Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The following is an expanded discussion/commentary attached to the instant PTOL-413FP Pre-Interview Communication form.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-7 and 9 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
	Claims 1-7 recite “isolating the first switch port such that network traffic on the first switch port is restricted to a second switch port that is connected to a server management computer”. Claims 1-7 then recite “blocking network traffic that is exiting the first switch port but is not from the second switch port”. If the “network traffic” is “exiting” the “first switch port”, it is unclear how the same “network traffic” that “exits” the “first switch point” can be also “from the second switch port” which would imply that that “network traffic” is not “blocked”. It is also unclear whether the “network traffic on the first switch port” and “network traffic that is exiting the first switch port” are the same or different elements.

	Claim 7 recites “network traffic on the first switch port”. Again, it is unclear whether this refers to either of the previously recited “network traffic on the first switch port” or “network traffic that is exiting the first switch port”. 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-3, 7-8, and 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over US 20140165183 A1 to Dharmadhikari in view of US 20140344431 A1 to Hsu et al. (“Hsu”).
Regarding claim 1, Dharmadhikari taught a method of securing a switch port of a network switch (“switch” “capable” of performing “level 2 (L2)” or “level 3 (L3)” network capabilities”; paragraphs 0019-0021), the method comprising: 
identifying, from among a plurality of switch ports of a network switch, a first switch port that is directly connected to a baseboard management controller (BMC) communication port of a BMC of a server computer (“server”/“host computer” including a “baseband management controller”; consider paragraphs 0005 and 0007); (consider paragraph 0009 regarding “a switch having” a port “coupled to the BMC” wherein the “switch is configured to” “send” “ingress traffic including a management content to the BMC”) (consider further paragraph 0026 wherein the “switch” “determines the proper destination” of “packets” wherein “when packet 220 contains network management information, switch 130 sends the packet to the BMC”)
isolating the first switch port such that network traffic on the first switch port is restricted to a second switch port (“external port”); and blocking network traffic that is exiting the first switch port but is not from the second switch port. (consider paragraph 0030 wherein the “BMC 120 is set in protected mode” wherein “the switch 130 is configured to block data traffic between protected modes”) (consider further paragraph 0040 wherein a “second port in switch 130 coupled to BMC 120 may be configured in protected mode” such that “switch may block egress traffic between protected ports”)
Dharmadhikari may be interpreted as not expressly teaching wherein the second switch port is connected to a server management computer, the server management computer being 
In an analogous art relating to baseboard management controllers and related systems, Hsu taught wherein a server management computer is being configured to communicate with a BMC of a server computer over a network (consider paragraph 0032, “A user located at the client computer 180 may remotely manage the operations of a managed server of the server system 380 via the network 210, a corresponding main BMC (331-33Q) and a corresponding BMC node (311-31P). It should be appreciated that the client computer 180 can perform the same management operations on the BMC nodes 311-31P and the main BMCs 331-33Q as well as on the traditional BMCs. The network 210 may be of various forms such as a local area network (LAN) or wide area network (WAN) including the internet.”)
It would have been obvious to one skilled in the art before the effective filing date of the instant application to modify the teachings of Dharmadhikari to include the taught features of Hsu such that the modification includes every element as claimed. Given Dharmadhikari’s disclosure of network communication with baseboard management controllers, Hsu specifically taught that allowing a user to use a server management computer over a network allows the user to manage a server with a baseboard management controller remotely without having to be physically present at the location of the server computer (paragraph 0011) in order to interface with the baseboard management controller through a network using protocols over a network port (paragraph 0005). Given this specific advantage taught in Hsu, one skilled in the art would 
Regarding claim 2, the combined teachings of Dharmadhikari and Hsu taught the method of claim 1.
Dharmadhikari may be interpreted as not expressly teaching wherein the server management computer is directly connected to the second switch port of the network switch by way of a wired link, however, Dharmadhikari did teach wherein the second switch port is directly connected to a network (paragraph 0021).
