DETAILED ACTION

1.	Notice of Pre-AIA  or AIA  Status:  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.	Claims 1-20 are presented for examination. 

3.	This Office Action is in response to application 16/354121 filed on March 14, 2019.

4.	Claim 1-20 are allowable subject matter.  Upon Applicant overcoming the 101 rejection (2019 PEG type), the 112(b) rejection, and the objection, then the claims will be allowed.

Paper Submitted

5.	It is hereby acknowledged that the following papers have been received and placed of record in the file:
a.	Information Disclosure Statement as received on January 27, 2021, September 27, 2020, July 29, 2020, and June 14, 2019 were considered.



Claim Objections

6.	Claims 3 and 16 are objected to 37 C.F.R. 1.75 because of the following informalities:
	
	Claim 3 recites “configured facilitate.”  Since claims 4, 5 and other claims properly recite “configured to facilitate,” claim 3 should also recite “configured to facilitate.”  The same is true in claim 16.  Applicant to resolve claim 3.

Claim Rejections – 35 USC § 112

7.	The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



8.	Claims 1-20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

9.	Claim 1 recites “corresponding to the operation.”  There is insufficient antecedent basis for this limitation in the claim.  The limitation is viewed as – corresponding 

Claims 2-7, 9-14 and 16-20 incorporate the deficiencies of claims 1, 8, and 15 through dependency, and are also rejected.





35 USC 101 rejection

10.	Claim 1 is rejected under 35 USC 101 (2019 PEG type) because the claimed invention is directed to an abstract idea without significantly more.  The claim recites “establishing a security configuration [] corresponding to a provisioned security policy definition,” “executing, by the SSE, [] software based service in real time to enforce the policies of the security service policy definition,” and “remediating the security configuration [] if [] detects a security vulnerability corresponding to an operation.”

	The limitation of establishing a security configuration corresponding to a provisioned security policy definition, as drafted, is a process that under its 

	This judicial exception in not integrated into a practical application.  In particular, the claim only recites one element – using a gateway element/device to perform the limitations.  The gateway element/device is recited at a high-level of generality (i.e., as a generic security gateway element/device performing a generic computer function of establishing and remediating [adjusting] a security configuration) such that it amounts to no more than mere instructions to apply the exception using a generic gateway element/device.  Accordingly, this element/device does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea.  The claim is directed to an abstract idea.
	


	In addition, the Federal Circuit court decision on Synopsis, Inc. v. Mentor Graphics Corporation explains “the court observed that ‘each of the steps in the claimed methods can be performed by a skilled designer either mentally or with pencil and paper’” (middle of page 13 of the Federal Circuit court decision).  This is supported by the Appellants admitting “steps involved in the claimed method make evident that a skilled artisan could perform the steps mentally” and “the inventors of the Gregory Patents confirmed this point when they admitted to performing the steps mentally themselves” (to paragraph on page 19 of the Federal Circuit court decision).  This Federal Circuit decision, as emphasized on page 13 of the court decision, describes a situation similar to the instant application claims. 


Allowable Subject Matter

establishing a security configuration for a security gateway element (SGE)  corresponding to a provisioned security service policy definition
configuring a plurality of SGE security service managers hosted by a service security engine (SSE) on the SGE based on policies included in the security service policy definition
executing, by the SSE, each of the plurality of SGE security service managers as a software based service in real time to enforce the policies of the security service policy definition on the SGE
remediating the security configuration of the SGE if one or more of the plurality of SGE security service managers detects a security vulnerability corresponding to the operation of the SGE..


Liang et al., US Pub 20150135299 teach establishing an IPSec tunnel.  A user configures a corresponding security gateway IP and security policy.  A base station is configured to establish a temporary IPSec tunnel to a security gateway according to an acquired certificate.  The base station is further configured to establish a permanent IPSec tunnel between itself and the security gateway according to a second configuration parameter.  

Goodrow et al., US pub 20110029626 teach an agent may reside on a client and acts as a universal policy engine capable of delivering multiple management services.  A single agent may execute a diverse and extensible array of management services ranging from real-time client status reporting, to patch and software distribution, to security policy enforcement, endpoint power management and other systems management and security functions.  In embodiments, pseudo-agents are deployed to perform asset discovery.  If the result of a local scan shows the presence of devices of a particular type, then a policy can say to deploy a pseudo-agent to manage those devices.  For example, if wireless access points are identified in a local network scan, then pseudo-agents are instantiated to manage against those devices.  A vulnerability scan, or 

Rossman, US 10484331 teach security appliance provisioning.  To a customer, a security appliance may appear to be any function as if it were part of a virtualized network.  Because the security appliance is not directly accessible, an additional layer of security is provided where a large number of current attack vectors become invalid.  A notification, to a customer at a client device, may be an escalation of a detected security issued to an event manager, to an enterprise security administrator, or to the like.  An interface (e.g., API) of a security service may enable remote management of the security service to address provisioning success/failure matters, security issues, definition of security policies, etc.  

