DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment / Arguments
Regarding claims rejected under 35 USC 103:
Applicant’s arguments have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Braslavsky (US 2009/0234953 A1).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-3, 8-10, 15-16, and 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cui (US 2018/0210750 A1) in view of Wen (US 2016/0378529 A1), Alexander (US 2017/0171197 A1), and Braslavsky (US 2009/0234953 A1).

Regarding claim 1, Cui discloses: A method, comprising: 
causing a virtual machine execution environment to be executed by a host device, wherein the virtual machine execution environment comprises a hypervisor (e.g., the hypervisors in FIG. 1 and 3 of Cui) and a hypervisor management component (e.g., the hypervisor managers in FIG. 1 and 3 of Cui), the hypervisor management component configured to communicate with a remotely executed hypervisor management service over a network connection (e.g., the SDN controller(s) / Data Center Management in FIG. 1 and 3 of Cui); 
Refer to at least FIG. 1, FIG. 3, [0008], and [0013]-[0014] of Cui with respect to hypervisors in communication with hypervisor managers and SDN controller(s).
causing a first virtual machine to be executed within the virtual machine execution environment; 
Refer to at least FIG. 1 and 3 of Cui with respect to virtual machines executing via their associated hypervisors. 
identifying a hypervisor network profile associated with the remotely executed hypervisor management service, the hypervisor network profile specifying a first network configuration for the first virtual machine, the first network configuration specifying configuration properties for a tunnel connection; and 
Refer to at least the abstract, [0015]-[0017], [0019], [0022]-[0023], and [0031] of Cui with respect to creating a unified topology via the SDN controller(s) and its distribution to virtual switches via the hypervisor managers. 
routing network traffic associated with the first virtual machine through the tunnel connection onto the private network without installing a VPN client and without configuring routing or security logic on the first virtual machine.
Refer to at least [0017]-[0018], [0020], and [0027] of Cui with respect to the virtual switches providing means for the virtual machines to communicate with each other.  
Cui discloses, e.g., VXLAN encapsulation, but Cui does not specify: virtual private network (VPN); VPN. Cui further does not disclose: extracting, from the hypervisor network profile, authentication parameters of a particular user account specified within the hypervisor network profile that provides access to a private network, wherein the authentication parameters can authenticate the particular user account to the private network; authenticating the hypervisor to a VPN tunnel server using the authentication parameters. 
However, Cui in view of Wen discloses: virtual private network (VPN); VPN; authenticating the hypervisor to a VPN tunnel server using the authentication parameters;
Refer to at least FIG. 3, [0026], and [0042] of Wen with respect to a hypervisor and VPN gateway for providing VPN services to VMs managed by the hypervisor. The hypervisor is configured to negotiate a security key with the VPN gateway, among other information. 
Further, Cui-Wen in view of Alexander discloses: extracting, from the hypervisor network profile, authentication parameters;
Refer to at least [0047]-[0052] of Alexander with respect to verifying a hypervisor based on stored credentials before establishing a secure connection with the hypervisor.
Finally, Cui-Wen-Alexander in view of Braslavsky discloses: of a particular user account specified within the hypervisor network profile that provides access to a private network, wherein the authentication parameters can authenticate the particular user account to the private network.
Refer to at least [0027], [0029], [0040], and [0047]-[0050] of Braslavsky with respect to a connection manager operable to provide multiple VPN configurations to respective VPN 
The teachings of Cui, Wen, and Alexander concern hypervisor-based networking and topologies, and are considered to be within the same field of endeavor and combinable as such. The teachings of Braslavsky concern setting up VPNs and VPN configurations, and are considered to be combinable with those of Cui, Wen, and Alexander concerning network domains and private networks. 
Therefore, it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Cui to include remote VPN functionality because the substitution of one known element for another (the encapsulation / tunnel used) would have yielded predictable results to one of ordinary skill in the art at the time (i.e., [0027] of Cui concerning encapsulation; [0026] and [0042] of Wen concerning a remote gateway and IPSec). It further would have been obvious to modify the teachings of Cui-Wen to include VPN configuration and hypervisor verification for at least the purpose of securing communications and for the reasons specified in [0008] and [0033] of Wen; [0079] of Alexander. Finally, it would have been obvious to include VPN account information as part of the VPN configuration because the substitution of one known element for another (configuration data) would have yielded predictable results to one of ordinary skill in the art at the time (i.e., the cited portions of Braslavsky concerning exemplary configuration information).

