DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.  This office action is a response to an application filed 03/23/2018, wherein claims 9 – 25 are pending and ready for examination.
Response to Arguments
3.  Applicant’s arguments, see Remarks, filed 04/21/2021 with respect to Claims 9-14, 16-22 and 25-25  as being rejected as unpatentable over Rieke, U.S. Publication No. 2016/0072381, in view of Shimizu et al, U.S. Publication No. 2007/0022211, further in view of Smith, U.S. Publication No. 20190349426  have been fully considered and are persuasive.  The rejections of claims 9-14, 16-22 and 25-25 have been withdrawn. 

Terminal Disclaimer
4.  The terminal disclaimer filed on 11/06/2020 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of US Application No. 164557948 has been reviewed and is accepted.  The terminal disclaimer has been recorded.
Examiner’s Amendment
5.  An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 

Authorization for this examiner’s amendment was given in an interview with Jason Judd on 5/20/2021.

The application has been amended as follows: 
17. (currently amended) A computer program product [[in]] comprising: a non-transitory computer readable medium for use in a data processing system to protect a network, the non-transitory computer readable medium storing configure the data processing system to:
during a network management protocol lease acquisition message exchange:
receive a message from an Internet of Things (IoT) device, the message including a network location storing a set of flow attributes for the IoT device, the set of flow attributes defined by a supplier as a normal behavior of the IoT device;
responsive to receipt of the message, issue a query to the network location;
in response to the query, receive information including the set of flow attributes;
responsive to receipt of the information, configure a network control device to monitor a network behavior of the IoT device by associating at least a portion of the information with a network address associated with the IoT device; and
monitor a network communication associated with the IoT device using the information.



Allowable Subject Matter
6.    Claims 9 - 25 are allowed as amended.


Examiner’s Reason for Allowance
7.    The following is an examiner’s statement of reasons for allowance: “during” a network management protocol lease acquisition message exchange” receive a message from an Internet of Things (IoT) device, the message including a network location storing a set of flow attributes for the IoT device, the set of flow attributes defined by a supplier as a normal behavior of the IoT device. The closest prior art being "Rieke" (US 20160072831 A1), “Shimizu” (US 20070022211 A1), “DeGraaf” (US 20110154440 A1), “Smith” (US 20190349426 A1), and newly cited “Mommileti” (US 20190166020 A1). Rieke discloses a system that collects and analyzes asset and network data from multiple sources, and use such data to present a more complete and accurate representation of the network connections between various systems and software applications and the policies dictating the operation of security controls on a network compared to conventional systems. Shimizu discloses an IP address provision request issued from a client terminal according to the DHCP protocol is transferred to a DHCP server, and an application for provision of an IP address is received. At this time, a packet transfer system stores pieces of information on the client terminal (IP address and MAC address) in a memory unit. DeGraaf, a secondary reference, was introduced Smith, an additional reference, was introduced to disclose techniques related to Internet of Things (IoT) devices that can perform remote sensing and actuation functions.  New art Mommileti discloses methods and systems for analyzing control signaling messages over a network to inform policy-based sampling of network flows using a network visibility node communicatively coupled to the network.

8. What is missing from the prior art of record to include new search Mommileti the specific feature whereby “during” a network management protocol lease acquisition message exchange” receive a message from an Internet of Things (IoT) device, the message including a network location storing a set of flow attributes for the IoT device, the set of flow attributes defined by a supplier as a normal behavior of the IoT device. While, the prior art of record discloses in combination DHCP lease and message authentication none of the prior art of record discloses nominal device flow characteristic data provided by the supplier/manufacturer within the duration of the lease exchange.  The examiner is further persuaded by applicant representative on the deficiencies of the prior art (See Remarks 04/21/2021, pages 10 and 11).  The secondary references and newly searched art fails to overcome the features of claims 9, 17 and 25, as amended.

.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM B. JONES whose telephone number is (571) 272-9637.  The examiner can normally be reached on Mon - Fri., 5:30 a.m. to 2:00 p.m.  If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-272-3900.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 

 /WILLIAM B JONES/Examiner, Art Unit 2491


/ALEXANDER LAGOR/Primary Examiner, Art Unit 2491