DETAILED ACTION
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This Office action is in response to the amendment filed on 3/29/2021.
Claims 1, 15 and 18 have been amended.
Claims 1-20 are pending for consideration.

Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

Response to Arguments
Applicant's arguments filed on 3/29/2021 have been fully considered but they are not persuasive. 
Applicant argues on pages 11-12 of the Remarks that the combination of Narayanaswamy in view of Sugimoto does not teach 1) different directives based on location.  Furthermore, applicant argues that Narayanaswamy fails to teach 2) “enforce a security policy for network access based on the determined user name, the identified application, and the host information profile report, wherein the host information profile report includes a) device hardware information including a type of device, a general processor, a network processor, or any combination thereof, b) device software information including an operating system identifier, an operating system patch level, a security application, security data file level, and date of last scan performed by the security application, or any combination thereof, and c) the device software information including remediation information, or any combination thereof, and wherein the enforcing of the security policy for network access comprises to: determine the security policy based on location of the client device, wherein the location of the client device is in the trusted zone or the untrusted zone, wherein the trusted zone relates to a location inside the enterprise network, and wherein the untrusted zone relates to a location outside the enterprise network; and enforce the determined security policy,”
In response to the first argument, Examiner respectfully disagrees.  The feature “different directives based on location” is not appeared to recite in the claims and in the applicant’s specification.  That feature is unclear what type of directives are included in the HIP report.  According to the Applicant’s specification, the HIP report includes device location information, in which the device location information includes information for identifying whether the client device is in a trusted zone or an untrusted zone (paragraph 0033).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
enforce a security policy for network access based on the determined user name, the identified application, and the host information profile report, wherein the host information profile report includes a) device hardware information including a type of device, a general processor, a network processor, or any combination thereof, b) device software information including an operating system identifier, an operating system patch level, a security application, security data file level, and date of last scan performed by the security application, or any combination thereof, and c) the device software information including remediation information, or any combination thereof, (Narayanaswamy: paragraphs 0016-0017, 0048 and 0051-53, “the guest information may include health information (e.g., patch level of the guest OS, whether the guest OS has a firewall enabled, whether the guest OS has a latest version of a particular anti-virus software installed, etc.), current activity information (e.g., current network connections of the guest OS), identity information (e.g., an identifier (e.g., name) of the user who is operating the client, and identifier of a device implementing the client), information about application(s) that are running on the guest OS, etc.”) and wherein the enforcing of the security policy for network access comprises to: determine the security policy based on location of the client device, wherein the location of the client device is in the trusted zone or the untrusted zone, wherein the trusted zone relates to a location inside the enterprise network, and wherein the untrusted zone relates to a location outside the enterprise network (Narayanaswamy: paragraphs 0048, 0051-0053 and 0063, “Firewall agent 340 may use ; and enforce the determined security policy (Narayanaswamy: paragraphs 0051-0053 and 0063, “Firewall agent 340 may retrieve the access control information for guest OS 310. Firewall agent 340 may determine, based on the access control information, whether a type of access requested in the access request is allowed for guest OS 310. Firewall agent 340 may provide guest OS 310 access to the resource of destination server 170 when the type of access requested is allowed”).  As can be seen in the cited paragraphs and portions above, the access device is only allowed to access to a resource resided within a private/restricted network (e.g., internal or intranet).  Accessing any resources that are located outside of .

Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.


Claims 1, 4-8, 11-15, 17-18 and 20 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over NARAYANASWAMY et al. (US 20120240182) (hereinafter Narayanaswamy) in view of Sugimoto et al. (US 20120204253) (hereinafter Sugimoto).
