Notice of Allowance 
	This communication is in response to amendments filed on 03/15/2021. After thorough search, prosecution history, applicant’s remarks, and in view of prior arts of record, claims 1, 3-9, 11-16, 18-20 are allowed.
EXAMINER’S AMENDMENT
	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
	Authorization for this examiner’s amendment was given by Jacob P. Beers (Reg. No. 68,574) during an interview conducted on 04/13/2021.
The application has been amended as follows: 
1.  (Currently Amended) A method implemented in a cloud network, the method comprising:
 receiving a Domain Name System (DNS) request; 
determining, based on a policy associated with the DNS request, whether the DNS request is to be surrogated, the policy defining which types of DNS requests are to be surrogated based on  1) a DNS request arriving where surrogation is possible and a direct server return is not possible, 2) a DNS request arriving where surrogation is possible and a direct server return is possible, 3) an ordinary DNS request, 4) a DNS request arriving that must be surrogated where a direct server return is not possible, and 5) a DNS request arriving that is must be surrogated where a direct return is possible;

 responsive to DNS resolution performed by the surrogate, providing the result of the DNS resolution as a response to the DNS request.  

2. 	(Canceled)  

3.	 (Original) The method of claim 1, wherein the surrogate provides the result to the DNS request independent of a device receiving the DNS request.  

4. 	(Original) The method of claim 1, wherein the surrogate is determined based on the policy.  
5. 	(Original) The method of claim 1, wherein the surrogate is determined based on a location of a user device associated with the DNS request.  

6.	 (Original) The method of claim 1, wherein the surrogate is configured to provide a request to an authoritative DNS server associated with a domain name of the DNS request.  


8. 	(Original) The method of claim 1, wherein the service from the cloud network comprises security monitoring.  

9. 	(Currently Amended) A Domain Name Server (DNS) system in a cloud network, comprising: 
a network interface; 
a processor communicatively coupled to the network interface; memory storing instructions that, when executed, cause the processor to: 
receive a DNS request; 
determine, based on a policy associated with the DNS request, whether the DNS request is to be surrogated, the policy defining which types of DNS requests are to be surrogated based on 1) a DNS request arriving where surrogation is possible and direct server is not possible, 2) a DNS request arriving where surrogation is possible and a direct server return is possible, 3) an ordinary DNS request, 4) a DNS request arriving that must be surrogated where a direct server return is not possible, and 5) a DNS request arriving that is must be surrogated where a direct server return is possible; and 
relay, responsive to the determination that the DNS request is to be surrogated, the DNS request to a surrogate of a plurality of surrogates , wherein the surrogate resolves the DNS request by performing recursion to determine a result of the DNS resolution, wherein one or 
 wherein, responsive to DNS resolution performed by the surrogate, the result of the DNS resolution is provided as a response to the DNS request.  

10. 	(Canceled)  

11. 	(Previously Presented) The DNS system of claim 9, wherein the surrogate provides the result to the DNS request independent of a device receiving the DNS request.  

12.	 (Previously Presented) The DNS system of claim 9, wherein the surrogate is determined based on a location of a user device associated with the DNS request.  

13. 	(Previously Presented) The DNS system of claim 9, wherein the surrogate is configured to provide a request to an authoritative DNS server associated with a domain name of the DNS request.  

14.	 (Previously Presented) The DNS system of claim 9, wherein the result of the DNS resolution is based on a location or source Internet Protocol address of the surrogate instead of based on a DNS server performing the receiving.  

15. 	(Previously Presented) The DNS system of claim 9, wherein the service from the cloud network comprises security monitoring.  

16. 	(Currently Amended) A user device configured to receive a service from a cloud network, comprising:
 a network interface; 
a processor communicatively coupled to the network interface; 
memory storing instructions that, when executed, cause the processor to: 
communicate with the cloud network for the service provided by the cloud network; receive, responsive to a Domain Name Server (DNS) request received by the cloud network and responsive to a determination, based on a policy associated with the DNS request, that the DNS request is to be surrogated, wherein the policy defines which types of DNS requests are to be surrogated and includes evaluation of status of the surrogate and location, the types of DNS requests that are to be surrogated based on 1) a DNS request  arriving where surrogation is possible and a direct server return is not possible, 2) a DNS request arriving where surrogation is possible and a direct server return is possible, 3) an ordinary DNS request, 4) a DNS request arriving that must be surrogated where  a direct server return is not possible, and 5) a DNS request arriving that is must be surrogated where a direct server return is possible, a DNS surrogation request from the cloud network, wherein the user device is user equipment associated with a user that is configured for use of the service and is 
 perform a DNS resolution of the DNS request including recursion to determine a result of the DNS resolution; and provide a result of the DNS resolution as a response to the DNS request.  

17.	 (Canceled)  

18.	 (Original) The user device of claim 16, wherein the user device provides the result to the DNS request independent of a device receiving the DNS request.  

19.	 (Original) The user device of claim 16, wherein the DNS surrogation request is determined based on a location of a user device associated with the DNS request.  

20	. (Original) The user device of claim 16, wherein the result of the DNS resolution is based on a location or source Internet Protocol address of the user device instead of based on a DNS server which received the DNS request.   

Reasons for Allowance

 The following is an examiner’s statement of reasons for allowance: 
The prior art of record Slocombe (US 2003/0079027) teaches transmitting a DNS request to one plurality distributed local DNS system based on routing algorithm and shortest path of 
The prior art of record Karasaridis (US 2012/023153) teaches a forwarding rule for DNS request for determining corresponding regional DNS server  from plurality of regional DNS servers for the requested DNS. 
The prior art of record Gardner (US 2011/0191455) teaches a cloud based DNS security service and client devices configured to communicate with the cloud based DNS security service. The client devices also configured for locally resolving a DNS query without sending the query over the network.
The prior art of record do not teach or suggest “the policy defining which types of DNS requests are to be surrogated based on  1) a DNS request arriving where surrogation is possible and a direct server return is not possible, 2) a DNS request arriving where surrogation is possible and a direct server return is possible, 3) an ordinary DNS request, 4) a DNS request arriving that must be surrogated where a direct server return is not possible, and 5) a DNS request arriving that is must be surrogated where a direct return is possible” as presented in claims 1, 9 and 16.
-2-PATENT U.S. Patent Application No. 15/713,132 An updated search of a prior art produce no reference to teach or suggest the above claimed features. Attorney Docket No. 20170357Therefore, the above claim features with combination of other features in claims 1, 9, and 16 are allowed over the prior art of record.
Dependent claims are allowed over the prior art of record by virtue of their dependency form the independent claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TESFU N MEKONEN whose telephone number is (571)270-0587.  The examiner can normally be reached on Monday - Friday, 8:00 AM to 4:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on 5712703037.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/TESFU N MEKONEN/Examiner, Art Unit 2454


/UMAR CHEEMA/Supervisory Patent Examiner, Art Unit 2454