Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
1	This office action is in reply to applicant’s pre-brief appeal conference request filed on 01/05/2021. Claims 1-17 are pending. Claims 1, 7 and 13 are independent form are presented for examination. 

Response to Argument
2	Applicant’s pre-brief appeal conference request filed on 01/05/2021 have been fully considered and they are persuasive. Therefore, all previous rejections have been withdrawn. However, upon further consideration, a new ground(s) of rejection is made.

Claim Rejections - 35 USC § 103
3	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

4	Claims 1, 2 and 4-17 are rejected under 35 U.S.C. 103 as being unpatentable over Andrews et al. (Andrews, hereinafter) (U.S. Patent Application Publication No. 2007/0189288 A1) in view of Li (U.S. Patent Application Publication No. 2015/0163151 A1) further in view of Richard (U.S. Patent Application Publication No. 2002/0161879 A1).
Regarding claim 1, Andrews discloses a validation controller comprising:
a processing resource ([0055]; central controller unit 110 with processing resource, Fig. 1); and
a memory resource ([0055]; memory, Fig. 1); storing machine readable instructions to cause the processing resource to:
determine functional capabilities for a topology that includes a plurality of devices to be configured by the validation controller ([0033] & [0054]; at step 520, the central controller unit 110 is configured to retrieve the logical group attribute(s) and the location of the members in the logical group hierarchy in the data network 100);
compare a configuration element for the plurality of devices to the functional capabilities for the plurality of devices ([0033] & [0054]; the central controller unit 1 10 compares the retrieved group attributes with the group attributes at the higher level in the logical group hierarchy to determine the appropriate set of group attributes for the group members);
validate the configuration element based on the comparison ([0034] & [0054]; if it is determined at step 530 that the retrieved logical group attributes associated with the identified members of the logical group conflict with the higher level group attributes); and
push the configuration element to the plurality of devices ([0034] & [0054]; apply the remaining attributes to the identified members of the logical group).

However, Li in analogous art, discloses when a conflict is identified between the configuration element and the functional capabilities, modify the topology such that the functional capabilities match the configuration element and the configuration element is validated ([0036]-[0037] & [0024]; If there is no matching entry in the default flow table, the virtual router can send a route discovery request to a regional controller that controls the virtual router at 204. If the regional controller determines that the destination node is located within the region that the regional controller manages at 205, the regional controller can then determine a route based on the regional network map maintained therein at 206. The regional controller can make the determination by examining the regional network map for example. The regional controller then modifies the default flow table based on the route discovery at 207 (i.e. if the routing rule doesn’t have a capability to route the traffic a modified routing table is generated so that a mismatch situation can be resolved).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Li to the system of Andrews in order to optimize a dynamic conflict resolution in a distributed network system.
But Andrews doesn’t fully disclose wherein determining the functional capabilities for a topology is accomplished without accessing individual devices of the plurality of devices.
([0008] & [0010]; an automatic discovery of the topology of an intranet network, including the different sub networks and the sub network settings and configuration, without the use of a specific agent which need to be installed into the different devices).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Richard to the system of Andrews in order to optimize a discovery and configuration of a distributed network system.

Regarding claim 2, Andrews further teaches the validation controller of claim 1, wherein the plurality of devices include network devices within a network hierarchy ([0015] & [0003]; each network device, user or host are mapped in a hierarchy and in logical groups based on the network level configuration (high level intents)).

Regarding claim 4, Andrews in view of Li discloses claim 1, but Andrews doesn’t teach a limitations of claim 4. 
However, Li further teaches the validation controller of claim 1, including instructions to cause the processing resource to also modify the configuration element when the conflict is identified between the configuration element and the functional capabilities ([0036]-[0037] & [0024]; If there is no matching entry in the default flow table, the virtual router can send a route discovery request to a regional controller that controls the virtual router at 204. If the regional controller determines that the destination node is located within the region that the regional controller manages at 205, the regional controller can then determine a route based on the regional network map maintained therein at 206. The regional controller can make the determination by examining the regional network map for example. The regional controller then modifies the default flow table based on the route discovery at 207 (i.e. if the routing rule doesn’t have a capability to route the traffic a modified routing table is generated so that a mismatch situation can be resolved).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Li to the system of Andrews in order to optimize a dynamic conflict resolution in a distributed network system.

Regarding claim 5, Andrews in view of Li discloses claim 1, Li further teaches the validation controller of claim 1, further comprising instructions to cause the processing resource to modify logical connections between the plurality of devices to modify the topology when the conflict is identified between the configuration element and the functional capabilities ([0036]-[0037] & [0024]; If there is no matching entry in the default flow table, the virtual router can send a route discovery request to a regional controller that controls the virtual router at 204. If the regional controller determines that the destination node is located within the region that the regional controller manages at 205, the regional controller can then determine a route based on the regional network map maintained therein at 206. The regional controller can make the determination by examining the regional network map for example. The regional controller then modifies the default flow table based on the route discovery at 207 (i.e. if the routing rule doesn’t have a capability to route the traffic a modified routing table is generated so that a mismatch situation can be resolved).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Li to the system of Andrews in order to optimize a dynamic conflict resolution in a distributed network system.