Regarding claim 1, Narayanaswamy discloses a system, comprising: a hardware processor of an enforcer (Narayanaswamy: paragraph 0023, “Enforcer 160 may take a form of a network element, a router, a switch, a firewall, a gateway, a hardware/software component, a computer, a server, multiple servers, etc.”) configured to:
establish a secure connection between the enforcer and a client device (Narayanaswamy: paragraphs 0017, 0023, 0025 and 0036, “firewall agent 340 may allow a user who is in the legal department to access legal files that are stored on destination server 170 when the health information satisfies particular criteria (e.g., a particular version of anti-virus software is installed and/or a particular firewall is enabled) for accessing the legal files”
receive a host information profile report from the client device, wherein the host information profile report includes device profile information associated with the client device (Narayanaswamy: paragraphs 0035-0036 and 0051-0053, “agent 330 may receive health information about guest OS 310 and determine identity information of a user (or of client device 110) associated with guest OS 310”), wherein the host information profile report includes information for identifying whether the client device is in a trusted zone or an untrusted zone (Narayanaswamy: paragraphs 0048, 0051-0053 and 0063, “Firewall agent 340 may use the health information, current activity information, and/or the identity information in the guest information to determine what type of access is allowed for guest OS 310 (e.g., what resources of destination server 170 that guest OS 310 may access)”… “a user of client device 110 may use guest OS 310 to attempt to access a resource of destination server 170. The resource may include, for example, a connection to a network (e.g., an Intranet) associated with destination server 170… Firewall agent 340 may receive (e.g., by intercepting) the access request. In another implementation, firewall agent 340 may receive at a beginning of a flow of network traffic to determine whether to allow access”… “Based on the access control information, enforcer 160 may deny access to one resource as long as guest OS 310 has access to another resource. For example, guest OS 310 may access a resource of destination server 170 that provides legal files. While guest OS 310 is accessing the resource that provides the legal files, enforcer 160 may deny guest OS 310 to access to external network resources (e.g., to prevent the transmission of data to an external resource, to reduce the risk of maliciously changing security profile of agent 330 while accessing destination 170, etc.).”);
determine a user name logged into the client device (Narayanaswamy: paragraphs 0016, 0034, 0045 and 0051, “The guest information may include health information (e.g.,… identity information (e.g., an identifier (e.g., name) of the user who is operating the client, and identifier of a device implementing the client), information about application(s) that are running on the guest OS, etc.”… “VM server 130 may receive/determine the user's identity information during the log-in process. Agent 330 may retrieve the identity information at a later point in time, as described further below”);
identify an application generating network traffic from the client device, wherein the application is associated with the network traffic, and wherein the network traffic involves Hypertext Transfer Protocol (HTTP) traffic, File Transfer Protocol (FTP) traffic, a Domain Name System (DNS) request, unknown traffic, or any combination thereof (Narayanaswamy: paragraphs 0016 and 0052, “the guest information may include health information (e.g., patch level of the guest OS, whether the guest OS has a firewall enabled, whether the guest OS has a latest version of a particular anti-virus software installed, etc.), current activity information (e.g., current network connections of the guest OS), identity information (e.g., an identifier (e.g., name) of the user who is operating the client, and identifier of a device implementing the client), information about application(s) that are running on the guest OS, etc.”
