DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 01/29/2020, 05/07/2020, 08/13/2020, 11/09/2020, 12/11/2020 and 03/08/2021 have been placed in record and considered by the examiner.

Abstract Objection
The Abstract of the disclosure is objected to because it is more than 150 words.
The length of the abstract should be limited to 150 words. See MPEP 1302.01.

Claim Objections
Claim 13 is objected to because of the following informalities:  
In line 9, “severs” should read as “servers”.
Appropriate correction is required.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all 

Claims 1-4, 11-14 and 18-19 are rejected on the ground of nonstatutory double patenting as being anticipated by claims 1, 3-6, 10, 16 and 18-20 of co-pending US PgPub 20210067374 (US Patent Application 16662531).
Although the conflicting claims are not identical, they are not patentably distinct from each other because the claimed limitations are similar in scope with obvious wording variations.

Instant Application 16662570
US PgPub 20210067374
1. A method of operating a virtual network for a entity over a set of two or more public cloud datacenters, the method comprising: deploying a larger, first virtual network over the set of the public cloud datacenters, said first virtual network using at least a particular forwarding element near an Internet backbone; deploying, for the entity, a smaller, second virtual network over a subset of the public cloud datacenters that does not include all the public cloud datacenters in the set; using the second virtual network to forward a first set of data message flows associated with machines of the entity outside of the public cloud datacenters; using the first virtual network including the particular forwarding element near the Internet backbone to forward a second set of data message flows associated with machines of the entity outside of the public cloud datacenters. 



3. The method of claim 2 further comprising performing a second set of path searches to identify at least a first path that uses the particular forwarding element near the Internet backbone that is a better alternative to a second path in the first set of paths. 

4. The method of claim 3, wherein using the first virtual network comprises using the first path in place of the second path to forward at least one data message flow in the second set of data message flows. 

5. The method of claim 3 further comprising: based on the identification of the first path, providing a recommendation to the entity to use the particular forwarding element; wherein using the first virtual network comprises using the first path in place of the second path to forward at least one data message flow in the second set of data message flows, after the entity accepts the recommendation. 

6. The method of claim 5, wherein: providing the recommendation comprises providing the recommendation after deploying and configuring the set of forwarding elements in the subset of public cloud datacenters to implement the 

7. The method of claim 5, wherein providing the recommendation comprises providing the recommendation before deploying and configuring the set of forwarding elements in the subset of public cloud datacenters to implement the second virtual network; and 

8. The method of claim 3 further comprising: before performing the second set of path searches, receiving a preference setting from the entity to use forwarding elements near the Internet backbone when the use of such forwarding elements improves a forwarding of a data message flow for the entity; wherein using the first virtual network comprises using the first virtual network based on the preference setting. 

9. The method of claim 3 further comprising: configuring, based on the identified first set of paths, a first set of forwarding elements in the subset of public cloud datacenters, said first set of paths including the second path, which is used to configure a first forwarding element in the first set of forwarding elements; and configuring the particular forwarding element to implement the first path and configuring a second forwarding element in the first set of forwarding elements to forward at least one data message flow in the second set of data message flows to the particular forwarding element; reconfiguring the first forwarding element to no longer implement the second path. 

10. The method of claim 3, wherein the configured set of forwarding elements is a first set of forwarding elements; the particular forwarding element is part of a second set of forwarding elements that are shared forwarding elements used to forward data message flows associated with multiple different entities that are tenants of a virtual network provider that deploys the forwarding elements for the different entities; the first set of forwarding elements are dedicated forwarding elements deployed by the virtual network provider for the entity in order to forward data message flows associated with the particular entity and no other tenant of the virtual network provider. 

11. The method of claim 1, wherein the particular forwarding element is in a datacenter near the Internet backbone. 

12. The method of claim 1, wherein the particular forwarding element is in a datacenter that is part of the Internet backbone. 

13. A system for operating a virtual network for a entity over a set of two or more public cloud datacenters, the system comprising: a first set of managed forwarding elements deployed in a set of public cloud datacenters (PCDs) to implement a first virtual network over the PCD set, the first set of managed forwarding elements comprising a particular forwarding element near an Internet backbone; a second set of managed forwarding elements deployed, for the entity, in a subset of the PCDs that does not include all the PCDs in the PCD set in order to implement a second virtual network for the entity; a set of severs to configure the subset of PCDs to forward a first set of data message flows associated 

14. The system of claim 13, wherein the entity identifies the subset of PCDs, and the server set performs a first set of path searches to identify a first set of paths through the subset of PCDs to connect external machines of the entity, and performs a second set of path searches to identify at least a first path that uses the particular forwarding element near the Internet backbone that is a better alternative to a second path in the first set of paths. 

