Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
1.        Claims 1, 17 - 32, 34 are pending.   Claims 2 - 16, 33, 35 have been canceled.   Claims 1, 17 are independent.  File date is 3-18-2019.   This action is in response to application amendments filed on 7-13-2021. 

Claim Rejections - 35 USC § 102  
2.        The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless -
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

3.        Claims 1, 17 - 28, 30 - 32, 34 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Goren et al. (US PGPUB No. 20020143960).     	

Regarding Claims 1, 17, Goren discloses a method in a software defined networking based network and an apparatus in a software defined networking based network, comprising;
a)  determining a boundary enclosing a first group of target virtual network functions including at least one target virtual network function, (Goren ¶ 011, ll 1-7: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; ¶ 017, ll 1-15: core functionality hosted by VNG servers, includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)    
b)  identifying, on the basis of said boundary, a first group of communication paths between said first group of target virtual network functions and respective network entities outside said boundary, said first group of communication paths including a first communication path, (Goren ¶ 014, ll 1-8: module includes functionality for facilitating communication within PNC and with other PNC workgroup members; (i.e. communication paths between members of group and members outside group)) and
c)  initiating setup of a first wrapper virtual network function corresponding to said first communication path, said first wrapper virtual network function monitoring network traffic on said first communication path. (Goren ¶ 014, ll 8-19: functionality for grabbing outgoing packets sent from client and for injecting incoming packets; packets grabbed are wrapped and transmitted; packets received are unwrapped and injected into system; ¶ 015, ll 1-8: encapsulates a standard network protocol frame as payload/data of a PNC defined wrapper frame; wrapper frame prepared such that is can traverse intermediate communication links such as the Internet)    

Furthermore for Claim 17, Goren discloses wherein at least one processor; and at least one memory including computer program code; and the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform operations.  (Goren ¶ 068, ll 1-13: implemented in software, hardware, firmware or a combination thereof; module is configurable for execution on electronic devices; (execution indicates a processor coupled to a memory for instruction storage and instruction obtaining during execution)) 

Regarding Claim 18, Goren discloses the apparatus according to claim 17, wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  receive target virtual network function information indicative of said first group of target virtual network functions, (Goren ¶ 011, ll 1-7: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)    
b)  obtain information on a network topology of said software defined networking based network, and c) calculate said boundary on the basis of said network topology and said target virtual network function information such that said first group of target virtual network functions is enclosed by said boundary. (Goren ¶ 155, ll 1-10: supports two basic network topologies: first topology is a mesh topology (i.e. all subscribers can identify and collaborate with each other) and second topology is a star topology (i.e. subscribers only see master); network environment comprising either mesh or star topology))    

Regarding Claim 19, Goren discloses the apparatus according to claim 17, wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  specify resources to be allocated for said first wrapper virtual network function, (Goren ¶ 153, ll 1-7: setting up PNC; user establishes PNC membership (i.e. users and resources) and VNG attributes, task descriptions, and event requirements)    
b)  verify availability of said resources to be allocated, (Goren ¶ 048, ll 1-6: VNG system enables the dynamic establishment of one or more PNC network segments and enables the sharing of all resources available to the connected users; collaborating to accomplish a given of set of tasks) and
c)  allocate said first wrapper virtual network function to said resources to be allocated. (Goren ¶ 011, ll 1-7: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)   

Regarding Claim 20, Goren discloses the apparatus according to claim 17, wherein said at least one memory and computer program code are further configured to cause the apparatus to establish a communication link to said first wrapper virtual network function. (Goren ¶ 011, ll 1-13: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; establish secure or unsecure links extending communication between isolated clients)

Regarding Claim 21, Goren discloses the apparatus according to claim 17, wherein said at least one memory and computer program code are further configured to cause the apparatus to control routing modifications such that said network traffic on said first communication path is routed via said first wrapper virtual network function. (Goren ¶ 132, ll 1-10: incorporate tunneling and software routing capabilities (i.e. virtual network functions) for each different connections; ¶ 140, ll 25-30: user registration and authentication is a prerequisite to integrate the user into PNC (i.e. community, group); user’s unique identity is required for routing message traffic within corresponding PNC or outside)    