enforce a security policy for network access based on the determined user name, the identified application, and the host information profile report (Narayanaswamy: paragraphs 0016-0017 and 0048, “the guest information may include health information (e.g., patch level of the guest OS, whether the guest OS has a firewall enabled, whether the guest OS has a latest version of a particular anti-virus software installed, etc.), current activity information (e.g., current network connections of the guest OS), identity information (e.g., an identifier (e.g., name) of the user who is operating the client, and identifier of a device implementing the client), information about application(s) that are running on the guest OS, etc.”), wherein the host information profile report includes a) device hardware information including a type of device, a general processor, a network processor, or any combination thereof, b) device software information including an operating system identifier, an operating system patch level, a security application, security data file level, and date of last scan performed by the security application, or any combination thereof, and c) the device software information including remediation information, or any combination thereof, (Narayanaswamy: paragraphs 0016, 0034-0035 and 0051-0053, “The guest information may include health information (e.g., patch level of the guest OS, whether the guest OS has a firewall enabled, whether the guest OS has a latest version of a particular anti-virus software installed, etc.), current activity information (e.g., current network connections of the guest OS), identity information (e.g., an identifier (e.g., name) of the user who is operating the client, and identifier of a device implementing the client), information about application(s) that are running on the guest OS, etc.”… “health (e.g., patch level of the guest OS), remedial actions and identity information”), and wherein the enforcing of the security policy for network access comprises to:
determine the security policy based on location of the client device, wherein the location of the client device is in the trusted zone or the untrusted zone, wherein the trusted zone relates to a location inside the enterprise network, and wherein the untrusted zone relates to a location outside the enterprise network (Narayanaswamy: paragraphs 0048, 0051-0053 and 0063, “Firewall agent 340 may use the health information, current activity information, and/or the identity information in the guest information to determine what type of access is allowed for guest OS 310 (e.g., what resources of destination server 170 that guest OS 310 may access)”… “a user of client device 110 may use guest OS 310 to attempt to access a resource of destination server 170. The resource may include, for example, a connection to a network (e.g., an Intranet) associated with destination server 170… Firewall agent 340 may receive (e.g., by intercepting) the access request. In another implementation, firewall agent 340 may receive at a beginning of a flow of network traffic to determine whether to allow access”… “Based on the access control information, enforcer 160 may deny access to one resource as long as guest OS 310 has access to another resource. For example, guest OS 310 may access a resource of destination server 170 that provides legal files. While guest OS 310 is accessing the resource that provides the legal files, enforcer 160 may deny guest OS 310 to access to external network resources (e.g., to prevent the transmission of data to an external resource, to reduce the risk of maliciously changing security profile of agent 330 while accessing destination 170, etc.).”); and enforce the determined security policy (Narayanaswamy: paragraphs 0017, 0051 and 0063, “enforcer 160 may provide coordinated enforcement. The access control information may specify what resources of destination server 170 guest OS 310 may access at one time. Based on the access control information, enforcer 160 may deny access to one resource as long as guest OS 310 has access to another resource. For example, guest OS 310 may access a resource of destination server 170 that provides legal files. While guest OS 310 is accessing the resource that provides the legal files, enforcer 160 may deny guest OS 310 to access to external network resources (e.g., to prevent the transmission of data to an external resource, to reduce the risk of maliciously changing security profile of agent 330 while accessing destination 170, etc.).”); and
a memory coupled to the hardware processor and configured to provide the hardware processor with instructions (Narayanaswamy: paragraph 0029, “processing unit 220 may include one or more processors, microprocessors, or other types of processing units that may interpret and execute instructions”).
Narayanaswamy does not explicitly disclose the following limitations which are disclosed by Sugimoto, wherein the client device selects the selected enforcer (i.e., gateway) for communication with an enterprise network, wherein the selected gateway Sugimoto: paragraphs 0039 and 0072, “when the UE attaches to an untrusted non-3GPP access network 130a-d, the network operator or the UE shall choose one ePDG (i.e. gateway) from the set of candidate ePDGs 125a-c. This choice is either made by the mobile operator or by the UE”); and wherein the user name is associated with an Internet Protocol (IP) address of the client device (Sugimoto: paragraphs 0041 and 0074, “the 3GPP UE attaches to an untrusted non-3GPP access network, e.g. a wireless LAN, or detects a need to attach to an untrusted non-3GPP access network. Access authentication and IP address configuration is done, and the 3GPP UE becomes ready to send or receive IP packets by the WLAN interface”).  Narayanaswamy and Sugimoto are analogous art because they are from the same field of endeavor, access protection.  At the time of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Narayanaswamy and Sugimoto before him or her, to modify the system of Narayanaswamy to include the selected gateway and IP address of the user device of Sugimoto.  The suggestion/motivation for doing so would have been to specify the security policy corresponding to the selected tunnel (Sugimoto: paragraph 0050).
Regarding claim 15, claim 15 discloses a method claim that is substantially equivalent to the system of claim 1.  Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 15 and rejected for the same reasons.
