DETAILED ACTION
I.	Claim 2 has been cancelled.
II.	Claim 5 has been added.
III.	Claims 1 and 3-5 have been examined.
IV.	Responses to Applicant’s remarks have been given.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 4 and 5 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 1, 4, and 5 recite the limitation "running on the network devices, the network device…” it is unclear as to which of the plurality of “network devices” that the singular “network device” is referring to.  It is recommended to amend the claim language to “at least one of the network devices”.  Appropriate correction is required.
When a claim is amenable to two or more plausible claim constructions, the claim is indefinite for failing to particularly point out and distinctly claim the subject matter the Applicant considers to be the invention. Ex parte Miyazaki, 89 USPQ2d 1207, 1215 (BPAI 2008) (precedential).
Presently, some claims require speculation and conjecture by the Examiner and by one of ordinary skill in the art inasmuch as the claims under examination are rejected under 35 U.S.C. 112, second paragraph.  In light of the precedence set forth in In re Steele, 305 F.2d 859, 862 (CCPA 1962) and In re Wilson, 424 F.2d 1382, 1385 (CCPA 1970), the Examiner applies cited art in accordance with a position as best understood in the context of the claims and the invention as a whole to expedite compact prosecution.  Such interpretations of the claims versus the cited art cannot be used as a basis for overcoming the objections or rejections set forth supra. 
A claim that requires the exercise of subjective judgment without restriction may render the claim indefinite. In re Musgrave, 431 F.2d 882, 893, 167 USPQ 280, 289 (CCPA 1970). Claim scope cannot depend solely on the unrestrained, subjective opinion of a particular individual purported to be practicing the invention. Datamize LLC v. Plumtree Software, Inc., 417 F.3d 1342, 1350, 75 USPQ2d 1801, 1807 (Fed. Cir. 2005)); see also Interval Licensing LLC v. AOL, Inc., 766 F.3d 1364, 1373, 112 USPQ2d 1188 (Fed. Cir. 2014) (holding the claim phrase "unobtrusive manner" 
Response to Arguments
The objection to claim 3 is hereby withdrawn due to the amending of the claim limitation to recite a singular “specific network application”.
The Applicant has not addressed the other previously-made objections to the drawings nor of the objections to the specification; thus the objections to the drawings and the specification are hereby maintained. The response did not point out supposed errors in the examiner’s rejection, and thus it does not comply with 37 CFR 1.111(b): “in order to be entitled to reconsideration or further examination, the applicant or patent owner must reply to the Office action. The reply by the applicant or patent owner must be reduced to a writing which distinctly and specifically points out the supposed errors in the examiner’s action and must reply to every ground of objection and rejection in the prior Office action.”
Applicant's arguments filed on 09/24/2021 have been fully considered but they are not persuasive due to the Applicant has recited the claim limitations within claim 1, but not explain how they distinguish themselves from the cited prior art, nor how the cited prior art does not disclose those limitations of the claimed invention. “A statement which merely points out what a claim recites will not be considered an argument for separate patentability of the claim.”); see also In re Lovin, 652 F.3d 1349, 1357 (Fed. Cir. 2011).
Though the incomplete sentence in paragraph 36 has been removed, the Specification remains objected to via the grounds cited below.  The Applicant argues 
The drawings remain objected via the grounds cited below.
Specification
The specification is objected to as failing to provide proper antecedent basis for the claimed subject matter.  See 37 CFR 1.75(d)(1) and MPEP § 608.01(o).  Correction of the following is required: Claim 1 and Claim 4 recite the limitation “detecting the specific network application has ceased execution by using deep packet inspection; and closing the micro-firewall container.” There is no support for this limitation anywhere in the specification. 
The disclosure is objected to because of the following informalities: paragraph 36 states “At step 360, it is detected the specific network application has ceased execution.” This language is inconsistent with step 360 of the flowchart in Figure 3. Appropriate correction is required.
Also, there is a missing period at the end of paragraph 43. Appropriate correction is required.