Hsu taught that the server management computer may be directly connected to a baseboard management controller of a server by way of a wired link (consider paragraph 0011, “Remote management is an important capability of the BMC. It is often necessary to manage the operations of a server computer, such as getting information regarding the relative health of a server computer. For many conventional systems, the technician that needs to view the screen display and interact with the server being managed is required to be physically located at the site of the server”) (consider further paragraph 0013, “[T]he remote management function supported by the BMC can help the system administrator to be able to access server information on his own computer (client) through the network, just like physically present at the server side”) (consider 
The motivations regarding the obviousness of claim 1 also apply to claim 2, therefore, claim 2 is rejected under 35 USC § 103 as being unpatentable over the combined teachings of Dharmadhikari and Hsu and the same rationale supporting the conclusion of obviousness.
	Regarding claim 3, the combined teachings of Dharmadhikari and Hsu taught the method of claim 1.
Dharmadhikari may be interpreted as not expressly teaching wherein the server management computer is connected to the second switch port of the network switch over a computer network, however, Dharmadhikari did teach wherein the second switch port is directly connected to a network (paragraph 0021).
Hsu taught that the server management computer may be connected to a baseboard management controller of a server over a computer network (consider paragraph 0011, “Remote management is an important capability of the BMC. It is often necessary to manage the operations of a server computer, such as getting information regarding the relative health of a server computer. For many conventional systems, the technician that needs to view the screen display and interact with the server being managed is required to be physically located at the site of the server”) (consider further paragraph 0013, “[T]he remote management function supported by the BMC can help the system administrator to be able to access server information on his own 
The motivations regarding the obviousness of claim 1 also apply to claim 3, therefore, claim 3 is rejected under 35 USC § 103 as being unpatentable over the combined teachings of Dharmadhikari and Hsu and the same rationale supporting the conclusion of obviousness.
Regarding claim 7, the combined teachings of Dharmadhikari and Hsu taught the method of claim 1.
Dharmadhikari taught recording Internet protocol (IP) addresses of network traffic on the first switch port. (consider paragraphs 0020 and 0025 regarding “filtering” based on “IP address” and also that “switch 130 may provide firewall filters to ingress and egress traffic through system 100”) (consider further paragraph 0028 wherein “switch 130 may be configured to identify illegitimate packets 330 and remove them from system 100 by placing them into a rejection box 350” and that “rejection box 350 may temporarily store illegitimate packets 330 for a check procedure, to insure that the packets come from a malicious source”)
Regarding claim 8, Dharmadhikari taught a server management switch of a computer network (“switch” “capable” of performing “level 2 (L2)” or “level 3 (L3)” network capabilities”; paragraphs 0019-0021), the server management switch comprising: 

a second switch port of the plurality of switch ports (“external port”), wherein the server management switch is configured to identify a switch port that is connected to the BMC of the server computer and, in response to identifying the first switch port as being directly connected to the BMC of the first server computer, to block network traffic that has not been received on the second switch port from exiting the first switch port. (consider paragraph 0030 wherein the “BMC 120 is set in protected mode” wherein “the switch 130 is configured to block data traffic between protected modes”) (consider further paragraph 0040 wherein a “second port in switch 130 coupled to BMC 120 may be configured in protected mode” such that “switch may block egress traffic between protected ports”)
Dharmadhikari may be interpreted as not expressly teaching wherein the first server computer is of a plurality of server computers of the computer network, the second switch port being connected to a server management computer that is configured to perform management of the plurality of server computers, the server management computer being configured to communicate with BMC’s of the plurality of server computers, wherein the server management 