Regarding claim 18, claim 18 discloses a product claim that is substantially equivalent to the system of claim 1.  Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 18 and rejected for the same reasons.
Regarding claim 4, Narayanaswamy as modified discloses wherein the hardware processor is further configured to: match the host information profile report from the client device with one or more host information profiles, wherein the one or more host information profiles are configured by an administrator (Narayanaswamy: paragraphs 0016, 0043 and 0051, “policy engine server 150 may make determinations about what type of access to allow guest OS 310 based on a series of policies/criteria set by an administrator and provided to policy engine server 150. Policy engine server 150 may generate access control information 450 based on the determinations”).
Regarding claim 5, Narayanaswamy as modified discloses wherein the hardware processor is further configured to: determine the security policy based on a host information profile that matches the host information profile report, and an identified application (Narayanaswamy: paragraphs 0051, 0053 and 0058-0059, “type of access to allow may be determined and access control information may be generated (block 560)… Firewall agent 340 may generate access control information for guest OS 310 based on result(s) of the comparisons”).
Regarding claim 6, Narayanaswamy as modified discloses wherein the hardware processor is further configured to: receive host information profile reports from each of a plurality of client devices (Narayanaswamy: paragraphs 0005 and 0056, “agent 330 may act as the only agent, in hypervisor 320 of VM server 130, for collecting information from all of guest OSs 310 that may access destination server 170. Agent 330 may probe guest OSs 310 for guest information corresponding to each one of guest OSs 310. Agent 330 may transmit the guest information to policy engine server 150. Policy engine server 150 may receive the guest information from agent 330”
Regarding claim 7, Narayanaswamy as modified discloses wherein the hardware processor is further configured to: deny access permission to a resource on the enterprise network based on a host information profile that matches the host information profile report, wherein the host information profile report indicates that the client device is a potentially insecure host (Narayanaswamy: paragraph 0017, “the policy engine may configure an enforcer with the access control information. The enforcer may allow or deny, based on the access control information, the guest OS access to one or more of the resources of the destination server”).
Regarding claim 8, Narayanaswamy as modified discloses wherein the device hardware information includes type of the client device, type of processor, type of network processors, or any combination thereof (Narayanaswamy: paragraph 0034, “Hypervisor 320 may take an image for a type of guest OS of VM 305 and instantiate a clone of the image to create VM 305 and to execute guest OS 310 on VM 305 for client device 110. Each one of guest OSs 310 may correspond to a different one of client devices 110”).
Regarding claim 11, Narayanaswamy as modified discloses wherein the hardware processor is further configured to: periodically send a host information profile report request to the client device (Narayanaswamy: paragraph 0035, “agent 330 may transmit the health information and the identity information to firewall agent 340. In one implementation, agent 330 may periodically check (re-probe) whether information needs to be updated for guest OS. In another implementation, hypervisor 320 may notify agent 330 when a particular change-of-interest occurs (e.g., antivirus software is deleted) in guest OS 310. Agent 330 may re-probe guest OS 310 in response to the notification”); Narayanaswamy: paragraph 0050, “agent 330 may receive a notification (e.g., from hypervisor 320) that a change-of-interest (a change that is of interest to policy engine server 150 in terms of possibly affecting one or more of the policies stored by policy engine server 150 (e.g., antivirus software is deleted)) occurred for guest OS 310. Agent 330 may probe guest OS 310, in response to the notification, for the updated guest information. Agent 330 may transmit the updated guest information to firewall agent 340 (or policy engine server 150)”).
Regarding claim 12, Narayanaswamy as modified discloses wherein the security policy includes a network access rule (Narayanaswamy: paragraph 0017, “the policy engine may generate access control information based on the evaluation of the guest information. The policy engine may configure an enforcer with the access control information. The enforcer may allow or deny, based on the access control information, the guest OS access to one or more of the resources of the destination server”).
