Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 - 18 are rejected under 35 U.S.C. 103 as being unpatentable over Newman (US-20060218639-A1) in view of Nicodemus (US-20070143851-A1).
	Regarding claim 1, Newman shows a method for assessing security on a network, the method comprising: 	causing a plurality of agents (Fig. 1 items 24) on a plurality of computing devices  (Fig. 1 items 10) on the network (Fig. 1 item 16) to:	execute a plurality of security tests on a plurality of properties of the network or the  presenting the overall network security score in combination with the representations of the plurality of security test scores ([780-786, 1142] and Tables 4 – 6).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network security assessment techniques of Newman with 
	Regarding claim 2, Newman in view of Nicodemus further show determining, by the network security assessment engine, a security category score based, at least in part, on a subset of the plurality of security test scores having a similarity to each other such that the subset of security test scores comprise a security category (Nicodemus, [732]), wherein said determining the overall network security score includes determining, by the network security assessment engine, the overall network security score based, at least in part, on the security category score (Nicodemus, [780-786, 843]).
	Regarding claim 3, Newman in view of Nicodemus further show wherein said presenting the representation of the overall network security score in combination with the representations of the plurality of security test scores includes presenting an indicator of an impact of each of the security category Page 27 of 33 DocID: 4851-8893-8369.4Inventors: Alain Sauve, et al.Docket No. 517284.10335 Title: Computer Network Security Assessment Enginescores on the overall network security score (Nicodemus, [780-786] and Tables 4 – 6).
	Regarding claim 4, Newman in view of Nicodemus further show wherein said presenting the representation of the overall network security score in combination with the representations of the plurality of security test scores includes presenting an indicator of an impact of each of the subset of the plurality of security test scores associated with the security category on the security category score (Nicodemus, [780-786, 843].
	Regarding claim 5, Newman in view of Nicodemus further show wherein the security category is at least one of an antivirus security category (Nicodemus, [240-248,655,732]) and a patch security category (Nicodemus, [144-145, 247, 256, 264]).
	Regarding claim 6, Newman in view of Nicodemus further show wherein the plurality of properties of the network or computing devices through which security of the network is compromisable includes antivirus software properties (Nicodemus, [240-246]), firewall properties, network secure authentication properties (Nicodemus, [249-258]), network authentication and encryption properties, network name properties, network password properties, automatic update properties, software update properties, software patch properties, domain user account properties, local user account properties, domain properties, local account properties (Newman, [47]), and combinations thereof.
	Regarding claim 7, Newman shows a system (Fig. 1, server 14 containing security control manager 21), comprising:	a network interface configured to communicatively connect the system to a network (Fig. 1, the connections to INTRANET 16); 	at least one processor connected to the network interface by a bus (Fig. 1, implicit in server 14); and	at least one non-transitory computer-readable storage medium connected to the network interface and the at least one processor by the bus (Fig. 1, implicit in server 14, see also [27]),	wherein the at least on non-transitory computer-readable storage medium stores one or more processor-executable instructions that, when executed by the at least one processor,  wherein the system is connected to a wide area network ([96] and Fig. 1, where host system is connected to the Internet 108), the agents are connected to a local network ([678-685] discussing end user’s being connected to a corporate LAN), and the local network is communicatively coupled to the wide area network via a router ([461-463] where a user computer has both a connection to a corporate LAN and a broadband (i.e., internet) connection, further discussion of network access and router use is provided in [9 and 1174], e.g.,); and
	presenting the overall network security score in combination with the representations of the plurality of security test scores ([780-786, 1142] and Tables 4 – 6).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network security assessment techniques of Newman with the security testing and display of Nicodemus in order to better inform the network administrator or network device users of the status of their devices and how security is impacted by their operating conditions.	
Regarding claims 8 and 14, the limitations of said claims are addressed in the analysis of claim 2.
Regarding claims 9 and 15, the limitations of said claims are addressed in the analysis of claim 3.
Regarding claims 10 and 16, the limitations of said claims are addressed in the analysis of claim 4.
Regarding claims 11 and 17, the limitations of said claims are addressed in the analysis of claim 5.
Regarding claims 12 and 18, the limitations of said claims are addressed in the analysis of claim 6.
Regarding claim 13, the limitations of said claim are addressed in the analysis of claim 1.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Such relevant art includes:	Kurtz (US-20030217039-A1) – Kurtz discusses analysis a device’s relative security state and presenting the results to end-users and network administrators. Overall security as well as device and category specific security scores are provided ([91] and pgs. 46-47).	Vallone (US-20160134653-A1) – Vallone provides a network-based security analysis system. Test agents are deployed to endpoint computers in order to run security tests (Fig. 2B, Fig. 6).	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN M MACILWINEN whose telephone number is (571)272-9686.  The examiner can normally be reached on Monday - Friday, 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, WILLIAM TROST can be reached on (571)272-7872.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


JOHN MACILWINEN
Primary Examiner
Art Unit 2442



/JOHN M MACILWINEN/Primary Examiner, Art Unit 2442