15. The system of claim 14, wherein after identifying the first path, the server set provides a recommendation to the entity to use the particular forwarding element, and configures the particular forwarding element to implement the first path after the entity accepts the recommendation. 

16. The system of claim 15, wherein the server set provides the recommendation after configuring the second set of managed forwarding elements in the subset of PCDs to implement the second virtual network including the second path. 

17. The system of claim 15, wherein the server set provides the recommendation before configuring the second set of managed forwarding elements in the subset of PCDs to implement the second virtual network. 



19. The system of claim 13, wherein the particular forwarding element is in a datacenter that is part of the Internet backbone.




3. The method of claim 1, wherein defining the larger, first virtual network comprises deploying and configuring a first set of forwarding elements in the larger, first set of the public cloud datacenters; defining the smaller, second virtual network comprises deploying and configuring a second set of forwarding elements in the smaller, second set of the public cloud datacenters; using the second virtual network comprises using forwarding elements in the second set to forward the first set of data messages; using the first virtual network comprises using forwarding elements in the first set to forward the second set of data messages. 

4. The method of claim 3, wherein the forwarding elements in the first set of forwarding elements are shared forwarding elements that are used to forward data message flows for multiple entities, while the forwarding elements in the second set of forwarding elements are dedicated forwarding elements that are used to forward data message flows for the particular tenant. 

5. The method of claim 1, wherein a first set of forwarding elements in the first set of public cloud datacenters implement the first virtual network and a second set of forwarding elements in the second set of public cloud datacenters implement the second virtual network, and the detected condition is congestion at a particular forwarding element used to implement the second virtual network. 

6. The method of claim 5 further comprising collecting statistics regarding data message flows processed by the second set of forwarding elements; based on the collected statistics, determining that a particular forwarding element in the second set of forwarding elements is congested; wherein using the first virtual network comprises redirecting a set of the data message flows away from the particular forwarding element to a forwarding element in a first set of forwarding elements. 

7. The method of claim 6, wherein redirecting the set of the data message flows comprises configuring a load balancer to redirect the set of the data message flows away from the particular forwarding element to the forwarding element in a first set of forwarding elements. 

8. The method of claim 7, wherein configuring the load balancer comprises configuring the load balancer to redirect 1 out of N new data message flows away from the particular forwarding element, wherein N is an integer. 

9. The method of claim 6, wherein collecting statistics comprises: generating, at the forwarding elements, statistics regarding data message flows that the forwarding elements process; collecting, at a controller, the generated statistics from the forwarding elements. 

10. The method of claim 1 further comprising before defining the second virtual network, receiving an identification of the second set of the public cloud datacenters from the entity as the set of public cloud datacenters over which the second virtual network should be defined. 

11. The method of claim 1, wherein the first virtual network is administered by a virtual network provider (VNP) that deploys multiple different virtual networks for multiple different entities of a plurality of public cloud datacenters. 

12. The method of claim 11, wherein the first virtual network is for the VNP to manage all a set of virtual networks deployed for a set of entities by the VNP. 

13. The method of claim 1 further comprising defining first and second sets of paths through the first and second virtual networks based on first and second sets of path-defining criteria, wherein the first set of path defining criteria for the first virtual network is different than the second set of path defining criteria for the second virtual network. 

14. The method of claim 1 further comprising deploying and configuring forwarding elements in a plurality of public cloud datacenters in order to define the first and second virtual networks, wherein at least one forwarding element for the first virtual network is deployed and configured in a public cloud in which a forwarding element for the second virtual network cannot be deployed. 

15. The method of claim 1 further comprising: collecting statistics regarding the second set of data messages that are forwarded through the first virtual network; generating a bill, based on the collected statistics, for the particular entity to pay in order to account for the particular entity's usage of the first virtual network. 



17. The system of claim 16, wherein the first virtual network is a shared virtual network used by multiple entities, while the second virtual network is a dedicated virtual network used by the particular entity. 