Regarding Claim 22, Goren discloses the apparatus according to claim 17, wherein said first group of communication paths includes a second communication path, and wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  initiate setup of a second wrapper virtual network function corresponding to said second communication path, said second wrapper virtual network function monitoring network traffic on said second communication path, (Goren ¶ 149, ll 1-9: system manage performs services including orchestrating the other managers, performing system monitoring; ¶ 014, ll 8-19: functionality for grabbing outgoing packets sent from client and for injecting incoming packets; packets grabbed are wrapped and transmitted; packets received are unwrapped and injected into system) and
b)  establish a communication link between said first wrapper virtual network function and said second wrapper virtual network function. (Goren ¶ 011, ll 1-13: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; establish secure or unsecure links extending communication between isolated clients)    

Regarding Claim 23, Goren discloses the apparatus according to claim 17, wherein said first wrapper virtual network function is configured to monitor network traffic on at least two communication paths including said first communication path out of said first group of communication paths. (Goren ¶ 149, ll 1-9: system manage performs services including orchestrating the other managers, performing system monitoring; ¶ 014, ll 8-19: functionality for grabbing outgoing packets sent from client and for injecting incoming packets; packets grabbed are wrapped and transmitted; packets received are unwrapped and injected into system)    

Regarding Claim 24, Goren discloses the apparatus according to claim 17, wherein said at least one memory and computer program code are further configured to cause the apparatus to 
a)  determine a modified boundary enclosing a second group of target virtual network functions, (Goren ¶ 011, ll 1-7: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links)    
b)  identify, on the basis of said modified boundary, a second group of communication paths between said second group of target virtual network functions and respective network entities outside said boundary, (Goren ¶ 014, ll 1-8: module includes functionality for facilitating communication within PNC and with other PNC workgroup members; (i.e. communication paths between members of group and members outside group)) and 
c)  create, on the basis of said first group of communication paths, said second group of communication paths, and wrapper virtual network functions set up for said first group of communication paths, a setup list indicative of at least one wrapper virtual network function to be set up and/or a termination list indicative of at least one wrapper virtual network function out of said wrapper virtual network functions set up for said first group of communication paths to be terminated. (Goren ¶ 011, ll 1-13: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; establish secure or unsecure links extending communication between isolated clients;  ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)    

Regarding Claim 25, Goren discloses the apparatus according to claim 24, wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  initiate setup of said at least one wrapper virtual network function to be set up on the basis of said setup list, (Goren ¶ 014, ll 8-19: functionality for grabbing outgoing packets sent from client and for injecting incoming packets; packets grabbed are wrapped and transmitted; packets received are unwrapped and injected into system; ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting) and/or 
b)  initiate termination of said at least one wrapper virtual network function to be terminated on the basis of said termination list. (Goren ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)    

Regarding Claim 26, Goren discloses the apparatus according to claim 17, wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  detect necessity of a specific ability of said first wrapper virtual network function, (Goren ¶ 155, ll 1-10: supports two basic network topologies: first topology is a mesh topology (i.e. all subscribers can identify and collaborate with each other) and second topology is a star topology (i.e. subscribers only see master); network environment comprising either mesh or star topology)) and
b)  initiate setup of an expansion wrapper virtual network function corresponding to said first communication path, said expansion wrapper virtual network function being equipped with said specific ability. (Goren ¶ 014, ll 8-19: functionality for grabbing outgoing packets sent from client and for injecting incoming packets; packets grabbed are wrapped and transmitted; packets received are unwrapped and injected into system)    

Regarding Claim 27, Goren discloses the apparatus according to claim 26, wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  establish a communication link to said expansion wrapper virtual network function, (Goren ¶ 011, ll 1-13: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; establish secure or unsecure links extending communication between isolated clients)   
b)  establish a communication link between said first wrapper virtual network function and said expansion wrapper virtual network function, (Goren ¶ 011, ll 1-13: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; establish secure or unsecure links extending communication between isolated clients) and
c)  control routing modifications such that said network traffic on said first communication path is routed via said expansion wrapper virtual network function. (Goren ¶ 132, ll 1-10: incorporate tunneling and software routing capabilities (i.e. virtual network functions) for each different connections; ¶ 140, ll 25-30: user registration and authentication is a prerequisite to integrate the user into PNC (i.e. community, group); user’s unique identity is required for routing message traffic within corresponding PNC or outside)   

