DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 01/25/2021 has been entered.
 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.


Claims 1, 7, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Fairweather et al. (US 20180013579), in view of Lewis (US 20140033304), and in view of Yalakanti et al. (US 20190386885).
	Regarding claim 1, Fairweather teaches a network switch comprising:  2a memory to store monitored switch data;  3at least one processing core to execute threads (Fig. 1 Gateway 120, Fig. 10 computing system with memory and processor as the gateway); 
 4a sandbox manager to:  5receive a network analytic script ([0114] gateway 120 provides a script execution environment 150, [0115-0116] script execution environment 150 comprises a script manager 210 that receives scripts); wherein the analytic script comprises a first portion and a second portion ([0244] The base scripting language implements a simple but powerful threading model, as specified by the “activate concurrently” statement. [0245] The main script in the example of Listing 3 is "illustrateThreading" (first portion), which takes no parameters and concurrently activates a locally-declared subscript named "sawTooth" (second portion).  The sawTooth portion generating temperature data and the illurstrateThreading portion trigger an action when the temperature data is over 100).
perform multi-threaded of the script by creating different 9threads to execute the first and second portions of the script on two different threads ([0124], [0127] the base scripting language provides a threading metaphor that makes it easy to create a set of independent, but intercommunicating, script threads.  [0246-0247] The synchronous child thread “sawTooth” (second portion) is interacting directly and concurrently with the parent script “illustrateThreading” thread (first portion).

Lewis, in the same field of endeavor, teaches creating different sandboxes on different threads ([0023] The sandbox manager 118 enforces secure sandbox constraints on a client thread 114. [0024-0025] The client application 112 determines that the thread 114 should execute in a secure environment based on the functions called for in the thread 114. [0026] the client application 112 may generate one or more threads 114 and each thread 114 should be executed in a secure sandbox.  Thus, there are different threads corresponding to different functions or portions of code are determined to be untrusted and each thread is executed in a secure sandbox).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Fairweather to incorporate the teachings of Lewis for the script execution environment of the gateway to execute the different threads corresponding to the different portions of the script in secured sandboxes.  One would be motivated to do so to prevent the thread from executing malicious code that could cause damage to the operating system kernel and the host computing environment because the thread cannot have direct access to the operating system kernel functions (Lewis: [0014]).
Yalakanti, in the same field of endeavor, teaches a network analytic script comprise a first portion for retrieving monitored switch data and a second portion for comparing the retrieved data with a threshold and performing an action based on the comparison between the retrieved data and the threshold ([0015] a network analytics engine that is defined as a script (e.g., a Python script) and that includes the operational parameters (also referred to herein as resources) of the network device that are to be monitored (first portion).  Example resources may include CPU and memory utilization of the network device, interface status, latency, port statuses and configuration, and the like.  The network second portion).  For instance, the scripts may monitor average CPU usage and send a system log message when the CPU usage is greater than 70% for 5 minutes.  [0030]  Network device 130 may be any device used to handle data communication in a network, e.g., a node, a switch, a multiplexer, a router, an access point).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Fairweather and Lewis to incorporate the teachings of Yalakanti for the script execution environment of the gateway in Fairweather to receive a network analytic script with instructions for the gateway to monitor resource data of the gateway and instructions for performing one or more actions when certain user-defined rules are satisfied.  The gateway then executes the monitoring function in thread and executes the action function in a different thread and each thread is executed in a secured sandbox as taught by Fairweather and Lewis.  One would be motivated to do so to write script to monitor resources of a network device and take actions when certain user-defined rules are satisfied (Yalakanti: [0015]).
Claim 7 is rejected under the same basis as claim 1.
Claim 15 is rejected under the same basis as claim 1.