In an analogous art relating to baseboard management controllers and related systems, Hsu taught wherein a server management computer is being configured to communicate with a BMC of a server computer over a network and that it was conventional to have a plurality of server computers all having respective BMCs to which a server management computer could communicate with any of the BMCs over an identified network port (consider paragraph 0016, “[A] conventional baseboard management system 200 includes a plurality of BMCs 120 respectively located on the servers 100. That is, each server 100 includes a BMC 120 for management control and each BMC 120 has a network port 130 connected to a network tree 210 of a company or the global world. A client computer 180 located anywhere in the network tree 210 can remotely access any BMC 120 of a server 100 in the same network tree 210. By accessing the BMC 120, a manager can take control of the server host 100 and monitor the environment status that is supported by the BMC 120) (consider further paragraph 0032, “A user located at the client computer 180 may remotely manage the operations of a managed server of the server system 380 via the network 210, a corresponding main BMC (331-33Q) and a corresponding BMC node (311-31P). It should be appreciated that the client computer 180 can perform the same management operations on the BMC nodes 311-31P and the main BMCs 331-
It would have been obvious to one skilled in the art before the effective filing date of the instant application to modify the teachings of Dharmadhikari to include the taught features of Hsu such that the modification includes every element as claimed. Given Dharmadhikari’s disclosure of network communication with baseboard management controllers, Hsu specifically taught that allowing a user to use a server management computer over a network allows the user to manage any server with a baseboard management controller remotely without having to be physically present at the location of the server computer (paragraph 0011) in order to interface with the baseboard management controller through a network using protocols over a network port (paragraph 0005). Given this specific advantage taught in Hsu, one skilled in the art would have been motivated to modify the teachings of Dharmadhikari with the teachings of Hsu such that the second network port of the server management switch configured to receive network traffic relating to managing baseboard management controllers as taught in Dharmadhikari may be utilized by a server management computer over a network in order to communicate with a plurality of server computers with their respective BMC over a network port as taught in Hsu so that the server management computer connects to the second switch port in order to communicate with the specific BMC of the server computer of a plurality of server computers to perform management of the plurality of server computers after identifying a network port of the server computer as claimed. Therefore, such a modification of the teachings of Dharmadhikari with the teachings of Hsu would have yielded nothing more than predictable results to one of ordinary skill in the art.

 Dharmadhikari may be interpreted as not expressly teaching wherein the second switch port is directly connected to the server management computer, however, Dharmadhikari did teach wherein the second switch port is directly connected to a network (paragraph 0021). Dharmadhikari also did teach communication with an entity over a network with the BMC of the server computer using the second switch port (again, consider paragraph 0009 regarding “a switch having” a port “coupled to the BMC” wherein the “switch is configured to” “send” “ingress traffic including a management content to the BMC”).
	Hsu taught that the server management computer may be directly connected to a switch port (consider paragraph 0011, “Remote management is an important capability of the BMC. It is often necessary to manage the operations of a server computer, such as getting information regarding the relative health of a server computer. For many conventional systems, the technician that needs to view the screen display and interact with the server being managed is required to be physically located at the site of the server”) (consider further paragraph 0013, “[T]he remote management function supported by the BMC can help the system administrator to be able to access server information on his own computer (client) through the network, just like physically present at the server side”) (consider further paragraph 0016, “[E]ach server 100 includes a BMC 120 for management control and each BMC 120 has a network port 130 connected to a network tree 210 of a company or the global world. A client computer 180 located anywhere in the network tree 210 can remotely access any BMC 120 of a server 100 in the same network tree 210”) (consider further paragraph 0034, “The Ethernet controller 460 supports a network link through a LAN port 130 to the network 210 for remote management.”)

Regarding claim 12, the combined teachings of Dharmadhikari and Hsu taught the server management switch of claim 8.
Dharmadhikari may be interpreted as not expressly teaching wherein the second switch port is connected to the server management computer over a server management network, however, Dharmadhikari did teach wherein the second switch port is directly connected to a network (paragraph 0021). Dharmadhikari also did teach communication with an entity over a network with the BMC of the server computer using the second switch port (again, consider paragraph 0009 regarding “a switch having” a port “coupled to the BMC” wherein the “switch is configured to” “send” “ingress traffic including a management content to the BMC”).