Regarding Claim 28, Goren discloses the apparatus according to claim 26, wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  establish if said expansion wrapper virtual network function includes all abilities of said first wrapper virtual network function, establish a communication link to said expansion wrapper virtual network function, (Goren ¶ 011, ll 1-13: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices coupled together over extended and disparate communication links; establish secure or unsecure links extending communication between isolated clients)    
b)  control if said expansion wrapper virtual network function includes all abilities of said first wrapper virtual network function, control routing modifications such that said network traffic on said first communication path is routed via said expansion wrapper virtual network function and such that said network traffic on said first communication path is not routed via said first wrapper virtual network function, (Goren ¶ 132, ll 1-10: incorporate tunneling and software routing capabilities (i.e. virtual network functions) for each different connections; ¶ 140, ll 25-30: user registration and authentication is a prerequisite to integrate the user into PNC (i.e. community, group); user’s unique identity is required for routing message traffic within corresponding PNC or outside) and
c)  initiate, if said expansion wrapper virtual network function includes all abilities of said first wrapper virtual network function, termination of said first wrapper virtual network function. (Goren  ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)  

Regarding Claim 30, Goren discloses the apparatus according to claim 17, wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  receive termination target virtual network function information indicative of that wrapper virtual network functions in relation to a third group of target virtual network functions are to be terminated, said third group being a group of target virtual network functions for which at least one wrapper virtual network function monitoring network traffic on communication paths between said third group of target virtual network functions and respective network entities outside a boundary enclosing said third group of target virtual network functions is operated, (Goren ¶ 155, ll 1-10: supports two basic network topologies: first topology is a mesh topology (i.e. all subscribers can identify and collaborate with each other) and second topology is a star topology (i.e. subscribers only see master); network environment comprising either mesh or star topology))      
b)  identify said wrapper virtual network functions in relation to said third group of target virtual network functions, (Goren ¶ 155, ll 1-10: supports two basic network topologies: first topology is a mesh topology (i.e. all subscribers can identify and collaborate with each other) and second topology is a star topology (i.e. subscribers only see master); network environment comprising either mesh or star topology)) and 
c)  initiate termination of each of said wrapper virtual network functions in relation to said third group of target virtual network functions. (Goren ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)    

Regarding Claim 31, Goren discloses the apparatus according to claim 30, wherein said at least one memory and computer program code are further configured to cause the apparatus to
a)  receive monitoring information of said wrapper virtual network functions in relation to said third group of target virtual network functions, (Goren ¶ 149, ll 1-9: system manage performs services including orchestrating the other managers, performing system monitoring)    
b)  close respective communication links to said wrapper virtual network functions in relation to said third group of target virtual network functions, (Goren ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting) and
c)  close respective communication links between said wrapper virtual network functions in relation to said third group of target virtual network functions. (Goren ¶ 017, ll 1-15: core functionality hosted by VNG servers includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)    

Regarding Claim 32, Goren discloses the apparatus according to claim 31, wherein said at least one memory and computer program code are further configured to cause the apparatus to controlling circuitry configured to control routing modifications such that said network traffic on communication paths in relation to said third group of target virtual network functions is not routed via said wrapper virtual network functions in relation to said third group of target virtual network functions. (Goren ¶ 132, ll 1-10: incorporate tunneling and software routing capabilities (i.e. virtual network functions) for each different connections; ¶ 140, ll 25-30: user registration and authentication is a prerequisite to integrate the user into PNC (i.e. community, group); user’s unique identity is required for routing message traffic within corresponding PNC or outside; (message traffic must be authenticated to be routed otherwise message traffic in not routed))      

Regarding Claim 34, Goren discloses a computer program product embodied on a non-transitory computer-readable medium, said product comprising computer-executable computer program code which, when the program is run on a computer, is configured to cause the computer to carry out the method according to claim 1. (Goren ¶ 068, ll 1-13: implemented in software, hardware, firmware or a combination thereof; module is configurable for execution on electronic devices; (execution indicates a processor coupled to a memory for instruction storage and reading during execution))     

Claim Rejections - 35 USC § 103  
4.        The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

5.        Claim 29 is rejected under 35 U.S.C. 103 as being unpatentable over Goren in view of Pontillo et al. (US PGPUB No. 20130291086).    

