DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
                           Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/03/2015 has been entered.
Claim Status
Claims 1, 3, 5-7, 11-13, 15-18 have been amended. Claims 2, 14 and 19 have been canceled. Claim 21 has been newly added. Claims 1, 3-13, 15-18 and 20-21 remain pending in the application.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:

2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1, 3- 5, 7-13, 15, 17, 18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Jaber et al. (US. Pub. No. 2016/0072924 A1, hereinafter Jaber) in view of Taylor et al. (US. Pat. No. 7,886031, hereinafter Taylor) in view of Noro et al. (US. Pub. No. 2012/0290724 A1, hereinafter Noro).
Regarding claim 1.
               Jaber teaches a method comprising: receiving a first transmission signal, via a secondary port of a device management system of a cloud-managed network, from a device (Jaber teaches in [Abstract] and ¶ [0026]-[0027] transmitting a signal to a server (i.e., a cloud server element 115) from a client, where the user interface may be updated in response to the communication in firmware update instructions, and configuration backup instructions, through the  controlled port-by-port basis (i.e., via secondary port). The signal is initiated by a user of a user interface of the client, and the cloud server 115 may receive the signal from the client 105), wherein the first transmission signal comprises a first request of the device to connect to the cloud-managed network and an indication of whether a firmware of the device is outdated (Jaber teaches in ¶ [0036] if the firmware on the virtualized device 135 is outdated , the patroller 120 may send a request to the cloud server 115 to obtain the latest firmware and then the patroller 120 may signal to the cloud server 115 asking for the latest firmware version for a particular virtualized device 135), and wherein the indication of whether the firmware of the device is outdated comprises a firmware version of the device (Jaber teaches in ¶ [0036] patroller 120 may signal to the cloud server 115 asking for the latest firmware version for a particular virtualized device 135. If the firmware on the virtualized device 135 is outdated, the patroller 120 may send a request to the cloud server 115 to obtain the latest firmware).
             Jaber does not explicitly teach determining, at the device management system, whether the device is incompatible with the cloud-managed network, wherein the determining comprises comparing the firmware version of the device with a predefined firmware version of the device; 
            in response to determining the device is incompatible with the  cloud-managed network based on the indication.
            However, Taylor teaches determining, at the device management system, whether the device is incompatible with the cloud-managed network, wherein the determining comprises comparing the firmware version of the device with a predefined firmware version of the device (Taylor teaches in [Col. 47, lines 24-34] that the SAN (storage area network) management system (i.e., device management system) may compares the obtained device information to SAN device compatibility information for the SAN management system and generates one or more reports that indicate which SAN devices, firmware and/or drivers in the SAN hardware configuration are compatible with (i.e. currently supported) by the SAN management system device compatibility information and further teaches in [Col. 44, lines 3-38 ] that the SAN identifies firmware versions, and/or SAN device (i.e., a predefined firmware version of the not currently supported (i.e., incompatible) and/or that are known to be compatible with the SAN management system (i.e., to manage only the SAN devices that the SAN management system is currently configured to Support); and
           in response to determining the device is incompatible with the cloud-managed network based on the indication (Taylor teaches in [Col. 2, lines 54-61] the SAN configuration utility may configure the SAN management system to ignore (e.g. not discover or manage) certain discovered SAN devices determined to be not supported by, or incompatible with the SAN management system device); and
        in response to authentication of the device management system by the device, instructing, by the device management system, the device to connect via a primary port of the device management system to the cloud-managed network (Tylor teaches in [Col. 11, lines 17-25] the SAN access layer 204 may include an agent 252 that translates information from the data store 254 into formatted files (e.g. XML files),the agent may also enforce user authentication for commands sent to the SAN management server (i.e., device management system), and may handle communication between the SAN management server and any hosts running a SAN access layer remote and further teaches in [Col. 12, lines 57-66] the SAN access layer 204 may include a management server explorer to communicate with supported switches over Fiber Channel connections and explore port connectivity (i.e., primary port connection)).
           It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the SAN (storage area network management system which compares the firmware version and determines the device compatibility information ([Col. 47, lines 24-34] and [Col. 44, lines 3-38]) of Taylor into a cloud server system 115 ([0036]) of Jaber. One would have been motivated to do so in order to the SAN management system configuration files are modified to support SAN devices that are not compatible with the SAN management system according to that SAN device compatibility information, and thus helps 
             Jaber in view of Taylor does not explicitly teach re-directing the device to a predefined Internet address to provide a firmware upgrade and security credentials for the device; and receiving, from the device via the secondary port of the device management system, a second transmission signal after the re-directing and upgrading of the firmware of the device, wherein the second transmission signal comprises a second request to connect to the cloud-managed network. 