Claims 2, 5, 8, 9, 12, 16, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Fairweather et al. (US 20180013579), in view of Lewis (US 20140033304), in view of Yalakanti et al. (US 20190386885), and in view of Bastien et al. (US 9189375).
Regarding claim 12, the combination of Fairweather, Lewis, and Yalakanti teaches all the limitations of claim 1 however it does not teach a scheduler to monitor execution of a particular first sandbox on a 3particular thread and to instantiate a second sandbox of the network analytic 4script or 
Bastien, in the same field of endeavor, teaches the sandbox manager 2comprises a scheduler to monitor execution of a particular first sandbox on a 3particular thread (10:1-6 After selecting the appropriate sandboxing methods and, if applicable, zone transfer safety rules, the sandbox implementer 104 causes execution of the software 202 using the selected sandboxing methods. In some implementations, the execution of the software 202 may be monitored, e.g., by a user, the sandbox implementer, or another system, to identify potential problems with the software 202) and to instantiate a second sandbox of the network analytic 4script or another network analytics script on the particular thread based upon a sstate of the execution of the particular first sandbox (1:53-58 execution of the software may transfer from one zone to another zone, wherein each zone is associated with a sandbox (3:31-40). (7:13-22) enforcing zone transfer rules include observing contracts at the entrance and/or exit of a zone, such as resetting or re-sandboxing certain registers (instantiate a second sandbox for a second zone when the sandbox for the first zone is completed).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Fairweather, Lewis, and Yalakanti to incorporate the teachings of Bastien for the script execution environment of the gateway to monitor execution of a first sandbox for executing a script function on a thread and to resetting or re-sandboxing certain registers when the first sandbox is completed to instantiate a second sandbox for another function of the script.  One would be motivated to do so to identify different sandboxing methods for a software and execute the software using the different sandbox methods (Bastien: 1:39-45).


Bastien, in the same field of endeavor, teaches differently instantiate different sandboxes on different threads based upon different types of script portions to be executed by the different sandboxes (8:10-22 The sandbox implementer 104 identifies software characteristics for different sets of program instructions (type of script portions) and (8:23-30) identifies which sandbox method is for each software characteristic.  Thus the sandbox implementer instantiates different sandboxes for different software characteristics correspond to different sets of program instructions).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Fairweather, Lewis, and Yalakanti to incorporate the teachings of Bastien for the script execution environment of the gateway to identify characteristics for different set of program instructions in the user script and identify which sandbox method is for each characteristic.  One would be motivated to do so to using sandbox methods that have been heuristically determined to be good candidates for the particular software characteristics being sandboxed may result in less overhead than using a sandbox method that does not take software characteristics into account. (Bastien: 2:22-29).

	Claim 8 is rejected under the same basis as claim 2.
	Claim 9 is rejected under the same basis as claim 2.
	Claim 12 is rejected under the same basis as claim 5.
	Claim 16 is rejected under the same basis as claim 2.
	Claim 19 is rejected under the same basis as claim 5.

Claims 3, 10, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Fairweather et al. (US 20180013579), in view of Lewis (US 20140033304), in view of Yalakanti et al. (US 20190386885), in view of Bastien et al. (US 9189375), and in view of Rajgopal et al. (US 20140115646).
Regarding claim 13, the combination Fairweather, Lewis, Yalakanti, and Bastien teaches all the limitations of claim 2 however it does not explicitly teach to 2balance sandbox load across the threads.
Rajgopal, in the same field of endeavor, teaches balance sandbox load across threads ([0032] container-based virtualization allows a kernel to run with a plurality of isolated virtual machines or virtual environments installed on top of it.  [0046] the SMP Linux kernel 600 can perform load balancing for processes in both virtual machines (sandbox load) across multiple CPU threads or cores).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Fairweather, Lewis, Yalakanti, and Bastien to incorporate the teachings of Rajgopal for the script executing environment of the gateway to balance the processes in the sandboxes across multiple CPU threads.  One would be motivated to do so to achieve maximum performance (Rajgopal [0046]).
	Claim 10 is rejected under the same basis as claim 3.
	Claim 17 is rejected under the same basis as claim 3.

Claims 4, 11, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Fairweather et al. (US 20180013579), in view of Lewis (US 20140033304), in view of Yalakanti et al. (US 20190386885), and in view of Yamakawa (US 20180239646).
Regarding claim 14, the combination of Fairweather, Lewis, and Yalakanti teaches all the limitations of claim 1 however it does not explicitly teach to instantiate a total number of sandboxes on the threads less than a maximum 3number of sandboxes based upon a number of cores and a number of threads 4executed by the cores.
2instantiate a total number of sandboxes on the threads less than a maximum 3number of sandboxes based upon a number of cores and a number of threads 4executed by the cores ([0066] The maximum value of the number of virtual machines (sandboxes) in the case of CPU bound is set as a value corresponding to the number of logic core, the number of physical core, and the number of logic threads of a CPU).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Fairweather, Lewis, and Yalakanti to incorporate the teachings of Yamakawa for the script executing environment of the gateway to create a total number of sandboxes less than the maximum value based on the number of logic core, the number of physical core, and the number of logic threads of a CPU as different CPU has different characteristics that can be used for virtualization (Yamakawa [0066]).	