 Drawings
The drawings are objected to under 37 CFR 1.83(a).  The drawings must show every feature of the invention specified in the claims.  The referred step 360 of Figure 3 within paragraph 36 of the Applicant’s Specification does not exist anywhere within the 
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
In addition to Replacement Sheets containing the corrected drawing figure(s), applicant is required to submit a marked-up copy of each Replacement Sheet See 37 CFR 1.121 (d)(1). Failure to timely submit the proposed drawing and marked-up copy will result in the abandonment of the application.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1 and 3-5 are rejected under 35 U.S.C. 103 as being unpatentable over United States Patent Application Publication No. US 2017/0353498 to Huang et al., hereinafter Huang, and further in view of United States Patent Application Publication No. US 2008/0235755 to Blaisdell et al., hereinafter Blaisdell..
Regarding claims 1 and 5, Huang teaches a firewall device and a computer-implemented method in a firewall device of a data communication system (Figure 2A, “Instance Engine 314”), for executing per-application micro-firewall images in a dedicated container on a data communications network, the method comprising the steps of:
generating application profiles from metadata concerning network applications installed on network devices (Figures 3B and 5B, paragraphs 6, 144 and 169);
storing the application profiles in an application profile database (Figure 3B, and paragraphs 130-133),
detecting a current execution of a specific network application for transmitting data packets on a network device with deep packet inspection (Figures 4B and 5A, and paragraphs 8, 26, 73, 141 and 164);
responsive to the detection, retrieving an application profile associated with the specific network application (Figures 5B and 5C and paragraphs 56 and 172);
spawning a dedicated micro-firewall container for executing per-application micro-firewall images from an operating system of the firewall device, to execute the application profile of the specific network application(paragraph 165, “security instance distinct from the plurality of user-space instances is instantiated (508).  The security instance is instantiated within the respective operating system environment, has a respective virtual address space in virtual memory of the respective operating system environment, and is executed in user space of the respective virtual address space.”, 
Huang teaches the claimed invention, as cited above.  However, Huang does not teach the claim limitations with regards to “”the application profiles comprising per-application firewall rules for applications running on the network devices, the network device located remotely from the firewall device over the data communications network…the application profiles comprising per-application firewall rules; wherein the dedicated micro-firewall is part of a plurality of micro-firewalls available, and wherein the plurality of micro-firewalls available is divided by categories, at least two of the categories comprising source entity and destination entity; executing the application profile in the container to examine network traffic associated with the specific network application including per-application firewall rules and general firewall rules; detecting the specific network application has ceased execution by using deep packet inspection; and closing the micro-firewall container.” Blaisdell teaches said limitations, as cited below
Further regarding claims 1 and 5, Blaisdell teaches the application profiles comprising per-application firewall rules for applications running on the network devices, the network device located remotely from the firewall device over the data communications network (Figures 3 and 4, and paragraph 33, “software rule triggers”, paragraphs 34, and 37, “firewall rules”, section 2.6 “Dynamic Enabling/Disabling of Firewall Rule Based on Usage Events” which covers paragraph 57, “Firewall rule are grouped into profiles”, paragraph 58, “Profiles are activated or deactivated by: software trigger, timer trigger, internal firewall rule trigger” and paragraphs 59-61; and paragraphs 106, and 119);
 wherein the dedicated micro-firewall is part of a plurality of micro-firewalls available, and wherein the plurality of micro-firewalls available is divided by categories, at least two of the categories comprising source entity and destination entity (paragraphs 40, 55, and 106, “A node can only request propagation for policies controlling its own resources (i.e., source or destination address belonged to it).”, and paragraphs 120 and 251, “Firewall could only be installed from a host/router which own the source (egress firewall) or destination (ingress firewall)”);
executing the application profile in the container to examine network traffic associated with the specific network application including per-application firewall rules and general firewall rules (Figures 3 and 4, and paragraph 33, “software rule triggers”, paragraphs 34, and 37, “firewall rules”, section 2.6 “Dynamic Enabling/Disabling of Firewall Rule Based on Usage Events” which covers paragraph 57, “Firewall rule are grouped into profiles”, paragraph 58, “Profiles are activated or deactivated by: software trigger, timer trigger, internal firewall rule trigger” and paragraphs 59-61; and paragraphs 106, and 119);

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Blaisdell with the teachings of Huang to improve the security of the network environment because “it would be desirable have a firewall operated by the ISP that implements rules and policies of a network owner or the owner of a stand-alone device, thereby preventing unwanted traffic from entering the network and ensuring that there is available bandwidth for data leaving the network in certain specified circumstances” (Blaisdell – paragraph 7).
