DETAILED ACTION
1.	This office action is in response to the communication filed on 11/18/2019.
2.	Claims 1-18 are pending. 

Notice of Pre-AIA  or AIA  Status
3.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

4.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


5.	Claim(s) 1-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Zhang (US 20180041425 A1) in view of Walker et al. (US 20120295664 A1).
Regarding claims 1, 7 and 13:

communicating, from a client device to a security device via a metadata connection, metadata regarding a data connection to be established by the client device, the metadata comprising a connection identifier uniquely identifying the data connection (see paras. 69, 75 where a network entity/node (i.e. security device) provide a service (i.e., data connection) on a network, wherein a service is a communication service for machine-to-machine communication/connection; see paras. 191-192 where an end point, e.g. a user equipment, (i.e., client device) transmits a registration message, via communication with an edge node (i.e. via a metadata connection), to register to a network entity, wherein the registration message indicates an identity/ID (i.e., connection identifier) of a service/virtual network (VN); see para. 202 where, after registration, the end point sends a data packet with VN/service ID to a destination; see para. 211 where a packet is transmitted from an end point by using established VN resources. Note: see para. 71 where a VN supports a service, wherein a VN ID is a service ID); and 
communicating, from the client device to the security device via the data connection, network traffic comprising a packet that includes the connection identifier, such that the security device may use the connection identifier to index an entry associated with the metadata that the security device has stored in [a metadata cache] (see para. 192 where an end point registers a service/VN identity/ID with a network entity (i.e. a network entity records/stores a service/VN identity/ID for an end point); see para. 202 where, after registration, the end point sends a data packet .
Zhang does not, but Walker discloses:
store metadata in a metadata cache (see Walker, para. 46, where an access point (AP) (i.e. security device), which provides a service, stores a service identity (i.e. metadata) in a cache).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Zhang's invention by enhancing it to store metadata in a metadata cache, as taught by Walker, in order for avoiding latency from querying a service identity (Walker, para. 46).

Regarding claims 2, 8 and 14:
Zhang discloses:      
wherein the packet that includes the connection identifier is an initial packet communicated from the client device as part of the network traffic (see para. 202 where, after registration, the end point sends a data packet (i.e. an initial packet after registration) carrying VN/service ID to a destination).

Regarding claims 3, 9 and 15:
Zhang discloses:
wherein the connection identifier is part of a custom header of the packet that includes the connection identifier (see para. 184 where a packet header comprises a service ID).

Regarding claims 4, 10 and 16:
Zhang discloses:
wherein the network traffic is communicated in response to a message from the security device to the client device indicating the security device has received the metadata (see para. 192 where a network entity responses to a registration message comprising a service identity/ID by providing operating parameters to the end point for use in accessing the service; see para. 202 where, after registration, the end point sends a data packet carrying VN/service ID).

Regarding claims 5, 11 and 17:
Zhang discloses:
wherein the packet that includes the connection identifier also includes a metadata connection identifier which uniquely identifies the metadata connection (see para. 210 where a packet includes a VN/service ID and a destination’s identifier (i.e., metadata connection identifier) which uniquely identifies the destination (i.e., metadata connection) for which the packet is intended).

Regarding claims 6, 12 and 18:
Zhang discloses:
wherein the metadata comprises Endpoint Context Agent metadata (see para. 192 where a registration message comprises location tracking of the end point (i.e. Endpoint Context Agent metadata)).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Asano, US 20030076830 A1, Packet transfer apparatus having network address translation circuit which enables high-speed address translation during packet reception processing.
Yazaki et al., US 6768738 B1, Packet forwarding apparatus with a flow detection table.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HUAN V. DOAN whose telephone number is 571-272-3809. The examiner can normally be reached on Monday – Thursday, 9:00am – 5:00pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KRISTINE KINCAID, can be reached on 571-272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/HUAN V DOAN/Primary Examiner, Art Unit 2437