Regarding claim 13, Narayanaswamy as modified discloses wherein the security policy includes an inbound firewall rule and an outbound firewall rule (Narayanaswamy: paragraphs 0023 and 0036, “firewall agent 340 may determine what type of access (if any) to grant guest OS 310 based on the health information and the identity information received for guest OS 310 from agent 330. Firewall agent 340 may provide security enforcement of network traffic based on the determination. In other words, firewall agent 340 may allow or deny a user access, from guest OS 310, to a resource of destination server 170. For example, firewall agent 340 may allow a user who is in the legal department to access legal files that are stored on destination server 170 when the health information satisfies particular criteria (e.g., a particular version of anti-virus software is installed and/or a particular firewall is enabled) for accessing the legal files”).
Regarding claim 14, Narayanaswamy as modified discloses wherein the host information profile report is generated by is an agent executed on the client device, and wherein the host information profile report is periodically reported from the client device (Narayanaswamy: paragraphs 0035 and 0050, “in response to probing guest OS 310, agent 330 may receive health information about guest OS 310 and determine identity information of a user (or of client device 110) associated with guest OS 310. Agent 330 may retrieve the actual identity information from hypervisor 320, which received the request associated with guest OS 310. Agent 330 may transmit the health information and the identity information to firewall agent 340. In one implementation, agent 330 may periodically check (re-probe) whether information needs to be updated for guest OS”).
Regarding claims 17 and 20, Narayanaswamy as modified discloses further comprising: determining the security policy based on a host information profile that matches the host information profile report, the identified application, and the identified user name (Narayanaswamy: paragraphs 0017 and 0051, “the policy engine may conduct the evaluation by running the guest information through (security) policies associated with accessing the destination server (e.g., determine whether an identifier of the user matches an identifier of a person who or a device that is allowed access to the destination server, as required by one of the policies). The policy engine may generate access control information based on the evaluation of the guest information. The policy engine may configure an enforcer with the access control information. The enforcer may allow or deny, based on the access control information, the guest OS access to one or more of the resources of the destination server”).

Claims 2, 16 and 19 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over NARAYANASWAMY in view of Sugimoto, and further in view of Hyndman et al. (US 20080282080) (hereinafter Hyndman).
Regarding claims 2, 16 and 19, Narayanaswamy in view of Sugimoto does not explicitly disclose the following limitation which is disclosed by Hyndman, wherein the identifying of whether the client device is in the trusted zone or the untrusted zone includes: determine whether the client device is accessing the enterprise network using a secure virtual private network (VPN) (Hyndman: paragraphs 0030 and 0048, “Commonly the wireless access point will decrypt the signals and then re-encrypt the signals into a VPN tunnel or other secure mechanism for transportation across the network. The adaptive networks proxy may perform deep packet inspection of the traffic at this point, while it is unencrypted, to determine what type of traffic is coming from the user equipment so that the adaptive networks server may be informed of the type of traffic and, hence, the network services are required to be provided to the user equipment”); determine that the client device is in the trusted zone in the event that the client device is accessing the enterprise network using the secure VPN (Hyndman: paragraphs 0030 and 0048); and determine that the client device is in the untrusted zone in the event that the client device is accessing the enterprise network without using the secure VPN (Hyndman: paragraphs 0030, 0048 and 0058, “if the application is a VPN client that has been launched on the host, the adaptive networks server may access the policy server to determine”).  Narayanaswamy in view of Sugimoto and Hyndman are analogous art because they are from the same field of endeavor, access Hyndman: paragraph 0008).

Claims 3 and 9 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Narayanaswamy in view of Sugimoto, and further in view of Lee (US 20100192196) (hereinafter Lee).
Regarding claim 3, Narayanaswamy in view of Sugimoto discloses wherein the enforcing of the security policy includes: determine whether the host information profile report includes the security application…(Narayanaswamy: paragraphs 0016 and 0059, “The guest information may include health information (e.g., patch level of the guest OS, whether the guest OS has a firewall enabled, whether the guest OS has a latest version of a particular anti-virus software installed, etc.), current activity information (e.g., current network connections of the guest OS), identity information (e.g., an identifier (e.g., name) of the user who is operating the client, and identifier of a device implementing the client), information about application(s) that are running on the guest OS, etc.”).