18. The system of claim 16, wherein the forwarding elements in the first set of forwarding elements are shared forwarding elements that are used to forward data message flows for multiple entities, while the forwarding elements in the second set of forwarding elements are dedicated forwarding elements that are used to forward data message flows for the particular tenant. 

19. The system of claim 16, wherein the detected condition is congestion at a 

20. The system of claim 16, wherein the second set of the PCDs are identified by the entity as the set of PCDs over which the second virtual network should be defined. 








Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 3-10 and 14-19 are rejected 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Regarding claim 3, line 3 recites “is a better alternative to a second path”, without defining the scope, making the claim indefinite.
Claims 4-10 are dependent on claim 3 and interpreted same as claim 3.
Regarding claim 14, line 6 recites “is a better alternative to a second path”, without defining the scope, making the claim indefinite.
Claims 15-19 are dependent on claim 3 and interpreted same as claim 14.


NOTICE for all US Patent Applications filed on or after March 16, 2013
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of pre-AIA  35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 11, 13 and 18 are rejected under 35 U.S.C. 102 (a)(1) as anticipated by Richard, Jacques J. (US9306949, of IDS, hereinafter ‘RICHARD’) with evidence by Beyer et al. (US20200097327, hereinafter ‘BEYER’).
Regarding claim 1, RICHARD teaches a method of operating a virtual network for a entity over a set of two or more public cloud datacenters (Fig. 1 Data Centers 102, Col 1 Lines 7-11: Datacenter providers, referred to as cloud service providers, provide services to various entities, to compute resources hosted in one or more datacenters. (Col 2 Lines 3-12) datacenters may be configured to host private BEYER (Para [0003])), the method comprising:
 deploying a larger, first virtual network over the set of the public cloud datacenters (Fig. 1, Col 2 Lines 7-12: The cloud service providers typically host private clouds (first virtual network) for a large number of entities with networks or compute resources that may be located across multiple datacenters (set of the public cloud datacenters) owned or controlled by the same cloud service provider. (Figs. 3A, 3B, Private Cloud 310, Col 6 Lines 40-41) private cloud 310 may be executed on multiple server computers allocated from multiple datacenters 102), said first virtual network using at least a particular forwarding element near an Internet backbone (Fig. 3B, Col 8 Lines 45-49: Customer ABC can also configure its private cloud 310 (first virtual network) to connect to a public network, such as the Internet. For example, a virtual public gateway 314B (particular forwarding element) may be an instance hosted on private cloud 310 and configured to enable traffic to flow between the public network and instances 206A-206N);
deploying, for the entity, a smaller, second virtual network over a subset of the public cloud datacenters that does not include all the public cloud datacenters in the set (Fig. 3B, Col 8 Lines 36-44: The cloud service provider may also allow customer ABC to connect its private cloud 310 to its home network. For ;
using the second virtual network to forward a first set of data message flows associated with machines of the entity outside of the public cloud datacenters (Fig. 3B, Col 8 Lines 40-44: virtual private gateway 314A may be an instance hosted on private cloud 310 and configured to manage a VPN tunnel (smaller second virtual network) and to securely connect private cloud 310 to customer ABC's home network. (Col 8 Lines 50-52) Virtual private gateway 314A and virtual public gateway 314B may use dynamic routing (traffic forwarding or forward a first set of data message) with the connection between private cloud 310 and customer ABC's home network);
using the first virtual network including the particular forwarding element near the Internet backbone to forward a second set of data message flows associated with machines of the entity outside of the public cloud datacenters (Fig. 3B, Col 8 Lines 47-49: virtual public gateway 314B (particular forwarding element) may be an instance hosted on private cloud 310 and configured to enable traffic to flow between the public network (using the public network to Customer ABC Computing Device 360, see Fig. 3B) and instances 206A-206N (instances of private network hosted by Provider datacenter, see Fig. 2)).
BEYER discloses (Para[0003]: A private cloud may provide computing resources to only particular users associated with a particular organization, may use resources hosted in a data center, which may be operated by another organization (a cloud service provider). The public cloud provider's data center(s) may host some or all of the private cloud resources, and the private cloud provider's data center(s) may host some or all of the public cloud resources).

Regarding claim 11, RICHARD teaches wherein the particular forwarding element is in a datacenter near the Internet backbone (Fig. 3A, Private Cloud 310 in datacenter 102. Fig. 3B, Virtual Private Gateway 314a or 314B in Private Cloud 310, is in a data center 102).