Poosala et al., US pub 20170026231 teach an Internet Service Provider (ISP) system capable of delegating network policy configuration tasks to ISP franchisee accounts.  An ISP platform system enables rural entrepreneurs (e.g., ISP franchisees) to individually set up Local Area Network (LAN), each with a secure tunnel to a gateway server that provides Internet access.  The LANs of individual ISP franchisees can form a distributive ISP platform that is individually managed.  A gateway server and/or network equipment can enforce Network Usage Policy(ies) (NUP(ies)).  The NUPies can be configured by ISP franchisee accounts.  An ISP 

Ciano et al., US Pub 20200159933 teach detecting security risks related to a software component deployable in a container-based runtime environment.  A determination is made that a check for security risks has not been previously performed for the check layer according to a check criterion.  Responsive to this determination, a remedial action may be initiated.  A computer system may comprise a processor of a Container Vulnerability Advisor (CVA) configured to cause the CAM to receive a trigger.  The trigger indicating that a layer of the container is to be checked for security risks.  When the security analysis indicates a security risk, a remedial action may be initiated.  In an embodiment, a container management system that may be utilized for detection and remediation of 

Henderson et al., US pub 20190342323 teach a computing system may store, in a database, a reference to a particular configuration item in a particular group, which may be advantageous for various reasons.  This reference may indicate, to an enterprise, the remediation that should resolve the security vulnerability of the particular configuration item, which amounts to a time-saving and automatic assignment of a remediator in accordance with the enterprise’s preferences.  The term “configuration item” may be shorthand for any physical or virtual device, or any application or service remotely discoverable or managed by a computational instance, or relationships between discovered devices, applications, and services.  Configuration items may be represented in a Configuration Management DataBase (CMDB) of a computational instance.

Kelley et al., US Pub 20170286689 teach a management component can transmit the results of a vulnerability scan to a management service.  Based on the results of the vulnerability scan, the management service can determine whether to perform various actions.  For example, if vulnerability severity metric indicates that there is a severe vulnerability 

Oliphant et al., US 9117069 teach a security management problem where techniques are intended to remediate vulnerabilities (such as configuration changes, changes to policy settings, or application of patches) and additional problems.  For example, remediation steps open other vulnerabilities in software.  Therefore, there is a need for improved security management techniques.  In an embodiment, a security information management system is provided, where a database of potential vulnerabilities is maintained, along with data describing remediation techniques (patches, policy settings, and configuration options) available to protect against them.  The database includes vulnerability and remediation information such that multiple methods of remediating the vulnerability are specified.  When the system has occasion to implement or to offer remediation of a vulnerability, all known alternatives are presented that are relevant to the device or machine’s particular configuration or setup.  In embodiments, a security server uses a collection of information to determine whether a connection request is attempting to take advantage of a particular known vulnerability of a destination machine, and uses the information from the database to determine whether the destination computer has the vulnerable software 

Oliphant et al., US 10075466 teach management of security of computing and network devices that are connected to other such devices.  A platform configured to perform at least one operation based on first information from a data storage(s) identifying potential vulnerability(ies).  And, another operation for identifying a configuration(s) associated with a network device(s).  The platform is further configured to display a technique(s) including a first technique for utilizing an intrusion prevention system for occurrence mitigation, and a second technique for utilizing the firewall for occurrence mitigation.  A security server obtains from a vulnerability and remediation database regularly updated list of security vulnerabilities in software for a wide variety of operating systems, and even in the operating 

13.	In summary, nowhere do the prior art disclose the unique combination of steps/elements listed above.  The unique combination of the steps/elements listed above are a novel combination.  Upon Applicant overcoming the 35 USC 101 rejection (2019 PEG type), the 112(b) rejection, and the objections, then the prior art, either singularly or in combination fails to anticipate or render obvious the present invention.

Conclusion
13.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Applicant is reminded that in amending in response to a rejection of claims, the patentable novelty must be clearly shown in view of the state of the art disclosed by the references cited and the objection made.  Applicant must show how the amendments avoid such references and objections.  See 37 CFR 1.111(c).

14.	 Any inquiry concerning this communication or earlier communications from the examiner should be directed to O. Charlie Vostal whose telephone number is 571-270-3992 (via email:  Ondrej.Vostal@uspto.gov  “without a written authorization by applicant in place, the USPTO will not respond via internet e-mail to an Internet correspondence” MPEP 502.02 II and https://www.uspto.gov/sites/default/files/documents/sb0439.pdf ).  The examiner can normally be reached on 8:30am to 5:00pm EST Monday thru Friday.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thu Nguyen can be reached on 571-272-6967.  The fax phone number for the organization where this application or proceeding is assigned is 571-270-4992.



	/ONDREJ C VOSTAL/Primary Examiner, Art Unit 2452                                                                                                                                                                                                        
	May 20, 2021