          However, Noro teaches re-directing the device to a predefined Internet address to provide a firmware upgrade and security credentials for the device (Noro teaches in ¶ [0078] that the client device 212 can create an HTTP request using the IP address received (i.e., predefined internet address) from the DNS server 270. In response to the network gateway 220 receiving the HTTP request from the client device 212, the network gateway 220 can then redirect the client device 212 to the local portal 240 and further teaches in ¶ [0035] that the network gateway returns a HTTP redirection to the portal page URL associated with the matching string and the HTTP host associate the command as a second example, the HTTP Host header value "firmwareupdate.network.gateway.com" can be used to instruct the network gateway to update its firmware); and 
          receiving, from the device via the secondary port of the device management system, a second transmission signal after the re-directing and upgrading of the firmware of the device, wherein the second transmission signal comprises a second request to connect to the cloud-managed network (Noro teaches in ¶ [0036]-[0037] the input to the HTTP redirection includes the HTTP Host header from the subscriber and the predefined DNS string(s) and further the HTTP redirection returned by the network gateway can include a number of redirection parameters…For example, the redirection address, the subscriber's room name, the subscriber's IP address, a target server ID, or a port value (i.e., secondary port), to name a few and further teaches in ¶ [0057] that how the network controller includes a gateway to communicate on a cloud system and facilitate directing or redirecting the client devices 212 to the local portal 240).
            It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the redirecting techniques and using a method of predefined IP address for a gust device ([0035]-[0037] and [0057]) of Noro into Jaber in view of Taylor invention. One would have been motivated to do so in order to easily transmit a domain name resolution response on a predefined Internet Protocol (IP) address for responding to the HTTP request for a redirection process on a device so that the system accurately identifies when a user is attempting to access an external network, such as the Internet, and when the user is attempting to access the organization's internal network or services without compromising the security credential of cloud network system.

Regarding claim 3. 
         Jaber in view of Taylor further teaches wherein comparing the firmware version of the device with the predefined firmware version of the device determines whether the firmware version of the device is outdated (Jaber teaches in ¶ [0036] if the firmware on the virtualized device 135 is outdated, a firmware Management 425 module may allow a user to update the firmware of capable devices in the network and the patroller 120 may signal to the cloud server 115 asking for the latest firmware version for a particular virtualized device 135. If the firmware on the virtualized device 135 is outdated) and further Taylor teaches in [Col. 47, lines 24-34] that the SAN (storage area network) management system (i.e., device management system) may compares the obtained device information to SAN device firmware and/or drivers in the SAN hardware configuration are compatible with (i.e. currently supported) by the SAN management system device compatibility information).
        It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the method of identifying the firmware virtualization device outdate condition ([0036]) of Jaber into the SAN management system that compares the compatibility of the devices ([Col. 47, lines 24-34]) of Taylor into Noro invention. One would have been motivated to do so in order to easily identify and discover the incompatible devices so that the system only rely on the compatible device and thus helps to save the time and costs. 
Regarding claim 4.
           Taylor in view of Noro further teaches wherein the device being incompatible further comprises that the device lacks updated security credentials for authenticating the device management system (Tylor teaches in [Col. 44, lines 3-38 ] that the SAN identifies firmware versions, and/or SAN device drivers on the SAN that are not currently supported (i.e., incompatible) and/or that are known to be compatible with the SAN management system (i.e., to manage only the SAN devices that the SAN management system is currently configured to Support) and Noro further teaches in ¶ [0077] the use of alternate protocols may require user authentication, the user 202 can be required to provide authentication. Alternatively, the network gateway 220 can automatically authenticate (i.e., updated security credential) the user 202 with the local portal 240 via the redirection parameters).
        It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the system of requesting an authentication from the user ([0077]) of Noro into the SAN management system that can identifies the incompatibility of the [Col. 44, lines 3-38 ]) of Taylor and Jaber invention. One would have been motivated to do so in order to protect unintended users from accessing the device and thus helps to secure the credentials of the intended users in an efficient manner. 
Regarding claim 5.
