DETAILED ACTION

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on January 29, 2021 has been entered.
 
Response to Arguments
Applicant's arguments (“REMARKS”) filed January 29, 2021 have been fully considered but they are not persuasive and/or now moot in view of a new ground of rejection.
Claims 1-3, 5-7, 10-17, 22, 24-29, and 31-34 are currently pending. Claims 1, 3, 5, 6, 11, 12, 22, and 25-29 were amended. Claim 8, 9, 23, and 30 were canceled. Claims 31-33 were added.

Re: Claim Objections
The objection to claim 29 has been withdrawn in response to the amendment correcting a typographical error.

Re: Rejections Under 35 U.S.C. §102
Claim Rejections - 35 USC § 102 below for details.

Re: Rejections Under 35 U.S.C. § 103
Applicant argues on pp. 9-10 that the combined teachings of Yin (US 2014/0366118) in view of Thommana fail to teach independent claim 1 as currently amended and similarly for independent claims 11 and 22. However, the Examiner respectfully disagrees. Although the scope of the independent claims have been changed, Yin still teaches the features currently presented in each of the claims. Specifically, the claims have been amended to state that a “security agent” is configured to “support the network security service”. The one or more modules in the network security gateway appliance of [Yin, fig. 2] read upon the features of the “security agent” in the claims. See Claim Rejections - 35 USC § 102 below for details.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 27-29 and 34 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Independent claim 27 recites: “an unconfigured network security agent is configured to execute…” The metes and bounds of this limitation is not clear. The term “unconfigured” appears to define a particular state of an application or software program, but this state is not clearly established in the claims nor in the specifications. For example, the “network security agent” appears to be directed to the disclosed security cloud agent 5704 in ¶¶628-629 of the PGPUB of the application (US 2018/0262533). However, none of the cited portions define specific configuration states of the security cloud agent. Furthermore, the limitations state that the network security agent is “configured to execute…” which is unclear what the limitation is attempting to further define. This is a common, if not inherent, property of any known type of software in the art. A software application or program is inherently “configured” to be executed in a computer system. 
The remaining claims are dependent on claim 27 and also fail to further clarify this issue.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-3, 6-8, 10-17, 22, 24, 25, 27, 29, and 34 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Yin (hereinafter, “Yin”), US 2014/0366118.
As per claim 1: Yin discloses: A method comprising: sending, by a computing device, a request to activate a network security service on a network security service entity external to a gateway device (requesting by a network administrator to enable cloud-based logging services (“network security service”) via a graphical interface of a network security gateway appliance (“gateway device”) [Yin, ¶¶54-56; Fig. 3]; the network administrator can access the graphical interface of the network security gateway appliance from one or more computing devices (“computing device”) [Yin, ¶38]); determining, by the computing device, that a security agent is configured to execute on the gateway device (the network security gateway appliance includes a cloud-based logging service settings module 202 that enables configuration of the cloud-based logging service to be accessible [Yin, ¶42; Fig. 2]; the cloud-; sending, by the computing device, to the gateway device, based on the sending the request, and based on the determining, an instruction to configure the security agent to support the network security service (the cloud-based logging service access module is configured to integrate the cloud-based logging service with the network security gateway appliance as per the user request [Yin, ¶¶42-44]); and receiving, by the computing device and from the network security service entity, an indication of one or more network security threats for the gateway device (the cloud-based logging services provide log reports of network log data [Yin, ¶55]; as further discussed in [Yin, ¶33], an enterprise/organization’s log data is kept).

As per claim 2: Yin discloses all limitations of claim 1. Furthermore, Yin discloses: further comprising: monitoring, after activation of the network security service, data traffic associated with one or more devices associated with the gateway device (logging network data [Yin, ¶55]); and determining, based on the monitoring, the one or more network security threats (displaying notifications and alerts of threats from the logs [Yin, ¶57]).