Regarding claim 6, Andrews further teaches the validation controller of claim 1, wherein the plurality of devices are disconnected from a network when validating the configuration element ([0023]; the central controller unit 110 in one embodiment is also configured to cease monitoring of traffic of users or hosts that were in the logical group of contractors 230, but that have left the network 100).

As for independent claim 7, the limitations of claim 7 are similar to the limitations of claim 1 above. Therefore, the limitations of claim 7 are rejected in the analysis of claim 1 above, and the claim is rejected on that basis.

Regarding claim 8, Andrews teaches the non-transitory machine readable storage of claim 7, further including instructions to modify the proposed configuration state for a network device from the plurality of network devices when the proposed configuration state for the network device conflicts with a functional capability of the network device ([0034]-[0035] & [0054]; in case a conflict arises in the network level configuration, the lower level attributes or configuration in the hierarchy is configured to supercede the higher level attribute in the hierarchy).

Regarding claim 9, Andrews further teaches the non-transitory machine readable storage of claim 7, wherein the configuration element is a previously unpushed configuration element for the plurality of network devices ([0034]-[0035] & [0054]; configuration attributes to be applied is identified).

Regarding claim 10, Andrews further teaches the non-transitory machine readable storage of claim 7, wherein instructions to receive the network topology includes instructions to receive configuration lines from a plurality of sources that include context for the plurality of network devices ([0006] & [0016]; the central controller unit 110 monitoring the traffic in the network 100 may be configured to apply the one or more attributes of the user or host in the network 100 to the appropriate groups in the hierarchy such that changes in the network topology is continuously monitored by the central controller unit 110 and dynamically configured to apply the appropriate network attributes associated with the changes in the network topology on a group basis in the group hierarchy).

Regarding claim 11, Andrews teaches the non-transitory machine readable storage of claim 10, wherein the context for the plurality of network devices includes a type of network device, a software version utilized by the network device and device groups within the plurality of network devices ([0006] & [0016]).

Regarding claim 12, Andrews further teaches the non-transitory machine readable storage of claim 7, comprising instructions executable by the computer processor to retrieve previously validated configuration elements that include corresponding configuration lines and context for the plurality of network devices ([0033] & [0016]; the central controller unit 110 is configured to retrieve the logical group attribute(s) and the location of the members in the logical group hierarchy in the data network 100).

Regarding claim 13, Andrews further teaches the method, comprising:
determining, at a validation controller, a network topology that includes a plurality of network devices with corresponding functional capabilities ([0033] & [0054]; at step 520, the central controller unit 110 is configured to retrieve the logical group attribute(s) and the location of the members in the logical group hierarchy in the data network 100);
determining, at the validation controller, a context of the network topology devices ([0006] & [0016]; the central controller unit 110 monitoring the traffic in the network 100 may be configured to apply the one or more attributes of the user or host in the network 100 to the appropriate groups in the hierarchy such that changes in the network topology);
generating a configuration element for the network topology based on the determined plurality of network devices and corresponding functional capabilities ([0033] & [0054]; the central controller unit 1 10 compares the retrieved group attributes with the group attributes at the higher level in the logical group hierarchy to determine the appropriate set of group attributes for the group members);
([0034] & [0054]; if it is determined at step 530 that the retrieved logical group attributes associated with the identified members of the logical group conflict with the higher level group attributes);
pushing, at the validation controller, the configuration element to the plurality of network devices ([0034] & [0054]; apply the remaining attributes to the identified members of the logical group).
Andrews further discloses altering a proposed configuration state (invalidated ([0023]; the central controller unit 110 in one embodiment is also configured to cease monitoring of traffic of users or hosts that were in the logical group of contractors 230, but that have left the network 100).
But Andrews doesn’t fully discloses when the configuration element is not validated, altering, at the validation controller, the network topology such that the functional capabilities of the plurality of  network devices match the proposed configuration state for the plurality of network devices, wherein the configuration element is validated.
However, Li in analogous art, discloses when the configuration element is not validated, altering, at the validation controller, the network topology such that the functional capabilities of the plurality of  network devices match the proposed configuration state for the plurality of network devices ([0036]-[0037] & [0024]; If there is no matching entry in the default flow table, the virtual router can send a route discovery request to a regional controller that controls the virtual router at 204. If the regional controller determines that the destination node is located within the region that the regional controller manages at 205, the regional controller can then determine a route based on the regional network map maintained therein at 206. The regional controller can make the determination by examining the regional network map for example. The regional controller then modifies the default flow table based on the route discovery at 207 (i.e. if the routing rule doesn’t have a capability to route the traffic a modified routing table is generated so that a mismatch situation can be resolved).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Li to the system of Andrews in order to optimize a dynamic conflict resolution in a distributed network system.
But Andrews doesn’t fully disclose wherein determining the functional capabilities for a topology is accomplished without accessing individual devices of the plurality of devices.
However, Richard in analogous art, discloses wherein determining the functional capabilities for a topology is accomplished without accessing individual devices of the plurality of devices ([0008] & [0010]; an automatic discovery of the topology of an intranet network, including the different sub networks and the sub network settings and configuration, without the use of a specific agent which need to be installed into the different devices).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Richard to the system of Andrews in order to optimize a discovery and configuration of a distributed network system.