            Taylor in view of Noro further teaches wherein the device being incompatible further comprises that the device lacks updated security credentials for authenticating the device management system (Tylor teaches in [Col. 44, lines 3-38 ] how the SAN identifies firmware versions, and/or SAN device drivers on the SAN that are not currently supported (i.e., incompatible and further Noro teaches in ¶ [0035] the HTTP Host header value "logout.network_gateway.com" can be used to instruct the network gateway to handle a logout request. As a second example, the HTTP Host header value "firmwareupdate.network.gateway.com" can be used to instruct the network gateway to update its firmware).
            It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the system of requesting an authentication from the user ([0077]) into the SAN management system that can identifies the incompatibility of the device ([Col. 44, lines 3-38]) of Taylor and Jaber in view of Noro invention. One would have been motivated to do so in order to protect unintended users from accessing the device and thus helps to secure the credentials of the intended users in an efficient manner.
Regarding claim 7.
          Jaber in view of Tylor further teaches connecting the device via the primary port to the cloud-managed network (Tylor teaches in [Col. 12, lines 57-66] the SAN access layer 204 may include a port connectivity (i.e., primary port connection)).
          It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the SAN (storage area network management system which compares the firmware version and determines the device compatibility information ([Col. 47, lines 24-34] and [Col. 44, lines 3-38]) of Taylor into a cloud server system 115 ([0036]) of Jaber in view of Noro invention. One would have been motivated to do so in order to perform a secured connection between the compatible device and the cloud server in an efficient manner. 
Regarding claim 8.
       Noro teaches wherein re-directing the device to the predefined Internet address comprises sending a message from the secondary port to the device (Noro teaches in ¶ [0036]-[0037] the input to the HTTP redirection includes the HTTP Host header from the subscriber and the predefined DNS string(s) and further the HTTP redirection returned by the network gateway can include a number of redirection parameters…For example, the redirection parameters can include: the network gateway ID, the subscriber's MAC address, the subscriber's room name, the subscriber's IP address, a target server ID, or a port value (i.e., secondary port) further teaches in ¶ [0078] that the client device 212 can create an HTTP request using the IP address received (i.e., predefined internet address) from the DNS server 270).
          It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the redirecting techniques and using a method of predefined IP address for a gust device ([0035]-[0037]) of Noro into Jaber in view of Taylor invention. One would have been motivated to do so in order to easily transmit a domain name 
Regarding claim 9.
         Jaber teaches wherein the device is one of an access point, a router, or an Ethernet switch (Jaber teaches in ¶ [0017] the devices may include routers, access points, controllers, and power devices such as power distributions units (PDUs) and power-over-ethernet (PoE) switches).
Regarding claim 10.
       Tylor further teaches wherein instructing the device to connect via the primary port to the cloud-managed network is in response to authentication of the device management system by the device at the secondary port (Tylor teaches in [Col. 11, lines 17-25] the SAN access layer 204 may include an agent 252 that translates information from the data store 254 into formatted files (e.g. XML files),the agent may also enforce user authentication for commands sent to the SAN management server (i.e., device management system), and may handle communication between the SAN management server and any hosts running a SAN access layer remote and further teaches in [Col. 12, lines 57-66] the SAN access layer 204 may include a management server explorer to communicate with supported switches over Fiber Channel connections and explore port connectivity (i.e., primary port connection)).
           It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the SAN (storage area network management system [Col. 47, lines 24-34] and [Col. 44, lines 3-38]) of Taylor into a cloud server system 115 ([0036]) of Jaber in view of Noro invention. One would have been motivated to do so in order to the SAN management system configuration files are modified to support SAN devices that are not compatible with the SAN management system according to that SAN device compatibility information, and thus helps the SAN management system efficiently to compare and determine the discovery of the compatible devices to be connected without wasting additional resources.
Regarding claim 11.
       Taylor in view of Noro further teaches receiving, at the device management system from the device, the security credentials obtained by the device from the predefined Internet address (Tylor teaches in [Col. 44, lines 3-38 ] how the SAN identifies firmware versions, and/or SAN device drivers on the SAN that are not currently supported (i.e., incompatible and further Noro teaches in ¶ [0035] the HTTP Host header value "logout.network_gateway.com" can be used to instruct the network gateway to handle a logout request. As a second example, the HTTP Host header value "firmwareupdate.network.gateway.com" can be used to instruct the network gateway to update its firmware and further Noro teaches (Noro teaches in ¶ [0078] that the client device 212 can create an HTTP request using the IP address received (i.e., predefined internet address) from the DNS server 270. In response to the network gateway 220 receiving the HTTP request from the client device 212, the network gateway 220 can then redirect the client device 212 to the local portal 240 and further teaches in ¶ [0035] that the network gateway returns a HTTP redirection to the portal page URL associated with the matching string); and 
authorizing, by the device management system using the security credentials, a connection of the device via the primary port of the device management system (Tylor teaches in [Col. 12, lines 57-66] the SAN access layer 204 may include a management server explorer to communicate with supported switches over Fiber Channel connections and explore port connectivity (i.e., primary port connection) and Noro further teaches in ¶ [0077] the use of alternate protocols may require user authentication, the user 202 can be required to provide authentication. Alternatively, the network gateway 220 can automatically authenticate (i.e., updated security credential) the user 202 with the local portal 240 via the redirection parameters).