Regarding claim 13, RICHARD teaches a system for operating a virtual network for a entity over a set of two or more public cloud datacenters (Fig. 1 Data Centers 102, Col 1 Lines 7-11: Datacenter providers, referred to as cloud service providers, provide services to various entities, to compute resources hosted in one or more datacenters. (Col 2 Lines 3-12) datacenters may be configured to host private clouds. The private clouds are virtualized private networks that are typically hosted in the datacenters of cloud service providers on behalf of entities like customers of the cloud service providers, across multiple datacenters (two or more public cloud datacenters) owned or controlled by the same cloud service provider. Cloud service providers can be defined as public cloud datacenters, as evidenced by BEYER (Para [0003])), the system comprising:
 a first set of managed forwarding elements deployed in a set of public cloud datacenters (PCDs) to implement a first virtual network over the PCD set (Fig. 1, Col 2 Lines 7-12: The cloud service providers typically host private clouds (first virtual network) for a large number of entities with networks or compute resources that may be located across multiple datacenters (set of the public cloud datacenters) owned or controlled by the same cloud service provider. (Figs. 3A, 3B, Private Cloud 310, Col 6 Lines 40-41) private cloud 310 may be executed on multiple server computers allocated from multiple datacenters 102), the first set of managed forwarding elements comprising a particular forwarding element near an Internet backbone (Fig. 3B, Col 8 Lines 45-49: Customer ABC can also configure its private cloud 310 (first virtual network) to connect to a public network, such as the Internet. For example, a virtual public gateway 314B (particular forwarding element) may be an instance hosted on private cloud 310 and configured to enable traffic to flow between the public network and instances 206A-206N);
a second set of managed forwarding elements deployed, for the entity, in a subset of the PCDs that does not include all the PCDs in the PCD set in order to implement a second virtual network for the entity (Fig. 3B, Col 8 Lines 36-44: The cloud service provider may also allow customer ABC to connect its private cloud 310 to its home network. For example, a virtual private gateway 314A (one resource in one data center of cloud service provider, implying over a subset of the public cloud datacenters) may be an instance hosted on private cloud 310 and configured to manage a VPN tunnel (a virtual network with an end point in private cloud 310, as the smaller ;
a set of severs to configure the subset of PCDs to forward a first set of data message flows associated with external machines of the entity outside of the public cloud datacenters (Fig. 3B, Col 8 Lines 40-44: virtual private gateway 314A may be an instance hosted on private cloud 310 and configured to manage a VPN tunnel (smaller second virtual network) and to securely connect private cloud 310 to customer ABC's home network. (Col 8 Lines 50-52) Virtual private gateway 314A and virtual public gateway 314B may use dynamic routing (traffic forwarding or forward a first set of data message) with the connection between private cloud 310 and customer ABC's home network), and
to configure the particular forwarding element near the Internet backbone to forward a second set of data message flows associated with external machines of the entity outside of the public cloud datacenters (Fig. 3B, Col 8 Lines 47-49: virtual public gateway 314B (particular forwarding element) may be an instance hosted on private cloud 310 and configured to enable traffic to flow between the public network (using the public network to Customer ABC Computing Device 360, see Fig. 3B) and instances 206A-206N (instances of private network hosted by Provider datacenter, see Fig. 2)).
BEYER discloses (Para[0003]: A private cloud may provide computing resources to only particular users associated with a particular organization, may use resources hosted in a data center, which may be operated by another organization (a cloud service provider). The public cloud provider's data center(s) may host some or all 