Narayanaswamy in view of Sugimoto does not explicitly disclose the following limitation which is disclosed by Lee, in the event that the host information profile report includes the security application, is determine whether real-time protection or auto protection is enabled for the security application (Lee: paragraph 0019, “a cautious administrator can deny access to unknown resources or specify a particular minimum health state of computer systems that request access to unknown resources. For example, if a client system has antivirus real-time protection enabled and signatures and patches are up-to-date, the administrator may define a policy that specifies that the client system can browse unknown URLs”).  Narayanaswamy in view of Sugimoto and Lee are analogous art because they are from the same field of endeavor, access protection.  At the time of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Narayanaswamy in view of Sugimoto and Lee before him or her, to modify the system of Narayanaswamy in view of Sugimoto to include the antivirus real-time protection of Lee.  The suggestion/motivation for doing so would have been to control access to networking protocols or destinations (Lee: paragraph 0003).
Regarding claim 9, Narayanaswamy in view of Sugimoto does not explicitly disclose the following limitation which is disclosed by Lee, wherein the device software information includes whether real-time protection or auto protection of the security application is enabled (Lee: paragraph 0019, “a cautious administrator can deny access to unknown resources or specify a particular minimum health state of computer systems that request access to unknown resources. For example, if a client system has antivirus real-time protection enabled and signatures and patches are up-to-date, the administrator may define a policy that specifies that the client system can browse unknown URLs”).  Narayanaswamy in view of Sugimoto and Lee are analogous art because they are from the same field of endeavor, access protection.  At the time of the invention, it would have been obvious to one of ordinary skill in the art, having the Lee: paragraph 0003).

Claim 10 is rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Narayanaswamy in view of Sugimoto, and further in view of Wei et al. (US 20120005746) (hereinafter Wei).
Regarding claim 10, Narayanaswamy in view of Sugimoto does not explicitly disclose the following limitation which is disclosed by Wei, wherein the secure connection encrypts network traffic between the client device and the selected gateway using Secure Sockets Layer (SSL) or Secure Shell (SSH) (Wei: paragraphs 0030 and 0039, establishment and deconstructing of a secure data connection conforming to a security scheme, such as SSL or IPSec protocols, and the formation of encrypted outbound packets to be tunneled and the processing of inbound packets to decrypt those packets received from the tunnel).  Narayanaswamy in view of Sugimoto and Wei are analogous art because they are from the same field of endeavor, secure access.  At the time of the invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Narayanaswamy in view of Sugimoto and Wei before him or her, to modify the system of Narayanaswamy in view of Sugimoto to include the SSL connection between the client device and the protected resources of Wei.  The suggestion/motivation for doing so would have been to enable secure and controlled access to resources provided by enterprise network (Wei: paragraph 0020).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is listed on the enclosed PTO-892 form, e.g., 
Wei (US 20120005746) discloses an integrated, multi-service network client for cellular mobile devices is described. The multi-service client includes a VPN handler having an interface programmed to exchange the network packets with the security manager for application of the security service, wherein the VPN handler is configurable to operate in one of an enterprise mode and in a non-enterprise mode, wherein in the enterprise mode the VPN handler establishes a VPN connection with a remote VPN security device and provides encryption services to securely tunnel the network packets between the cellular mobile device and the remote VPN security device, and wherein in the non-enterprise mode the VPN handler directs the network packets to the security manager without application of the encryption services and communicates the network packets to a packet-based network without tunneling the packets.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRANG T DOAN whose telephone number is (571)272-0740.  The examiner can normally be reached on Monday-Friday 7-4 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D Feild can be reached on (571)272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access 






/TRANG T DOAN/Primary Examiner, Art Unit 2431