Hsu taught that the server management computer may be connected to a switch port (consider paragraph 0011, “Remote management is an important capability of the BMC. It is often necessary to manage the operations of a server computer, such as getting information regarding the relative health of a server computer. For many conventional systems, the technician that needs to view the screen display and interact with the server being managed is required to be physically located at the site of the server”) (consider further paragraph 0013, “[T]he remote management function supported by the BMC can help the system administrator to be able to access server information on his own computer (client) through the network, just like physically present at the server side”) (consider further paragraph 0016, “[E]ach server 100 includes a BMC 120 for management control and each BMC 120 has a network port 130 connected to a network tree 210 of a company or the global world. A client computer 180 located 
The motivations regarding the obviousness of claim 8 also apply to claim 12, therefore, claim 12 is rejected under 35 USC § 103 as being unpatentable over the combined teachings of Dharmadhikari and Hsu and the same rationale supporting the conclusion of obviousness.
Claims 4 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Dharmadhikari and Hsu as applied to claims 1 and 8 above, and in further view of US 20190273700 A1 to Itkin.
Regarding claim 4, the combined teachings of Dharmadhikari and Hsu taught the method of claim 1.
Dharmadhikari and Hsu may be interpreted as not expressly teaching rate-limiting all network traffic on the first switch port.
However, in an analogous art relating controlling specific types of network traffic over ports in conjunction with network elements communicating with baseboard management controllers (consider paragraph 0055-0056), Itkin taught rate-limiting network traffic flowing on a network port within a network element (consider paragraph 0060 wherein “flow rates” on particular “ports” may be “set or limit[ed]” in order to “control data flows” by “isolat[ing] and protect[ing] individual work flows, which may follow path 130 through network interface logic 126, paths 128 and thence through ports 112” so that the network element is capable of “preventing, detecting and responding to potential threats in real time”)
It would have been obvious to one skilled in the art before the effective filing date of the instant application to modify the teachings of Dharmadhikari and Hsu to include the taught 
Regarding claim 9, the combined teachings of Dharmadhikari and Hsu taught the server management switch of claim 8.
 Dharmadhikari and Hsu may be interpreted as not expressly teaching wherein the server management switch, in response to identifying the first switch port as being directly connected to the BMC of the first server computer, is configured to rate limit all network traffic on the first switch port, however, Dharmadhikari did teach identifying the first switch port as being directly connected to the BMC of the first server computer (consider paragraph 0030 wherein the “BMC 120 is set in protected mode” wherein “the switch 130 is configured to block data traffic between protected modes”) (consider further paragraph 0040 wherein a “second port in switch 130 coupled to BMC 120 may be configured in protected mode” such that “switch may block egress traffic between protected ports”).	In an analogous art relating controlling specific types of network traffic over ports in 
The motivations regarding the obviousness of claim 4 also apply to claim 9, therefore, claim 9 is rejected under 35 USC § 103 as being unpatentable over the combined teachings of Dharmadhikari, Hsu and Itkin and the same rationale supporting the conclusion of obviousness.
	Claims 5-6 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Dharmadhikari and Hsu as applied to claims 1 and 8 above, and in further view of US 20050286430 A1 to Koga.
Regarding claim 5, the combined teachings of Dharmadhikari and Hsu taught the method of claim 1.
Dharmadhikari and Hsu may be interpreted as not expressly teaching blocking network traffic that goes to a predetermined Transport Control Protocol/User Datagram Protocol (TCP/UDP) port of the BMC of the server computer, however, Dharmadhikari did teach that the switch is able to block traffic based on various criteria using a commonly used intermediary network element (consider paragraphs 0020 and 0025 regarding “filtering” based on “MAC” or “IP address” and also that “switch 130 may provide firewall filters to ingress and egress traffic through system 100”).

