DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The 10/29/2018 IDS has been considered by the examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 14-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because it is drawn to a system comprising a “processing resource” and a “memory resource,” which may be interpreted as software per se. Paragraphs 54-55 of the specification discuss the processing resource and the memory resource, including some example definitions. However, a specific definition is not provided, and a software interpretation is not excluded. A processor may be considered software per se, while a “memory” is not. However, it is not clear how “memory resource” is to be interpreted—e.g., the memory resource may be the code or a transitory storage medium. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 11 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. The term "rely" in claim 11 is a relative term which renders the claim indefinite.  The term "rely" is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention.  At least paragraphs 12 and 33 of the specification recite that an advantage of the invention is “monitoring without consuming additional storage,” which appears to be relevant to the “rely on central storage” limitation. However, neither “central storage” nor “rely on central storage” are recited within the specification. As such, it is not clear how to interpret “rely on central storage:” e.g., whether monitored data is loaded to a central storage platform for later retrieval; whether monitored data is recorded to a central storage platform; whether any storage platform is used at all, regardless of the monitoring.  

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the 

Claims 1-5 and 7-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pasternak (US 9,355,004 B2) in view of Church (US 2018/0359218 A1).

Regarding claim 1, Pasternak discloses: A method comprising: 
receiving access credentials for a deployment unit (DU) of a remote cloud service; and 
Refer to at least FIG. 8A and Col. 10, Ll. 40-51 of Pasternak with respect to access credential associated with a monitoring template for host machine hosting virtual machine activities (e.g., Col 3, Ll. 29-33).  
establishing a secure channel with the DU using the access credentials for monitoring of the DU, 
Refer to at least Col. 4, Ll. 57-62, FIG. 8B, Col. 10, Ll. 52-65, and Col. 11, Ll. 34-46 of Pasternak with respect to establishing a secure channel for the monitoring template.
wherein the secure channel is established [through the use of a performance monitor].
Refer to at least Col. 11, Ll. 34-46 and Col. 12, Ll. 60-Col. 13, Ll. 7 of Pasternak with respect to the secure channel being established via a performance monitor.
Pasternak does not specify: establishing the secure channel through the use of an on-demand port forwarding container. However, Pasternak in view of Church discloses: establishing the secure channel through the use of an on-demand port forwarding container.
Refer to at least the abstract, [0046], and [0061] of Church with respect to a network traffic enforcement container which provides a secure channel by forwarding port traffic, among other security features. 

Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Pasternak to comprise network traffic enforcement container functionality for at least the purpose of increasing security (e.g., at least [0005] of Church with respect to traditional secure channels having vulnerabilities which may be prevented). It is also noted that the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time (i.e., the specific secure channel implementation being interchangeable, as discussed in Col. 11, Ll. 38-40 of Pasternak).

Regarding claim 2, Pasternak-Church discloses: The method of claim 1, wherein the DU runs a monitoring service, and wherein the secure channel is to interface with the monitoring service to receive monitoring data for the DU.
Refer to at least Col. 3, Ll. 26-Col. 4, Ll. 13 and Col. 12, Ll. 36-40 with respect to monitoring and providing the monitoring data over the secure channel. 

Regarding claim 3, Pasternak-Church discloses: The method of claim 1, wherein the access credentials are received from a remote account manager (paragraph 33 of the specification defines the remote account manager as being a component which provides access credentials) associated with the remote cloud service.
Refer to at least Col. 10, Ll. 29-51 of Pasternak with respect to providing the credentials via the performance monitor and/or any combination of hardware or software.

The method of claim 1, wherein the access credentials are a first set of access credentials, the DU is a first DU, the remote cloud service is a first remote cloud service, the secure channel is a first secure channel, and the port forwarding container is a first port forwarding container, further comprising: receiving a second set of access credentials for a second DU of a second remote cloud service; and establishing a second secure channel with the second DU using the second set of access credentials for monitoring of the second DU, wherein the second secure channel is established through the use of a second on-demand port forwarding container, and wherein the first and second secure channels are to receive monitoring data from their respective DUs.
Refer to at least Col. 10, Ll. 65-Col. 11, Ll. 1, Col. 12, Ll. 58-Col. 13, Ll. 8, and Col. 14, Ll. 20-31 of Pasternak with respect to potentially creating a plurality of monitoring templates, each associated with their respective secure channel and respective credentials (e.g., see FIG. 8A concerning the credentials). 
Refer to at least FIG. 3 and Col. 6, Ll. 60-Col. 7, Ll. 2 of Pasternak with respect to creating and executing multiple monitoring templates within the performance monitor.
This claim would have been obvious for substantially the same reasons as claim 1 above.

Regarding claim 5, Pasternak-Church discloses: The method of claim 4, further comprising: displaying the monitoring data received from the first and second secure channels.
Refer to at least FIG. 5D of Pasternak with respect to a performance monitor GUI.

Regarding claim 7, Pasternak-Church discloses: The method of claim 1, further comprising: deleting the port forwarding container when a monitoring query request is completed.
Refer to at least Col. 4, Ll. 22-24 and Col. 14, Ll. 8-11 of Pasternak with respect to creating a thereafter destroying a monitoring template after it finishes its run.


Regarding claim 8, it is rejected for substantially the same reasons as claim 7 above (i.e., the citations).

Regarding claim 9, it is rejected for substantially the same reasons as claim 1 above (i.e., the citations concerning monitoring machines / nodes).

Regarding claim 10, Pasternak-Church discloses: The method of claim 1, wherein the secure channel is established through the use of a command provided to a container-orchestration system that creates a data connection from a remote client to a cloud service.
Refer to at least Col. 3, Ll. 51-Col. 4, Ll. 12 and Col. 12, Ll. 36-40 of Pasternak with respect to requesting to create the secure channel between devices. 

Regarding claim 11, it is rejected for substantially the same reasons as claim 1 above (i.e., the cited portions of Pasternak do not appear to rely on storing the monitoring data at a point between the monitored machine(s) and the performance monitor).

Regarding independent claim 12, it is substantially similar to elements of independent claim 1 and dependent claim 4 above, and is therefore likewise rejected for substantially the same reasons (i.e., the citations and the obviousness rationale).

Regarding claim 13, it is substantially similar to claim 5 above, and is therefore likewise rejected.



Regarding claim 15, it is substantially similar to claim 2 above, and is therefore likewise rejected.

Claim 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pasternak-Church as applied to claims 1-5 and 7-15 above, and further in view of Lan (US 20190199687 A1).

Regarding claim 6, Pasternak-Church does not specify: wherein the on-demand port forwarding container dynamically chooses a new available port for each monitoring query. However, Pasternak-Church in view of Lan discloses: wherein the on-demand port forwarding container dynamically chooses a new available port for each monitoring query.
Refer to at least the abstract and FIG. 5 of Lan with respect to dynamically assigning ports to container applications. 
The teachings of Pasternak-Church comprise port assignment and SSH, and are considered to be combinable with those of Lan concerning such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Pasternak-Church to further include dynamic port assignment for at least the purpose of increasing security.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VADIM SAVENKOV whose telephone number is (571)270-5751.  The examiner can normally be reached on 12PM-8PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432                                                                                                                                                                                                        




/V.S/Examiner, Art Unit 2432