Regarding claim 14, Andrews teaches the method of claim 13, wherein validating the configuration element includes validating a configuration line corresponding to the plurality of ([0034] & [0054]; if it is determined at step 530 that the retrieved logical group attributes associated with the identified members of the logical group conflict with the higher level group attributes).

Regarding claim 15, Andrews further teaches the method of claim 13, wherein pushing the configuration element includes applying a configuration state to each of the plurality of network devices ([0034] & [0054]; apply the remaining attributes to the identified members of the logical group).

Regarding claim 16, Andrews doesn’t fully disclose when the configuration element is not validated, altering, at the validation controller, the network topology such that the functional capabilities of the plurality of  network devices match the proposed configuration state for the plurality of network devices, wherein the configuration element is validated.
However, Li in analogous art, discloses when the configuration element is not validated, altering, at the validation controller, the network topology such that the functional capabilities of the plurality of  network devices match the proposed configuration state for the plurality of network devices, wherein the configuration element is validated ([0036]-[0037] & [0024]; If there is no matching entry in the default flow table, the virtual router can send a route discovery request to a regional controller that controls the virtual router at 204. If the regional controller determines that the destination node is located within the region that the regional controller manages at 205, the regional controller can then determine a route based on the regional network map maintained therein at 206. The regional controller can make the determination by examining the regional network map for example. The regional controller then modifies the default flow table based on the route discovery at 207 (i.e. if the routing rule doesn’t have a capability to route the traffic a modified routing table is generated so that a mismatch situation can be resolved).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Li to the system of Andrews in order to optimize a dynamic conflict resolution in a distributed network system.

Regarding claim 17, Andrews doesn’t fully disclose when the configuration element is not validated, altering, at the validation controller, the network topology such that the functional capabilities of the plurality of  network devices match the proposed configuration state for the plurality of network devices, wherein the configuration element is validated.
However, Li in analogous art, discloses when the configuration element is not validated, altering, at the validation controller, the network topology such that the functional capabilities of the plurality of  network devices match the proposed configuration state for the plurality of network devices, wherein the configuration element is validated ([0036]-[0037] & [0024]; If there is no matching entry in the default flow table, the virtual router can send a route discovery request to a regional controller that controls the virtual router at 204. If the regional controller determines that the destination node is located within the region that the regional controller manages at 205, the regional controller can then determine a route based on the regional network map maintained therein at 206. The regional controller can make the determination by examining the regional network map for example. The regional controller then modifies the default flow table based on the route discovery at 207 (i.e. if the routing rule doesn’t have a capability to route the traffic a modified routing table is generated so that a mismatch situation can be resolved).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Li to the system of Andrews in order to optimize a dynamic conflict resolution in a distributed network system.

5	Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Andrews et al. (Andrews, hereinafter) (U.S. Patent Application Publication No. 2007/0189288 A1) in view of Li (U.S. Patent Application Publication No. 2015/0163151 A1) in view of Richard (U.S. Patent Application Publication No. 2002/0161879 A1) further in view of Viswanath (U.S. Patent Application Publication No. 2004/0019670 A1).
Regarding claim 3, Andrews in view of Li and Richard discloses the limitations of claim 1. But Andrews doesn’t explicitly disclose wherein validating the configuration element includes a syntax validation, a semantic validation, and a platform-limit validation of the plurality of devices.
However, Viswanath in analogous art, teaches wherein validating the configuration element includes a syntax validation, a semantic validation, and a platform-limit validation of the plurality of devices ([0058] & [0023]-[0024]; semantic verification and syntactic validation mechanism for configuration data and different device systems). 
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Viswanath to the system of Andrews in order to optimize a dynamic administration for distributed network systems.

Conclusion

6	Any inquiry concerning this communication or earlier communications from the examiner should be directed to MELAKU Y HABTEMARIAM whose telephone number is (571)272-8373.  The examiner can normally be reached on Mon - Fri 9 am - 5pm.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon Hwang can be reached on 5712724036.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/M. H./
Melaku Habtemariam
Examiner, Art Unit 2447
5/8/21