        It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the system of requesting an authentication from the user ([0077]) of Noro into the SAN management system that can identifies the incompatibility of the device ([Col. 44, lines 3-38 ]) of Taylor and Jaber invention. One would have been motivated to do so in order to protect unintended users from accessing the device and thus helps to secure the credentials of the intended users in an efficient manner. 
Regarding claim 12.
       Jaber teaches a method comprising: transmitting, from an access point, a first transmission signal, to a secondary port of a device management system of a cloud-managed network, wherein the first transmission signal comprises a first request of the access point to connect to the cloud-managed network and an indication whether a firmware of the access point is outdated (note that the Examiner has interpreted the term “access point” that provides location for devices to connect from and enables more devices to be on the network. Jaber access points (which are equivalent to the claimed “access point”) for power distributions units (PDUs) and power-over-Ethernet (PoE) switches. Power devices generally have multiple ports that they may route power from one device to another device and ¶ [0026]-[0027] transmitting a signal to a server (i.e., a cloud server element 115) from a client, where the user interface may be updated in response to the communication in firmware update instructions, and configuration backup instructions, through the controlled port-by-port basis (i.e., via secondary port) and further, Jaber teaches in ¶ [0036] patroller 120 may signal to the cloud server 115 asking for the latest firmware version for a particular virtualized device 135. If the firmware on the virtualized device 135 is outdated, for example, display which router (i.e., access point) in the category has which version of the firmware, so the user may see which one is up to date and which one is not and then, the patroller 120 may send a request to the cloud server 115 to obtain the latest firmware), and wherein the indication of whether the firmware of the access point is outdated comprises a firmware version of the access point (Jaber teaches in ¶ [0036] that the devices include, routers and access points and a user may choose to power cycle multiple ports across multiple devices of different types and the firmware on the virtualized device 135 is outdated in the category has which version of the firmware, so the user may see which one is up to date and which one is not and then, the patroller 120 may send a request to the cloud server 115 to obtain the latest firmware); and
              in response to performing the firmware upgrade of the access point, transmitting, from the access point to the secondary port of the device management system, a second transmission signal, that comprises a second request to connect to the cloud-managed network (Jaber teaches in ¶ [0036] that the patroller 120 may signal to the cloud server 115 asking for the latest firmware version for a particular virtualized device 135. If the firmware on the latest firmware, and the user may be notified through the client 105 of the availability of new firmware).
          Jaber does not explicitly teach in response to the access point being incompatible with the cloud-managed network based on a determination at the device management system that comprises comparing the firmware version of the access point with a predefined firmware version of the access point, receiving, at the access point, and in response to authentication of the device management system by the access point based on the firmware upgrade and security credentials, receiving, at the access point, an instruction from the secondary port to connect via a primary port of the device management system.
       However, Taylor teaches in response to the access point being incompatible with the cloud-managed network based on a determination at the device management system that comprises comparing the firmware version of the access point with a predefined firmware version of the access point (Tylor teaches in [Col. 44, lines 3-38] how the SAN identifies firmware versions, and/or SAN device drivers on the SAN that are not currently supported (i.e., incompatible and the SAN identifies firmware versions, and/or SAN device (i.e., a predefined firmware version of the device) drivers on the SAN that are not currently supported (i.e., incompatible) and further Tylor also teaches in [Col. 9, lines 25-39] accessing detailed information on components including object attributes and connectivity, creating and modifying policies, administering access control through zoning and LUN security and further Taylor teaches in [Col. 47, lines 24-34] that the SAN (storage area network) management system (i.e., device management system) may compares the obtained device information to SAN device firmware and/or drivers in the SAN hardware configuration are compatible with (i.e. currently supported) by the SAN management system device compatibility information); and 
      and in response to authentication of the device management system by the access point based on the firmware upgrade and security credentials, receiving, at the access point, an instruction from the secondary port to connect via a primary port of the device management system (Tylor teaches in [Col. 11, lines 17-25] the SAN access layer 204 may include an agent 252 that translates information from the data store 254 into formatted files (e.g. XML files),the agent may also enforce user authentication for commands sent to the SAN management server (i.e., device management system), Tylor also teaches in [Col. 12, lines 57-66] the SAN access layer 204 may include a management server explorer to communicate with supported switches over Fiber Channel connections and explore port connectivity (i.e., primary port connection) and further teaches in [Col. 26, lines 26-51] that the security may include the logical unit (LUN) has two different LUNs 282 may represent two different paths to a single volume. A LUN 282 may be bound to one or more array ports 286. A LUN 282 may be bound to multiple array ports 286, for example, for failover, switching from one array port 286 to another array port 286 (i.e., secondary port) if a problem occurs and further indicates that the LUN security utility 280 may provide a central point from which to perform LUN security operations including LUN binding (the creation of access paths (LUNs) between Addressable units within a disk array and ports on array).