Regarding claim 18, the claim is interpreted and rejected for the same reason as set for claim 11.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 2, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Richard, Jacques J. (US9306949, of IDS, hereinafter ‘RICHARD’) with evidence by Beyer et al. (US20200097327, hereinafter ‘BEYER’) in view of Madhav et al. (US20160164914, of IDS, hereinafter ‘MADHAV’).
Regarding claim 2, RICHARD teaches receiving, from the entity (Fig. 1 customer computing system 104), identities of the subset of public cloud datacenters over which the second virtual network for the entity should be defined (Fig. 1, PES platform 108, Fig. 2, Col 5 Lines 27-35: an entity of PES platform 108 may utilize customer computing system 104 to access management component 210 to configure various aspects of the operation of PES platform 108 and instances 206, requests to launch instances (identities of the subset of public cloud datacenters, implicit) to management component 210. (Fig. 3B, Col 8 Lines 36-44: The cloud service provider may also allow customer ABC to connect its private cloud 310 to its home network. For example, a virtual private gateway 314A may be an instance hosted on private cloud 310 (at least one identified instance launched in one data center, implying the public cloud datacenter is identified for the instance) and configured to manage a VPN tunnel (smaller second virtual network), to securely connect private cloud 310 to customer ABC's home network);
performing a first set of path searches to identify a first set of paths through the subset of public cloud datacenters to connect machines of the entity (Fig. 3B, Col 8 Lines 36-44: a virtual private gateway 314A may be an instance hosted on private cloud 310 (at least one identified instance launched in one data center, implying a subset of the public cloud datacenters identified) and configured to manage a VPN tunnel (smaller second virtual network), to securely connect private cloud 310 to customer ABC's home network (a first set of path search in the identified data center is 
deploying and configuring a set of forwarding elements operating in the subset of public cloud datacenters to implement the second virtual network for the entity (Fig. 3B, Col 8 Lines 36-44: a virtual private gateway 314A may be an instance hosted on private cloud 310 and configured to manage a VPN tunnel).
RICHARD, with evidence by BEYER, does not explicitly disclose receiving, from the entity, identities of the subset of public cloud datacenters over which the second virtual network for the entity should be defined.
MADHAV teaches receiving, from the entity, identities of the subset of public cloud datacenters over which the second virtual network for the entity should be defined (Fig. 1, Para [0022]: The mechanism or process, in one aspect, is able to receive a first request from a dashboard requesting a SON. Note that the SON is capable of facilitating a point-to-point connection between nodes residing in different clouds. (Para [0039]) To create a seamless SON, a user can select a SON icon on a dashboard managed by orchestrator 112. The SON icon provides an option to a user before a VN is instantiated. SON is applicable between public and private clouds 106-108, public and public clouds.  (Fig. 3, Para [0049-0050] Menu 304 (of Dashboard 304) lists various icons, such as tower 310, router 312, rack 314, network device 316, cloud 318 (public cloud datacenters), connection 320, and/or SON option 322. A subscriber or user (entity) can selectively pick and choose any icons (icons include cloud 318 implying identities of the subset of public cloud datacenters in a first request) to build a 
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to take the technique of MADHAV to the system of RICHARD with evidence by BEYER in order to take the advantage of providing a method to optimize performance of VN by automatically creating SONs between multiple clouds improving network performance (MADHAV: Para [0004, 0022, 0029, 0030]).

Regarding claim 12, RICHARD, with evidence by BEYER, does not explicitly disclose wherein the particular forwarding element is in a datacenter that is part of the Internet backbone.
MADHAV teaches wherein the particular forwarding element is in a datacenter that is part of the Internet backbone (Para [0023] SON between first node in first cloud and second node in second cloud using connections via third node in third cloud (an intermediate datacenter that is analogues to Internet backbone). (Fig. 1, Para [0036]) To facilitate point-to-point connections, SON 132 is established over the existing network between links 136-138 and cloud 104 (an intermediate cloud datacenter analogues to Internet backbone). A function of SON 132 is to cause two 
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to take the technique of MADHAV to the system of RICHARD with evidence by BEYER in order to take the advantage of providing a method to optimize performance of VN by automatically creating SONs between multiple clouds improving network performance (MADHAV: Para [0004, 0022, 0029, 0030]).

Regarding claim 19, the claim is interpreted and rejected for the same reason as set for claim 12.