Regarding claim 2, Cui-Wen-Alexander-Braslavsky discloses: The method of claim 1, wherein the hypervisor network profile specifies the authentication parameters for the VPN tunnel connection.
Refer to at least [0029] and [0048] of Braslavsky with respect to VPN credentials as part of a configuration. 
This claim would have been obvious for substantially the same reasons as claim 1 above.

Regarding claim 3, it is rejected for substantially the same reasons as claim 2 above (i.e., the citations to Braslavsky concerning a username and passwords).

Regarding independent claim 8, it is substantially similar to independent claim 1 above, and is therefore likewise rejected (i.e., the citations). 

Regarding claims 9-10, they are substantially similar to claims 2-3 above ,and are therefore likewise rejected.

Regarding independent claim 15, it is substantially similar to independent claim 1 above, and is therefore likewise rejected (i.e., the citations). 

Regarding claim 16, it is substantially similar to claim 2 above, and is therefore likewise rejected.

Regarding claim 21, Cui-Wen-Alexander-Braslavsky discloses: The method of claim 1, wherein identifying the hypervisor network profile associated with the remotely executed hypervisor management service comprises the hypervisor network profile being provided for the hypervisor management component to enforce on the hypervisor.
Refer to at least [0017] and [0019] of Cui with respect to the configuration information being distributed to vSwitches managed by their respective hypervisor managers.

Claims 4-5, 7, 11-12, 14, 16-17, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cui-Wen-Alexander-Braslavsky as applied to claims 1-3, 8-10, 15-16, and 21 above, and further in view of Chang (US 2017/0099188 A1).

Regarding claim 4, Cui-Wen-Alexander-Braslavsky broadly discloses network configuration, but does not specifically disclose: wherein the hypervisor network profile specifies the VPN tunnel server through which the network traffic should be routed onto the private network.. However, Cui-Wen-Alexander-Braslavsky in view of Chang discloses: wherein the hypervisor network profile specifies the VPN tunnel server through which the network traffic should be routed onto the private network.
Refer to at least the abstract, FIG. 2B-3, and [0037]-[0040] of Chang with respect to tunneling and routing traffic through tunnel(s).
The teachings of Cui-Wen-Alexander-Braslavsky broadly concern network profiles for virtual machines. The teachings of Chang concern network profiles for allowing direct tunnels; virtual machines. As such, these teachings are considered to be combinable. 
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Cui-Wen-Alexander-Braslavsky to include support for VPN tunnel parameters for at least the purpose of increasing compatibility with additional VPN systems. 

Regarding claim 5, it is rejected for substantially the same reasons as claim 4 above.

Regarding claim 7, it is rejected for substantially the same reasons as claim 4 above (e.g., at least FIG. 3 and [0037]-[0038] of Chang).

Regarding claims 11-12 and 14, they are substantially similar to claims 4-5 and 7 above, and are therefore likewise rejected.

.

Claims 6, 13, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cui-Wen-Alexander-Braslavsky as applied to claims 1-3, 8-10, 15-16, and 21 above, and further in view of Christensen (US 9,087,001 B1).

Regarding claim 6, Cui-Wen-Alexander-Braslavsky does not fully disclose: wherein executing the first virtual machine within the virtual machine execution environment further comprises generating the first virtual machine from a first virtual machine configuration associated with the remotely executed hypervisor management service. However, Cui-Wen-Alexander-Braslavsky in view of Christensen discloses: wherein executing the first virtual machine within the virtual machine execution environment further comprises generating the first virtual machine from a first virtual machine configuration associated with the remotely executed hypervisor management service.
Refer to at least the abstract, [0008], and [0022]-[0023] of Cui with respect to associating virtual machines with the topology.
Refer to at least the abstract, Col. 1, Ll. 41-56, and FIG. 4 of Christensen with respect to creating / booting virtual machines and their associated settings.
The teachings of Christensen concern virtual machines and associated configuration, and are considered to be combinable with those of Cui-Wen-Alexander-Braslavsky concerning the same. Further, these teachings are considered to be within the same field of endeavor. 
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Cui-Wen-Alexander-Braslavsky to include creating / booting virtual machines and their associated network settings for at least the reasons discussed in Col. 1, 57-Col. 2, Ll. 7 and Col. 8, Ll. 15-23 of Christensen. 

Regarding claims 13 and 19, they are substantially similar to claim 6 above, and are therefore likewise rejected.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VADIM SAVENKOV whose telephone number is (571)270-5751.  The examiner can normally be reached on 12PM-8PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432                                                                                                                                                                                                        




/V.S/Examiner, Art Unit 2432