       It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the SAN (storage area network management system which [Col. 47, lines 24-34] and [Col. 44, lines 3-38]) of Taylor into a cloud server system 115 ([0036]) of Jaber. One would have been motivated to do so in order to the SAN management system configuration files are modified to support SAN devices that are not compatible with the SAN management system according to that SAN device compatibility information, and thus helps the SAN management system efficiently to compare and determine the discovery of the compatible devices to be connected without wasting additional resources.
         Jaber in view of Tylor does not explicitly teach receiving, at the access point, a re-direction instruction from the cloud-managed network to redirect the access point to a predefined Internet address to obtain a firmware upgrade and security credentials for the access point.
         However, Noro teaches receiving, at the access point, a re-direction instruction from the cloud-managed network to redirect the access point to a predefined Internet address to obtain a firmware upgrade and security credentials for the access point (Noro teaches in ¶ [0036]-[0037] the input to the HTTP redirection includes the HTTP Host header from the subscriber and the predefined DNS string(s) and further the HTTP redirection returned by the network gateway can include a number of redirection parameters…For example, the redirection parameters can include: the network gateway ID, the subscriber's MAC address, the subscriber's room name, the subscriber's IP address, a target server ID, or a port value (i.e., secondary port), to name a few and further teaches in ¶ [0057] that how the network controller includes a gateway to communicate on a cloud system and facilitate directing or redirecting the client devices 212 to the local portal 240).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the redirecting techniques and using a method of predefined IP address for a gust device ([0035]-[0037] and [0057]) of Noro into Jaber in view of Taylor invention. One would have been motivated to do so in order to easily transmit a domain name resolution response on a predefined Internet Protocol (IP) address for responding to the HTTP request for a redirection process on a device so that the system accurately identifies when a user is attempting to access an external network, such as the internet, and when the user is attempting to access the organization's internal network or services without compromising the security credential of cloud network system.
Regarding claim 13.  
         Jaber in view of Taylor teach wherein comparing the firmware version of the access point with the predefined firmware version of the access point to determines whether the firmware version of the access point is outdated (Jaber teaches in ¶ [0036] if the firmware on the virtualized device 135 is outdated, a firmware Management 425 module may allow a user to update the firmware of capable devices in the network and the patroller 120 may signal to the cloud server 115 asking for the latest firmware version for a particular virtualized device 135. If the firmware on the virtualized device 135 is outdated) and further Taylor teaches in [Col. 47, lines 24-34] that the SAN (storage area network) management system (i.e., device management system) may compares the obtained device information to SAN device compatibility information for the SAN management system and generates one or more reports that indicate which SAN devices, firmware and/or drivers in the SAN hardware configuration are compatible with (i.e. currently supported) by the SAN management system device compatibility information).


Regarding claim 15. 
      Jaber in view of Tylor does not explicitly teach wherein the re-direction instruction is from the secondary port of the device management system.
      However, Noro teaches wherein the re-direction instruction is from the secondary port of the device management system (Noro teaches in ¶ [0036]-[0037] the input to the HTTP redirection includes the HTTP Host header from the subscriber and the predefined DNS string(s) and further the HTTP redirection returned by the network gateway can include a number of redirection parameters… a port value (i.e., secondary port)).
         It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the redirecting techniques and using a method of predefined IP address for a gust device ([0035]-[0037]) of Noro into Jaber in view of Taylor invention. One would have been motivated to do so in order to easily transmit a domain name resolution response on a predefined Internet Protocol (IP) address for responding to the HTTP request for a redirection process on a device so that the system accurately identifies when a user is attempting to access an external network, such as the internet, and when the user is 

Regarding claim 17.