As per claim 3: Yin discloses all limitations of claim 1. Furthermore, Yin discloses: wherein the computing device is in a first network (computing devices are connected over a local area network (LAN) [Yin, ¶32]), and wherein the network security service entity is in a cloud network (cloud-based logging services are data traffic logging provided at a cloud accessible to users through an appropriate network appliance [Yin, ¶31]).

As per claim 6: Yin discloses all limitations of claim 1. Furthermore, Yin discloses: further comprising: sending, via the security agent, the indication of the one or more network security threats (the network security gateway appliance obtains logs and reports from the cloud-based logging service [Yin, ¶55] and displaying notifications and alerts of threats from the logs [Yin, ¶57]).

As per claim 7: Yin discloses all limitations of claim 1. Furthermore, Yin discloses: further comprising: sending, to a mobile device associated with the gateway device, data indicating (computing devices include a laptop 102a communicating with the network security gateway appliance [Yin, ¶32]): a plurality of devices, and a quantity of network security threats associated with each device of the plurality of devices over a period of time (logging and reporting of network log data, including events with timestamps, IP addresses, messages, and users [Yin, ¶¶55-58; Fig. 4]).

As per claim 8: Yin discloses all limitations of claim 1. Furthermore, Yin discloses: further comprising: sending, to a mobile device associated with the gateway device (computing devices include a laptop 102a communicating with the network security gateway appliance [Yin, ¶32]), data indicating one or more origination locations of the one or more network security threats (IP address sources [Yin, ¶58).

As per claim 10: Yin discloses all limitations of claim 1. Furthermore, Yin discloses: further comprising: receiving, from the gateway device, data transmitted or received by the one or more devices associated with the gateway device (the network security gateway appliance communicates a plurality of computing devices [Yin, ¶32; Fig. 1]); determining, based on the data transmitted or received by the one or more devices associated with the gateway device, the one or more network security threats (the network security gateway appliance is configured to integrate a range of security and monitoring technologies and also coupled to a syslog server that stores log data [Yin, ¶33]; the network security gateway appliance evaluates for threats on the network [Yin, ¶39]); and sending a notification indicative of the one or more network security threats (notifications and alerts are displayed on a GUI of the network security gateway appliance, in which is accessed through one or more computing devices [Yin, ¶57]).

As per claim 11: Yin discloses: A method comprising: determining, by a gateway device and based on one or more security features executing on the gateway device, to activate a network security service at a security device (requesting by a network administrator to enable cloud-based logging services (“network security service”) via a graphical interface of a network security gateway appliance (“gateway device”), wherein the appliance is configured to integrate a range of security and monitoring technologies and provide an API for a cloud-based logging service [Yin, ¶¶33, 54-56; Fig. 3]; the network administrator can access the graphical interface of the network security gateway appliance from one or more computing devices (“computing device”) [Yin, ¶38]); sending, by the gateway device, a request to activate the network security service (the network gateway appliance receives requests for the cloud-based logging service [Yin, ¶38]; furthermore, the cloud-based logging service can be enabled/disabled through the network security gateway appliance [Yin, ¶44]); activating, by the gateway device and based on the request, a network security agent for communication with the security device (the network security gateway appliance includes a cloud-based logging service settings module 202 that enables configuration of the cloud-based logging service to be accessible [Yin, ¶42; Fig. 2]); receiving, by the gateway device and from the network security service, an indication of one or more network security threats associated with the gateway device (the cloud-based logging services provide log reports of network log data [Yin, ¶55]; as further discussed in [Yin, ¶33], an enterprise/organization’s log data is kept).

As per claim 12: Yin discloses all limitations of claim 11. Furthermore, Yin discloses: wherein the sending comprises sending via a network security service agent associated with the network security service, and wherein the activating comprises activating, using modified firmware of the gateway device, the network security service agent (the network security gateway appliance is integrated with an API of the cloud-based logging service, such that users can access the service through the appliance [Yin, ¶¶53]).