Regarding Claim 29, Goren discloses the apparatus according to claim 26, wherein said necessity is detected based on a receipt of information in relation to said first communication path monitored by said first wrapper virtual network function. (Goren ¶ 155, ll 1-10: supports two basic network topologies: first topology is a mesh topology (i.e. all subscribers can identify and collaborate with each other) and second topology is a star topology (i.e. subscribers only see master); network environment comprising either mesh or star topology))       
Goren does not explicitly disclose detection of suspicious traffic pattern in communication path.
However, Pontillo discloses wherein regarding detection of suspicious traffic pattern in said communication path. (Pontillo ¶ 046, ll 8-12: detecting suspicious traffic originating from a device or application; system performs a remediation action)  
        It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Goren for detection of suspicious traffic pattern in communication path as taught by Pontillo. One of ordinary skill in the art would have been motivated to employ the teachings of Pontillo for the benefits achieved from a system that enables the detection of malicious network traffic for elimination enabling a secure work environment.  (Pontillo ¶ 046, ll 8-12)  


Response to Arguments
6.    Applicant's arguments have been fully considered but they were not persuasive. 

A.  Applicant argues on page 13 of Remarks: “   ...   Goren fails to disclose or suggest, at least, “determining a boundary enclosing a first group of target virtual network functions including at least one target virtual network function, identifying, on the basis of said boundary, a first group of communication paths between said first group of target virtual network functions and respective network entities outside said boundary, said first group of communication paths including a first communication path,”   ...   . 

    The Examiner respectfully disagrees. Goren discloses a virtual network generation system. (Goren ¶ 018, ll 23-26: all users, clients connected to the network become virtual nodes (virtual functioning entities) relating to different dynamic communication of which they are members)  Goren discloses a first group of virtual network functioning entities.  Goren discloses determining a boundary encompassing the set of virtual network functioning entities.  Goren discloses determining a set of network or communication interfaces (i.e. switching/routing traffic) between the network functioning entities. (Goren ¶ 011, ll 1-7: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices (i.e. virtual nodes) coupled together over extended and disparate communication links; ¶ 017, ll 1-15: core functionality hosted by VNG servers, includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)
    And, Goren discloses a monitoring capability for the set of network nodes within the community.  (Goren ¶ 149, ll 1-9: system manage performs services including orchestrating the other managers, performing system monitoring; ¶ 014, ll 8-19: functionality for grabbing outgoing packets sent from client and for injecting incoming packets; packets grabbed are wrapped and transmitted; packets received are unwrapped and injected into system)  Specification discloses a set of monitoring points associated with a boundary for network entities. 

B.  Applicant argues on page 13 of Remarks: “   ...   the deficiencies of Goren as to claim 1 are also applicable to claim 17 along with all the claims dependent upon claim 17”.  

    Responses to arguments against independent claim 1 also answer arguments against independent claim 17, which has similar limitations as independent claim 1.    

C.  Applicant argues on page 14 of Remarks: “   ...   Goren discloses establishing and managing PNCs, but is silent as to determining any type of boundary that encloses the dispersed electronic devices”. 

    The Examiner respectfully disagrees. Goren discloses determining a group of network nodes (virtual nodes) comprising a community or a group (i.e. analogous to enclosed group or group including a boundary).  The members of the community comprise the enclosed set of network nodes and membership within the group comprises being within the boundary of the group.  Goren discloses a monitoring capability for the set of network nodes within the community.  (Goren ¶ 149, ll 1-9: system manager performs services including orchestrating the other managers, performing system monitoring; ¶ 014, ll 8-19: functionality for grabbing outgoing packets sent from client and for injecting incoming packets; packets grabbed are wrapped and transmitted; packets received are unwrapped and injected into system)  Specification discloses a set of monitoring points associated with a boundary for network entities.

D.  Applicant argues on page 14 of Remarks: “   ...   Goren fails to disclose or suggest determining a boundary enclosing a first group of target virtual network functions,   ...   “.  