	Claim 11 is rejected under the same basis as claim 4.
	Claim 18 is rejected under the same basis as claim 4.
	

Claims 6, 13-14, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Fairweather et al. (US 20180013579), in view of Lewis (US 20140033304), in view of Yalakanti et al. (US 20190386885), and in view of Magee et al. (US 20150347743).
Regarding claim 6, the combination of Fairweather, Lewis, and Yalakanti teaches all the limitations of claim 1 and further teaches wherein the sandbox manager is to instantiate different sandboxes for different call back portions of the script (Lewis: [0026] the client application 112 may generate one or more threads 114. For example, each thread 114 is an instance generated from the execution of at least one task or operation (different call back portions) for the client application 112.  The client application 112 therefore initiates execution of the thread 114 in the secure sandbox).  
	Magee, in the same field of endeavor, teaches  assigning priority weights to different call back portions of different scripts ([0019] plurality of threads (different call back portions) belonging to plurality of processes (scripts) and group of the threads may be identified to be associated with a particular one of the activities with highest priority based on the priority order. A thread may be selected from the identified threads for next scheduled execution in the processors) and execute different threads of different call back portions in an order based on the priority ([0162] Activity priority management module 837 can assign an ordering relationship among different activities (or activity ids) via, for example, configuration settings or runtime states. An activity id based thread group may be selected for execution based on the ordering relationship (priority of threads) provided via activity priority management module 837).  
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Fairweather, Lewis, and Yalakanti to incorporate the teachings of Magee for the script executing environment of the gateway to instantiate the sandboxes for the different instruction sets based on the priority assigned to the instruction sets.  One would be motivated to do so to determine when a thread is to be given processor time and a group of threads associated with the same activity may be schedule together (Magee [0136]).
	
Claim 13 is rejected under the same basis as claim 6.

Regarding claim 114, the combination of Fairweahter, Lewis, Yalakanti, and Magee teaches all the limitations of claim 12 and further teaches  assigning a priority weight to a call back portion of script based upon an alert triggering (Magee: [0019] plurality of threads (different call back portions) scripts) and group of the threads may be identified to be associated with a particular one of the activities with highest priority based on the priority order. A thread may be selected from the identified threads for next scheduled execution in the processors.  [0099] An activity may include processing operations caused by, for example, a network event or other applicable trigger detected by the system (an alert)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Fairweather, Lewis, and Magee to further incorporate the teachings of Magee for the script executing environment of the gateway to assign priority weight to an instruction set based on a network event or other applicable trigger detected.  One would be motivated to do so to determine when a thread is to be given processor time and a group of threads associated with the same activity may be schedule together (Magee [0136]).

Claim 20 is rejected under the same basis as claim 6.

Response to Arguments
Applicant’s arguments, filed on 01/25/2021, with respect to claim rejections under section 103 that Fairweather does not discloses a script with two parts have been considered but are not persuasive. Fairweather discloses a threading model where the main script using the activate concurrently statement to execute a function of the script in a thread parallel from the main thread ([0244-0246]).  The example in Listing 3 discloses a script comprising a illustrateThreading portion and a sawTooth portion.  The main script “illustrateThread” concurrently activates a locally-declared subscript name “sawTooth” and the sawTooth portion is executed in a completely parallel thread from the main script “illustrateThreading” thread.  Although in the example provided in paragraphs [0731-0733] describe creating a logging script for monitoring temperature data and an alerting script to determine if the temperature is outside of the normal operating range then triggers an alarm, it is obvious to one ordinary skill in the art that the monitoring function and the alerting function could be written in one script instead of two different scripts, such as in the example in Listing 3 in paragraphs [0244-0246] or as discloses by the prior art Yalakanti.  Thus, the script execution environment in the gateway of Fairweather could execute different functions/portions of a script in different threads.  Lewis discloses execution of a thread in a secure sandbox to prevent the thread from executing malicious code that could cause damage to the host computing environment.  Therefore the combination of the prior art teaches perform multi-threaded sandboxing of the network analytics script by creating different sandboxes on different threads to execute the first and second portions of the network analytics script on two different threads.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Dutt et al. (US 20040078538) discloses scheduling a plurality of blocks of concurrent code for multi-threaded execution (abstract, Fig. 2-3).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to LAM H DUONG whose telephone number is (571)270-3145.  The examiner can normally be reached on M-F 7:00AM-3:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thu Nguyen can be reached on 5712726967.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/THU V NGUYEN/Supervisory Patent Examiner, Art Unit 2452