It would have been obvious to one skilled in the art before the effective filing date of the instant application to modify the teachings of Dharmadhikari and Hsu to include the taught features of Koga such that the modification includes every element as claimed. Given Dharmadhikari and Hsu’s disclosure of network communication using network elements such as a switch which may use intermediary network element functions such as used in a firewall, Koga specifically taught that using an intermediary network element such as a firewall is known to block any network traffic that goes to a predetermined Transport Control Protocol/User Datagram Protocol (TCP/UDP) port since such blocking defends against an attack to prevent abnormal traffic to be generated by said attack (paragraph 0010). Given this specific advantage taught in Koga, one skilled in the art would have been motivated to modify the teachings of Dharmadhikari and Hsu with the teachings of Koga such that the network switch as taught in Dharmadhikari and Hsu may be further enhanced with the ability to block network traffic that goes to a predetermined Transport Control Protocol/User Datagram Protocol (TCP/UDP) port as taught in Koga so that the switch is enabled to block network traffic that goes to a predetermined 
Regarding claim 6, the combined teachings of Dharmadhikari and Hsu taught the method of claim 1.
Dharmadhikari and Hsu may be interpreted as not expressly teaching blocking network traffic on the first switch port that is going to a TCP/UDP port, of the BMC of the server computer, that is not authorized to be open, however, Dharmadhikari did teach that the switch is able to block traffic based on various criteria using a commonly used intermediary network element (consider paragraphs 0020 and 0025 regarding “filtering” based on “MAC” or “IP address” and also that “switch 130 may provide firewall filters to ingress and egress traffic through system 100”).
In an analogous art, Koga taught that it was conventional and common knowledge within the art to block network traffic going to a TCP/UDP port that is not authorized to be open using a commonly used intermediary network element (consider paragraph 0010, “[A] firewall is provided in general as a technique for defending from an attack to prevent an abnormal traffic from being generated by the attack. The firewall protects an internal network from intrusions and attacks from an external network by filtering the incoming frames, based on a transmitting source IP address, a protocol type belonging to a transport layer or a Transmission Control Protocol/User Datagram Protocol (TCP/UDP) destination port number”)
It would have been obvious to one skilled in the art before the effective filing date of the instant application to modify the teachings of Dharmadhikari and Hsu to include the taught 
Regarding claim 10, the combined teachings of Dharmadhikari and Hsu taught the server management switch of claim 8.
Dharmadhikari and Hsu may be interpreted as not expressly teaching wherein the server management switch, in response to identifying the first switch port as being directly connected to the BMC of the first server computer, is configured to block network traffic that goes to predetermined Transport Control Protocol/User Datagram Protocol (TCP/ UDP) ports of the BMC of the first server computer, however, Dharmadhikari did teach that the switch is able to block traffic based on various criteria using a commonly used intermediary network element 
In an analogous art, Koga taught that it was conventional and common knowledge within the art to block network traffic that goes to predetermined Transport Control Protocol/User Datagram Protocol (TCP/UDP) ports of any computer on a network using a commonly used intermediary network element (consider paragraph 0010, “[A] firewall is provided in general as a technique for defending from an attack to prevent an abnormal traffic from being generated by the attack. The firewall protects an internal network from intrusions and attacks from an external network by filtering the incoming frames, based on a transmitting source IP address, a protocol type belonging to a transport layer or a Transmission Control Protocol/User Datagram Protocol (TCP/UDP) destination port number”)
The motivations regarding the obviousness of claim 5 also apply to claim 10, therefore, claim 10 is rejected under 35 USC § 103 as being unpatentable over the combined teachings of Dharmadhikari, Hsu and Koga and the same rationale supporting the conclusion of obviousness.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The cited prior art is directed to subject matter relating to that which is claimed, .
Any inquiry concerning this communication or earlier communications from the examiner should be directed to George C Neurauter, Jr. whose telephone number is (571)272-3918.  The examiner can normally be reached on Mon.-Fri. 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon Hwang, can be reached on 571-272-4036.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/George C Neurauter, Jr./Primary Examiner, Art Unit 2447