Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 2, 4, 6 - 9, 11 – 12, 14, and 16 - 19 are rejected under 35 U.S.C. 103 as being unpatentable over Myneni (WO-2020041073-A1) in view of Naveen (US-20200076684-A1).
	Regarding claim 1, Myneni shows a method of deploying network elements for a set of machines in a set of one or more datacenters, the method comprising:	performing automated processes to parse ([72]) intent-based API ([39,48,67] showing an “template API”) (Application Programming Interface) requests (Fig. 2,[37]):	 to configure a plurality of forwarding elements ([37]) executing on a plurality of host  where the deployed device is a gateway router, and to deploy a gateway router to connect the LFE to a network external to the logical network (Fig. 3, [30-31,33,41]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the virtualized network infrastructure configuration and management teachings of Myneni with the explicit support for gateways provided by Naveen in order to ensure fully support for connections into and out of the network (the purpose of and functionality provided by gateway devices).
	Regarding claim 2, Myneni in view of Naveen further show receiving a Custom Resource Definition (CRD) (Myneni, [46] showing a “communication profile”) that defines attributes for security policies (Myneni, showing security implemented via the “security groups” discussed in [82]) associated with ingress/egress nodes (Naveen, [30,40]) of the logical network (Myneni, showing security implemented via the “security groups” discussed in [82]), the API requests comprising at least one particular API request that specifies at least one security policy by 
	Regarding claim 4, Myneni in view of Naveen further show receiving a Custom Resource Definition (Myneni, [46] showing a “communication profile”) (CRD) that defines attributes for security policies (Myneni, showing security implemented via the “security groups” discussed in [82]) associated with ingress/egress nodes (Naveen, [30,40]) of the logical network (Myneni, showing security implemented via the “security groups” discussed in [82], the API requests comprising at least one particular API request that specifies at least one security policy by reference to the CRD (Myneni, [39]), the security policy to be implemented as a firewall rule enforced by a firewall device (Myneni, [83] showing an “enforcement node” implementing a “firewall rule”) used by the gateway router serving as the ingress/egress node of the logical network (Naveen, [30-31,33]).
	Regarding claim 6, Myneni in view of Naveen further show wherein the gateway router is configured to perform the firewall operations (Naveen, [39] showing “distributed firewall operations” and Myneni, [56]) by receiving a set of firewall rules that the gateway router enforces (Naveen, [33] showing “determine the destination of the message” and [36] showing application of policies).
	Regarding claim 7, Myneni in view of Naveen further show wherein the gateway router is configured to perform the firewall operations by receiving a set of rules to redirect a set of traffic associated with the logical network (Naveen, [39,48] showing “redirecting appropriate rd party services) to a set of one or more firewall devices to perform the firewall operations (Naveen, [2], showing where third party services includes firewall services).
	Regarding claim 8, Myneni in view of Naveen further show wherein performing the automated process comprises using a template to configure the plurality of forwarding elements (Myneni, [35,48]) and the gateway router (Naveen, [30,40]) without an administrator performing any action to direct the configuration after each API request has been parsed (Myneni, [92] showing operation only requiring a “single API invocation” and [93] showing the steps performed “without further input”).
	Regarding claim 9, Myneni in view of Naveen further show wherein the API requests comprising at least one particular API request comprises (i) a set of policy fields that specify at least one security policy and (ii) an appliedTo field to identify the logical network to which the security policy applies (Myneni, [73] showing the policy “target” and the particular “constraint on operations” that will be applied to the target).
	Regarding claim 11, the limitations of said claim are addressed in the rejection of claim 1.
	Regarding claim 12, the limitations of said claim are addressed in the rejection of claim 2.
	Regarding claim 14, the limitations of said claim are addressed in the rejection of claim 4.
	Regarding claim 15, the limitations of said claim are addressed in the rejection of claim 5.
Regarding claim 16, the limitations of said claim are addressed in the rejection of claim 6.
	Regarding claim 17, the limitations of said claim are addressed in the rejection of claim 7.
	Regarding claim 18, the limitations of said claim are addressed in the rejection of claim 8.
	Regarding claim 19, the limitations of said claim are addressed in the rejection of claim 9.

Claims 3, 5, 13, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Myneni in view of Naveen as applied to claims 1 and 11 above, and further in view of Woolward (US-20200382556-A1).
	Regarding claim 3, Myneni in view of Naveen show wherein the particular API request specifies (Myneni, [39]) a security policy by reference to the CRD, each security policy to be implemented as a firewall rule (Myneni, [39,56]) at the gateway router serving as the ingress/egress node of the logical network (Naveen, [30-31,33]).	Myneni in view of Naveen do not show two or more security policies.	Woolward shows referencing two or more security policies ([43]).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the virtualized network infrastructure configuration and management teachings of Myneni in view of Naveen with the support for multiple policies 
	Regarding claim 3, Myneni in view of Naveen show wherein the particular API request specifies (Myneni, [39]) a security policy by reference to the CRD, each security policy to be implemented as a firewall rule (Myneni, [39,56]) enforced by a firewall device (Myneni, [83]).
	Myneni in view of Naveen do not show two or more security policies.	Woolward shows referencing two or more security policies ([43]).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the virtualized network infrastructure configuration and management teachings of Myneni in view of Naveen with the support for multiple policies provided in Woolware in order to enable consideration of additional factors and rules, as well as ensuring orderly evaluation of rules when there are conflicts.
	Regarding claim 13, the limitations of said claim are addressed in the rejection of claim 3.
	Regarding claim 15, the limitations of said claim are addressed in the rejection of claim 5.

Claims 10 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Myneni in view of Naveen as applied to claims 1 and 11 above, and further in view of Woolward and Wohlgemuth (US-10122735-B1).
	Regarding claim 10, Myneni in view of Naveen show wherein the particular API request comprises a policy field that specify a security policy (Myneni, [73])), as well as the presence of 
	Myneni in view of Naveen do not show a plurality of security policies.	Woolward shows referencing a plurality of security policies ([43]).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the virtualized network infrastructure configuration and management teachings of Myneni in view of Naveen with the support for multiple policies provided in Woolware in order to enable consideration of additional factors and rules, as well as ensuring orderly evaluation of rules when there are conflicts.
	Myneni in view of Naveen and Woolward do not show a policy for egress traffic and a policy for ingress traffic. 	Wohlgemuth shows a policy for egress traffic and a policy for ingress traffic (Fig. 2 and col. 11 lines 30-35).	It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the virtualized network infrastructure configuration and management teachings of Myneni in view of Naveen and Woolward with the unique policy applications for both ingress and for egress traffic in order to enable more flexible device configuration (e.g., as creating a network flow may be more permissible an operation than accepting an external connection for a network flow).
	Regarding claim 20, the limitations of said claim are addressed in the rejection of claim 10.



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Such prior art includes the following reference relevant to security policy specification and intent-based declarations:	Abwnawar, Nasser. “A Policy-Based Management Approach to Security in Cloud Systems.” (Year: 2020)	Abhashkumar, Anubhavnidhi et al. “Supporting Diverse Dynamic Intent-based Policies using Janus.” Proceedings of the 13th International Conference on emerging Networking EXperiments and Technologies  (Year: 2017)


Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN M MACILWINEN whose telephone number is (571)272-9686. The examiner can normally be reached Monday - Friday, 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

JOHN MACILWINEN
Primary Examiner
Art Unit 2442



/JOHN M MACILWINEN/Primary Examiner, Art Unit 2442