Claims 3-4 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Richard, Jacques J. (US9306949, of IDS, hereinafter ‘RICHARD’) with evidence by Beyer et al. (US20200097327, hereinafter ‘BEYER’) in view of Madhav et al. (US20160164914, of IDS, hereinafter ‘MADHAV’) and with further in view of Francois et al. (“Optimizing Secure SON-enabled Inter-Data Centre Overlay Networks through Cognitive Routing”, of IDS, hereinafter ‘FRANCOIS’).
claim 3, the combination of RICHARD with evidence by BEYER, and MADHAV do not explicitly disclose performing a second set of path searches to identify at least a first path that uses the particular forwarding element near the Internet backbone that is a better alternative to a second path in the first set of paths.
In an analogous art, FRANCOIS teaches performing a second set of path searches to identify at least a first path that uses the particular forwarding element near the Internet backbone that is a better alternative to a second path in the first set of paths (Page 2 Right Col Section III: In order to transfer data between different cloud providers, it is often required to use the public internet. Through encrypted VPN, the tenant's applications in each data centre use the overlay gateway (forwarding element) in order to communicate with other applications located in other data centres. Each overlay gateway is made up of a SDN OpenFlow switch. (Page 4 Fig. 3, Right Col – Page 5 Left Col Steps 1-Steps 11) For a new Flow F1,2, CRE first install a path for Flow F1,2 by calculating the shortest path (first set of path) based on hop count between OVS (OpenFlow Vswitch, of overlay gateway, the forwarding element) S1 and S2 (see Fig. 3 and Step 5). Next CRAM find the most suitable links for a given path, updates RNN so that it chooses better paths, learning based on data received from NMM and will output the best paths found (performing a second set of path searches that is a better alternative to a second path in the first set of paths)).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to take the technique of FRANCOIS to the system of RICHARD with evidence by BEYER and MADHAV in order to take the advantage of a method to optimize the public Internet paths between these different FRANCOIS: Page 2 Left Col Para 1).

Regarding claim 4, The combination of RICHARD with evidence by BEYER, and MADHAV do not explicitly disclose wherein using the first virtual network comprises using the first path in place of the second path to forward at least one data message flow in the second set of data message flows.
In an analogous art, FRANCOIS teaches wherein using the first virtual network comprises using the first path in place of the second path to forward at least one data message flow in the second set of data message flows (Page 4 Fig. 3 Left Col Ste5, Pages 5 Left Col Steps 9-11: CREE installing a path based on shortest path on hop count (all link hops considered for first set of path, e.g. Fig. 3 path over single hop between S1 and S2, paths over 2 hops between S1 and S2 via S3). CRAM will output the best paths found, passed to PTM responsible for implementing the paths in the OVSs by modifying their flow tables (e.g. for using paths S1<->S3<->S2 based on delay of the network links, see Page 5 Steps 7-8)).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to take the technique of FRANCOIS to the system of RICHARD with evidence by BEYER and MADHAV in order to take the advantage of a method to optimize the public Internet paths between these different data centres so as to achieve better QoS for the end users (FRANCOIS: Page 2 Left Col Para 1).

claim 14, RICHARD teaches wherein
the entity identifies the subset of PCDs (Fig. 1, PES platform 108, Fig. 2, Col 5 Lines 27-35: an entity of PES platform 108 may utilize customer computing system 104 to access management component 210 to configure various aspects of the operation of PES platform 108 and instances 206, requests to launch instances (identities of the subset of PCDs, implicit) to management component 210), and
the server set performs a first set of path searches to identify a first set of paths through the subset of PCDs to connect external machines of the entity (Fig. 3B, Col 8 Lines 36-44: The cloud service provider may also allow customer ABC to connect its private cloud 310 to its home network. For example, a virtual private gateway 314A may be an instance hosted on private cloud 310 (at least one identified instance launched in one data center, implying a subset of PCDs is identified for the instance) and configured to manage a VPN tunnel (identify a first set of paths for the second virtual network, implicit), to securely connect private cloud 310 to customer ABC's home network).
RICHARD, with evidence by BEYER, does not explicitly disclose the entity identifies the subset of PCDs, and performs a second set of path searches to identify at least a first path that uses the particular forwarding element near the Internet backbone that is a better alternative to a second path in the first set of paths.
MADHAV teaches the entity identifies the subset of PCDs (Fig. 1, Para [0022]: The mechanism or process, in one aspect, is able to receive a first request from a dashboard requesting a SON. Note that the SON is capable of facilitating a point-to-point connection between nodes residing in different clouds. (Para [0039]) To create a 
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to take the technique of MADHAV to the system of RICHARD with evidence by BEYER in order to take the advantage of providing a method to optimize performance of VN by automatically creating SONs between multiple clouds improving network performance (MADHAV: Para [0004, 0022, 0029, 0030]).
The combination of RICHARD with evidence by BEYER, and MADHAV do not explicitly disclose performs a second set of path searches to identify at least a first path that uses the particular forwarding element near the Internet backbone that is a better alternative to a second path in the first set of paths.
FRANCOIS teaches performs a second set of path searches to identify at least a first path that uses the particular forwarding element near the Internet backbone that is a better alternative to a second path in the first set of paths (Page 2 Right Col Section III: In order to transfer data between different cloud providers, it is often required to use the public internet. Through encrypted VPN, the tenant's applications in each data centre use the overlay gateway (forwarding element) in order to communicate with other applications located in other data centres. Each overlay gateway is made up of a SDN OpenFlow switch. (Page 4 Fig. 3, Right Col – Page 5 Left Col Steps 1-Steps 11) For a new Flow F1,2, CRE first install a path for Flow F1,2 by calculating the shortest path (first set of path) based on hop count between OVS (OpenFlow Vswitch, of overlay gateway, the forwarding element) S1 and S2 (see Fig. 3 and Step 5). Next CRAM find the most suitable links for a given path, updates RNN so that it chooses better paths, learning based on data received from NMM and will output the best paths found (performing a second set of path searches that is a better alternative to a second path in the first set of paths)).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to take the technique of FRANCOIS to the system of RICHARD with evidence by BEYER and MADHAV in order to take the advantage of a method to optimize the public Internet paths between these different data centres so as to achieve better QoS for the end users (FRANCOIS: Page 2 Left Col Para 1).