As per claim 13: Claim 13 incorporates all limitations of claim 11 and is a method corresponding to the method of claim 7. Therefore, the arguments set forth above with respect to claims 7 and 11 are equally applicable to claim 13 and rejected for the same reasons.

As per claim 14: Claim 14 incorporates all limitations of claim 11 and is a method corresponding to the method of claim 8. Therefore, the arguments set forth above with respect to claims 8 and 11 are equally applicable to claim 14 and rejected for the same reasons.

As per claim 15: Yin discloses all limitations of claim 11. Furthermore, Yin discloses: wherein receiving the indication of one or more network security threats comprises receiving, from a security cloud network associated with the network security service, (cloud-based logging services are data traffic logging provided at a cloud accessible to users through an appropriate network appliance [Yin, ¶31]), the indication of one or more network security threats (the network security gateway appliance obtains logs and reports from the cloud-based logging service [Yin, ¶55]).

As per claim 16: Yin discloses all limitations of claim 11. Furthermore, Yin discloses: further comprising receiving, by the gateway device, and via selection of a graphical user interface option to activate the network security service, a request to activate the network security service (requesting by a network administrator to enable cloud-based logging services via a graphical interface of a network security gateway appliance [Yin, ¶¶54-56; Fig. 3]).

As per claim 17: Claim 17 incorporates all limitations of claim 11 and is a method corresponding to the method of claim 10. Therefore, the arguments set forth above with respect to claims 10 and 11 are equally applicable to claim 17 and rejected for the same reasons.

As per claim 22: Claim 22 is different in overall scope from claim 1 but recites substantially similar subject matter as claim 1. Claim 22 is directed to a non-transitory computer readable storage medium with instructions corresponding to the method of claim 1. Thus, the response provided above for claim 1 is equally applicable to claim 22.

	
As per claim 24: Claim 24 incorporates all limitations of claim 22 and is a non-transitory computer readable storage medium with instructions corresponding to the method of claim 7. Therefore, the arguments set forth above with respect to claims 7 and 22 are equally applicable to claim 24 and rejected for the same reasons.

As per claim 25: Claim 25 incorporates all limitations of claim 22 and is a non-transitory computer readable storage medium with instructions corresponding to the method of claim 3. Therefore, the arguments set forth above with respect to claims 3 and 22 are equally applicable to claim 25 and rejected for the same reasons.

As per claim 27: Yin discloses: A method comprising: determining, by a computing device, that a security service is executing on an entity external to a gateway device (enabling cloud-based logging services (“network security service”) via a graphical interface of a network security gateway appliance (“gateway device”) [Yin, ¶¶54-56; Fig. 3]; the network administrator can access the graphical interface of the network security gateway appliance from one or more computing devices (“computing device”) [Yin, ¶38]); determining, by the computing device, that an unconfigured network security agent is configured to execute on the gateway device (a cloud-based logging service settings module 202 can be configured to customize the network security gateway appliance so as to automatically provide requested network logging data from the cloud-based logging service [Yin, ¶44]); and sending, by the computing device, to the gateway device, based on determining that the security service is executing, and based on determining that the unconfigured network security agent is configured to execute, an instruction to configure the unconfigured network security agent (receiving a request from the user of the computing device to configure the settings [Yin, ¶¶44-45]).

As per claim 29: Yin discloses all limitations of claim 27. Furthermore, Yin discloses: comprising sending a request to activate the first security service (requesting by a network administrator to enable cloud-based logging services [Yin, ¶¶54-56; Fig. 3]).