    The Examiner respectfully disagrees.  Goren discloses determining a group of network nodes (virtual nodes) comprising a community or a group (i.e. analogous to enclosed group or group including a boundary).  The members of the community comprise the enclosed set of network nodes and membership within the group comprises being within the boundary of the group.  Goren discloses a monitoring capability for the set of network nodes within the community.  (Goren ¶ 149, ll 1-9: system manage performs services including orchestrating the other managers, performing system monitoring; ¶ 014, ll 8-19: functionality for grabbing outgoing packets sent from client and for injecting incoming packets; packets grabbed are wrapped and transmitted; packets received are unwrapped and injected into system) 
Specification discloses a set of monitoring points associated with a boundary for network entities. 

E.  Applicant argues on page 15 of Remarks: “   ...   Goren fails to disclose or suggest identifying a first group of communication paths between the first group of target virtual network functions and respective network entities outside the boundary,   ...   “. 

    The Examiner respectfully disagrees.  Goren discloses communication links between the connected network nodes (virtual nodes).  (Goren ¶ 017, ll 1-15: core functionality hosted by VNG servers, includes several modules for establishing and managing each PNC, authenticating users, managing security keys, switching/routing PNC traffic, terminating PNCs, logging usage, and etc.; switching routing manager routes data traffic including packet wrapper frame reformatting)   

F.  Applicant argues on page 15 of Remarks: “   ...   Goren fails to disclose or suggest, “calculate said boundary on the basis of said network topology and said target virtual network function information such that said first group of target virtual network functions is enclosed by said boundary.”. 

    The Examiner respectfully disagrees.  Goren discloses the capability to determine a network topology configuration. (Goren ¶ 155, ll 1-10: supports two basic network topologies: first topology is a mesh topology (i.e. all subscribers can identify and collaborate with each other) and second topology is a star topology (i.e. subscribers only see master); network environment comprising either mesh or star topology))  Goren discloses the network topology is utilized to define the network configuration (i.e. including network nodes within and outside of network environment). (Goren ¶ 011, ll 1-7: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices (i.e. virtual nodes) coupled together over extended and disparate communication links; ¶ 017, ll 1-15: core functionality hosted by VNG servers, includes several modules for establishing and managing each PNC)

G.  Applicant argues on page 16 of Remarks: “   ...   Goren fails to disclose or suggest that the topologies enclose the subscribers   ...   “. 

    The Examiner respectfully disagrees.  Goren discloses the capability to determine a network topology.  (Goren ¶ 155, ll 1-10: supports two basic network topologies: first topology is a mesh topology (i.e. all subscribers can identify and collaborate with each other) and second topology is a star topology (i.e. subscribers only see master); network environment comprising either mesh or star topology))  Goren discloses the network topology is utilized to define the network configuration (i.e. including network nodes within and outside of network environment). (Goren ¶ 011, ll 1-7: virtual network generation (VNG) system; establishing and maintaining private network communities (PNCs) including a plurality of isolated and geographically dispersed electronic devices (i.e. virtual nodes) coupled together over extended and disparate communication links; ¶ 017, ll 1-15: core functionality hosted by VNG servers, includes several modules for establishing and managing each PNC)

H.  Applicant argues on page 17 of Remarks: “   ...   requests withdrawal of this rejection at least because claim 29 is dependent upon claim 17, which, as discussed above, recites subject matter that is not disclosed or suggested in Goren”. 

    Responses to arguments against the independent claims also answer arguments against the associated dependent claims.     

I.  Applicant argues on page 17 of Remarks: “   ...   Pontillo fails to cure the above-discussed deficiencies in Goren as to claim 17, upon which claim 29 is dependent”.

    The Examiner respectfully disagrees.   Pontillo is not used to disclose the indicated claim limitation(s).  The Office Action indicates the claim limitation(s) Pontillo is used to reject. 

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kyung H Shin whose telephone number is (571)272-3920.  The examiner can normally be reached on M - F 12pm - 8pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on (571) 272-3880.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/KYUNG H SHIN/                                                                                                              9-13-2021Primary Examiner, Art Unit 2443