Allowable Subject Matter
Claims 5-10 and 15-17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and in intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:
Regarding claim 5, RICHARD with evidence by BEYER and MADHAV and FRANCOIS either alone or in combination fails to teach based on the identification of the first path, providing a recommendation to the entity to use the particular forwarding element; wherein using the first virtual network comprises using the first path in place of the second path to forward at least one data message flow in the second set of data message flows, after the entity accepts the recommendation.

Claim 6 and claim 7, being dependent on claim 5, are interpreted same as claim 5.

Regarding claim 8, RICHARD with evidence by BEYER and MADHAV and FRANCOIS either alone or in combination fails to teach before performing the second set of path searches, receiving a preference setting from the entity to use forwarding elements near the Internet backbone when the use of such forwarding elements improves a forwarding of a data message flow for the entity; wherein using the first virtual network comprises using the first virtual network based on the preference setting.

Regarding claim 9, RICHARD with evidence by BEYER and MADHAV and FRANCOIS either alone or in combination fails to teach configuring, based on the identified first set of paths, a first set of forwarding elements in the subset of public cloud datacenters, said first set of paths including the second path, which is used to configure a first forwarding element in the first set of forwarding elements; and configuring the particular forwarding element to implement the first path and configuring a second forwarding element in the first set of forwarding elements to forward at least one data message flow in the second set of data message flows to the particular forwarding element; reconfiguring the first forwarding element to no longer implement the second path.

Regarding claim 10, RICHARD with evidence by BEYER and MADHAV and FRANCOIS either alone or in combination fails to teach wherein the configured set of forwarding elements is a first set of forwarding elements; the particular forwarding element is part of a second set of forwarding elements that are shared forwarding elements used to forward data message flows associated with multiple different entities that are tenants of a virtual network provider that deploys the forwarding elements for the different entities; the first set of forwarding elements are dedicated forwarding elements deployed by the virtual network provider for the entity in order to forward data message flows associated with the particular entity and no other tenant of the virtual network provider.

claim 15, RICHARD with evidence by BEYER and MADHAV and FRANCOIS either alone or in combination fails to teach wherein after identifying the first path, the server set provides a recommendation to the entity to use the particular forwarding element, and configures the particular forwarding element to implement the first path after the entity accepts the recommendation.

Claim 16 and claim 17, being dependent on claim 15, are interpreted same as claim 15.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Zhao et al. (US20200382345), describing multi-cloud VPC routing and registration
Thakkar et al. (US20160105488), describing cross-cloud object mapping for hybrid clouds
Williams, Sean R. (US9875355), describing DNS query analysis for detection of malicious software
Abraham, Sanju C. (US20200059420), describing multi-cloud virtual computing environment provisioning using a high-level topology description
Sampath et al. (US20160134461), describing endpoint data centers of different tenancy sets
Sinha et al. (US20150317169), describing constructing and operating high-performance unified compute infrastructure across geo-distributed datacenters

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAH M RAHMAN whose telephone number is (571)272-8951.  The examiner can normally be reached on 9:30AM-5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, UN C CHO can be reached on 571-272-7919.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access 






/SHAH M RAHMAN/Examiner, Art Unit 2413