As per claim 34: Yin discloses all limitations of claim 27. Furthermore, Yin discloses: further comprising sending, to the entity and based on an entitlement, an instruction to activate the security service such that the unconfigured network security agent becomes configured to enable the entitlement (registering of the user for the network security gateway appliance to enable access to the cloud-based logging service via said appliance [Yin, ¶52]; the network security gateway appliance comprises modules 202 and 204 configured to accessing and setting said cloud-based logging service [Yin, ¶¶42-46; Fig. 2])

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Yin in view of Patel et al. (hereinafter, “Patel”), US 2012/0159572.
As per claim 5: Yin discloses all limitations of claim 1. Yin does not disclose: further comprising: updating, after receiving an indication that the network security service has been activated, a profile, of a user associated with the gateway device, with information indicative of activation of the network security service. However, Patel is directed to analogous art of cloud computing security [Patel, ¶8]. Client profiles include sets of rules for accessing at least one cloud computing system resources (e.g. the cloud-based logging service in Yin) [Patel, ¶25]. A profile associated with a requestor is updated after requesting access to a resource (“updating…a profile of a user associated with the gateway device…”) [Patel, ¶¶84-87; Fig. 7].
Thus, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to incorporate access profiles to users in Yin, such as the client profiles described in Patel. The profiles would have enabled only authorized users to access the cloud-based logging services through the network security gateway appliance. Furthermore, the system would maintain the most up-to-date access profiles for users accessing the cloud-based logging services.

Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Yin in view of Hefter (hereinafter, “Hefter”), US 2012/0239729.
As per claim 26: Yin discloses all limitations of claim 1. Yin does not disclose: wherein the instruction comprises an instruction to deactivate a dynamic host configuration protocol service. However, dynamic host configuration protocol (DHCP) is a common feature found in network devices. Hefter is directed to connecting thin client devices to a virtual desktop [Hefter, ¶5]. A DHCP server module is configured to provide an IP address to the thin client device when requested. In [Hefter, ¶36], the DHCP server module can be disabled if an existing DHCP server on the network can handle this function (“deactivate a dynamic host configuration protocol service”).
Thus, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to disable any redundant services, such as DHCP, in the system of Yin. Redundant network services are inefficient, and there would be no need to have multiple DHCP services running to waste resources when only one would be suffice.

Claims 28 and 31-33 are rejected under 35 U.S.C. 103 as being unpatentable over Yin in view of Chang (hereinafter, “Chang”), US 2011/0299518.
As per claim 28: Yin discloses all limitations of claim 27. Furthermore, Yin discloses: comprising receiving, by the computing device and from the entity, an indication of one or more network security threats for the gateway device, wherein the entity comprises a network security service entity (the cloud-based logging services provide log reports of ,  Yin does not explicitly define the network security gateway appliance as a “wireless router”. However, a gateway and a router (wired or wireless) are synonymous/interchangeable terms commonly used in the computer networking arts. For example, in the background portion of [Chang, ¶3], a wireless gateway is a wireless router.
Thus, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to implement the network security gateway appliance in Yin as a wireless capable device. Wireless technology would have allowed more devices to be connected simultaneously as there are no hardware port restrictions.

As per claim 31: Yin discloses all limitations of claim 1. The same reasoning for incorporating Chang in claim 28 is also applicable to claim 31. Therefore, Yin in view of Chang disclose: wherein the gateway device comprises a wireless router (a wireless gateway is also a wireless router [Chang, ¶3]; thus, the network security gateway appliance in Yin would have also been a wireless router).

As per claim 32: Yin discloses all limitations of claim 11. The same reasoning for incorporating Chang in claim 28 is also applicable to claim 32. Therefore, Yin in view of Chang disclose: wherein the gateway device comprises a wireless router (a wireless gateway is also a wireless router [Chang, ¶3]; thus, the network security gateway appliance in Yin would have also been a wireless router).

As per claim 33: Yin discloses all limitations of claim 22. The same reasoning for incorporating Chang in claim 28 is also applicable to claim 33. Therefore, Yin in view of Chang disclose: wherein the gateway device comprises a wireless router (a wireless gateway is also a wireless router [Chang, ¶3]; thus, the network security gateway appliance in Yin would have also been a wireless router).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROBERT B LEUNG whose telephone number is (571)270-1453.  The examiner can normally be reached on Mon - Thurs: 10am-7pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG KIM can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR 

/ROBERT B LEUNG/Primary Examiner, Art Unit 2494                                                                                                                                                                                                        4-21-2021