Claim 17 incorporates substantively all the limitations of claim 1 in a non-transitory machine readable storage medium form and is rejected under the same rationale.
Regarding claim 18.
Claim 18 incorporates substantively all the limitations of claim 4 in a non-transitory machine readable storage medium form and is rejected under the same rationale.
Regarding claim 20.
Claim 20 incorporates substantively all the limitations of claim 15 in a non-transitory machine readable storage medium form and is rejected under the same rationale.

Claims 6, 16 and 21 are rejected under 35 U.S.C. 103 as being over Jaber in view of Taylor in view of Noro and further in view of Marino et al. (US. Pub. No. 2013/0013907 A1, hereinafter Marino). 
Regarding claim 6. Jaber in view of Taylor in view of Noro teaches the method of claim 4.      
           Jaber further teaches wherein the upgrading of the firmware of the device upgrades, using the firmware upgrade image to a version newer than an existing version of the firmware of the device (Jaber teaches in ¶ [0036] if the firmware on the virtualized device 135 is outdated, a firmware Management 425 module may allow a user to update the firmware of capable devices in the network and the patroller 120 may signal to the cloud server 115 asking for the latest firmware version for a particular virtualized device 135).
wherein the device performs the upgrading of the firmware and implements the updated security credentials after validating a firmware upgrade imag.
        However, Marino teaches wherein the device performs the upgrading of the firmware and implements the updated security credentials after validating a firmware upgrade imag(Marino teaches in ¶ [0027] the authentication credential will identify a manufacture and the operation will be performed during manufacture of the platform which required to access the key used to decrypt the first authentication credential by sealing the key against the platform configuration and a subsequent firmware update process, a firmware update image (i.e., a firmware upgrade image) containing a second authentication credential is received at the platform).
          It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the method of using an authentication process based on the credential in a subsequent firmware update process ([0027]) of Marino into Jaber in view of Taylor and in view of Noro invention. One would have been motivated to do so since this method involves requesting a firmware update from a wireless router over a network connection toward a server and configured to destructively overwrite a version of router firmware in the flash memory with another version of router firmware. The wireless router is rebooted for making the firmware changes go live with upgraded firmware and thus helps the system to provide automatic remote updating capability. The process employs network level analysis and translation and executes various procedures to handle the network traffic. The 
Regarding claim 16. Jaber in view of Taylor in view of Noro teaches the method of claim 12.
           Noro further teaches obtaining, by the access point, a firmware upgrade image from the predefined Internet address (Noro teaches in ¶ [0078] that the client device 212 can create an HTTP request using the IP address received (i.e., predefined internet address) from the DNS server 270).
          Jaber in view of Taylor in view of Noro does not explicitly teaches performing the firmware upgrade at the access point using the firmware upgrade image.
           However, Marino teaches performing the firmware upgrade at the access point using the firmware upgrade image (Marino teaches in ¶ [0037] that the firmware image chunks have at least one predetermined executable order, namely, an order in which the chunks are arranged in an executable copy of the firmware image. The step of receiving a responsive firmware image receives the chunks in the wireless router in an order which differs from the executable order).
          It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the method of using a copy of the firmware image ([0037]) of Marino into the access points ([0036]) of Jaber in view of Taylor and in view of Noro invention. One would have been motivated to do so in order to control the operation of the device based on firmware image in efficient manner.
Regarding claim 21. 
validating the firmware upgrade image before upgrading the firmware at the access point using the firmware upgrade image (Marino teaches in ¶
[0071]-[0072] an image file upon invocation, the image file being gathered remotely from a HTTP site and re-ordering 817 is done afterwards to validate the image checksum).
          It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the method of validating the firmware image ([0071]-[0072]) of Marino into Jaber in view of Taylor and in view of Noro invention. One would have been motivated to do so in order to save memory space efficiently.
Response to Arguments
               Applicant’s arguments with respect to claims 1-20 have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection.
 Conclusion                                                                                                                                                                                              Any inquiry concerning this communication or earlier communications from the examiner should be directed to BERHANU SHITAYEWOLDETSADIK whose telephone number is (571)270-7142. The examiner can normally be reached M-F.
 Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emmanuel Moise can be reached on 5712723865. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To 




/BERHANU SHITAYEWOLDETADIK/Examiner, Art Unit 2455 

/EMMANUEL L MOISE/Supervisory Patent Examiner, Art Unit 2455