on transmitting the message, the second command, or both.

3.	(Previously Presented) The method of claim 1, further comprising:
establishing a communication path from the server agent to the intermediary server via an outbound connection through the firewall of the destination 

4.	(Previously Presented) The method of claim 1, wherein the intermediary server supports a plurality of secure communication protocols including the at least one secure communication protocol used for the communication with the endpoint device.

5.	(Original) The method of claim 4, wherein the plurality of secure communication protocols includes at least one of Secure Socket Shell (SSH), Hypertext Transfer Protocol (HTTP), Secure (HTTPS), HTTP over Secure Socket Layer (SSL), or HTTP over Transport Layer Security (TLS).

6.	(Original) The method of claim 1, wherein the message to initiate the secure connection comprises credentials associated with the server agent.

7.	(Currently Amended) A method of secure communication in a computer network at an intermediary server, comprising:
receiving, by the intermediary server, a first message from a server agent installed on a destination server, the first message comprising a first request to establish a first secure connection between the server agent and the intermediary server, wherein an inbound port of a firewall of the destination server associated with establishing the first secure connection with the destination server is closed when the first message is received, and wherein the destination server includes data targeted by an endpoint device;
receiving, by the intermediary server, a second message from the endpoint device, the second message comprising a second request to establish a second secure connection between the endpoint device and the server agent;
receiving, by the intermediary server, communications from the destination server via an outbound port of the firewall of the destination server associated with communicating using the first secure connection based at least in part on establishing 
connecting, by the intermediary server, traffic from a browser session of the endpoint device to the secure communication protocol based at least in part on establishing the first secure connection, the second secure connection, or both, wherein the connecting comprises converting a first format of the traffic to a second format used by the secure communication protocol; and
relaying, by the intermediary server, the communications received from the destination server to the endpoint device over the first secure connection and the second secure connection; wherein the relaying is based at least in part on the first message and the second message.

8.	(Currently Amended) The method of claim 7, wherein relaying the communications between the server agent and the endpoint device via the intermediary server  comprises:
using  the secure communication protocol to communicate with the server agent and a second secure communication protocol to communicate with the endpoint device.

9.	(Previously Presented) The method of claim 7, further comprising:
establishing a communication path from the server agent to the intermediary server via an outbound connection through the firewall of the destination server based at least in part on the outbound port of the firewall of the destination server being opened.

10.	(Currently Amended) The method of claim 7, further comprising:
redirecting [[a]] the browser session of the endpoint device to the intermediary server
.

11.	(Canceled)

12.	(Currently Amended) The method of claim 7, wherein the intermediary server supports a plurality of secure communication protocols including the  secure communication protocol used for the communication with the endpoint device.

13.	(Original) The method of claim 12, wherein the plurality of secure communication protocols includes at least one of Secure Socket Shell (SSH), Hypertext Transfer Protocol (HTTP), Secure (HTTPS), HTTP over Secure Socket Layer (SSL), or HTTP over Transport Layer Security (TLS).

14.	(Currently Amended) The method of claim 7, further comprising:
receiving input from the endpoint device at an authentication management console residing on the intermediary server, wherein the input selects the destination server for  communication; and
generating, by the intermediary server, a command for initiating a secure connection with the server agent based at least in part on the input, wherein the command is obtained by the server agent.

15.	(Currently Amended) A system for secure communication in a computer network, comprising:
an endpoint device;
an intermediary server; and
a destination server that includes data targeted by the endpoint device, wherein an agent is installed on the destination server and is operable to:
obtain, from a portal that is external to the destination server, a first command to initiate a secure connection with the intermediary server, wherein an inbound port of a firewall of the destination server associated with establishing 
transmit, based at least in part on the first command, a message to the intermediary server that initiates an establishment of the secure connection between the agent and the intermediary server and a second command to the destination server to open an outbound port of the firewall of the destination server associated with communicating using the secure connection; and
communicate with the endpoint device via the intermediary server using at least one secure communication protocol based at least in part on establishing the secure connection with the intermediary server and opening the outbound port of the firewall of the destination server, wherein the inbound port of the firewall of the destination server remains closed during the communicating, and 
wherein the intermediary server is operable to connect traffic from a browser session of the endpoint device to the at least one secure communication protocol based at least in part on establishing the secure connection, wherein the connecting comprises converting a first format of the traffic to a second format used by the at least one secure communication protocol.

16.	(Previously Presented) The system of claim 15, wherein the agent is further operable to:
establish the secure connection with the intermediary server based at least in part on transmitting the message, the second command, or both.

17.	(Previously Presented) The system of claim 15, wherein the agent is further operable to:
establish a communication path to the intermediary server via an outbound connection through the firewall of the destination server based at least in part on the outbound port of the firewall of the destination server being opened.



19.	(Original) The system of claim 18, wherein the plurality of secure communication protocols includes at least one of Secure Socket Shell (SSH), Hypertext Transfer Protocol (HTTP), Secure (HTTPS), HTTP over Secure Socket Layer (SSL), or HTTP over Transport Layer Security (TLS).

20.	(Previously Presented) The system of claim 15, wherein the first command to initiate the secure connection comprises credentials associated with the agent.


REASON FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance: None of the prior arts of record individually or in combination explicitly teach or fairly suggest the each and every claimed limitation of the current invention as amended by the applicant, especially the independent claim include “receiving a command to initiate a secure connection with an intermediary server at a server agent installed on a destination server that includes data targeted by an endpoint device. A message is transmitted to initiate the secure connection from the server agent to the intermediary server in response to the command. The endpoint device is communicated through the intermediary server using secure communication protocol. The destination server is directed to open an out-bound connection through a firewall of the destination server. A communication path is established from the server agent to the intermediary server through an outbound connection through a firewall of the destination server.”; in 
The dependent claims further limit the independent claims and are considered allowable on the same basis as the independent claims as well as for the further limitations set forth.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance." 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EVANS DESROSIERS whose telephone number is (571)270-5438.  The examiner can normally be reached on Monday -Thursday 7:00 am - 5:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B. Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/EVANS DESROSIERS/Primary Examiner, Art Unit 2491