The obviousness to combine for independent claim 1 also pertains to independent claim 4.
In assessing whether a claim to a combination of prior art elements/steps would have been obvious, the question to be asked is whether the improvement of the claim is more than the predictable use of prior art elements or steps according to their established functions. KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 418 (2007). “[T]he analysis need not seek out precise teachings directed to the specific subject matter of the challenged claim, for a court can take account of the inferences and creative steps that a person of ordinary skill in the art would employ.” Id. at 418.  It is well established that in evaluating references it is proper to take into account not only the specific 
Regarding claim 3, Huang teaches wherein more than one micro-firewall container is spawned for a specific network application (paragraphs 97, 98, and 124).
Regarding claim 4, Huang discloses a non-transitory computer-readable media storing instructions that, when executed by a processor, perform a computer-implemented method in a firewall device of a data communication system, for executing per-application micro-firewall images in a dedicated container on a data communications network, the method comprising the steps of:
generating application profiles from metadata concerning network applications installed on network devices (Figures 3B and 5B, paragraphs 6, 144 and 169);
storing the application profiles in an application profile database (Figure 3B, and paragraphs 130-133), 
detecting a current execution of a specific network application for transmitting data packets on a network device with deep packet inspection (Figures 4B and 5A, and paragraphs 8, 26, 73, 141 and 164);
responsive to the detection, retrieving an application profile associated with the specific network application (Figures 5B and 5C and paragraphs 56 and 172);
spawning a dedicated micro-firewall container for executing per-application micro-firewall images from an operating system of the firewall device, to execute the 
Huang discloses the claimed invention, as cited above.  However, Huang does not disclose the claim limitations with regards to “the application profiles comprising per-application firewall rules for applications running on the network devices, the network device located remotely from the firewall device over the data communications network…wherein the dedicated micro-firewall is part of a plurality of micro-firewalls available, and wherein the plurality of micro-firewalls available is divided by categories, at least two of the categories comprising source entity and destination entity; executing the application profile in the container to examine network traffic associated with the specific network application including per-application firewall rules and general firewall rules; detecting the specific network application has ceased execution by using 
Further regarding claim 4, Blaisdell the application profiles comprising per-application firewall rules for applications running on the network devices, the network device located remotely from the firewall device over the data communications network (Figures 3 and 4, and paragraph 33, “software rule triggers”, paragraphs 34, and 37, “firewall rules”, section 2.6 “Dynamic Enabling/Disabling of Firewall Rule Based on Usage Events” which covers paragraph 57, “Firewall rule are grouped into profiles”, paragraph 58, “Profiles are activated or deactivated by: software trigger, timer trigger, internal firewall rule trigger” and paragraphs 59-61; and paragraphs 106, and 119); 
wherein the dedicated micro-firewall is part of a plurality of micro-firewalls available, and wherein the plurality of micro-firewalls available is divided by categories, at least two of the categories comprising source entity and destination entity (paragraphs 40, 55, and 106, “A node can only request propagation for policies controlling its own resources (i.e., source or destination address belonged to it).”, and paragraphs 120 and 251, “Firewall could only be installed from a host/router which own the source (egress firewall) or destination (ingress firewall)”);
executing the application profile in the container to examine network traffic associated with the specific network application including per-application firewall rules and general firewall rules (Figures 3 and 4, and paragraph 33, “software rule triggers”, paragraphs 34, and 37, “firewall rules”, section 2.6 “Dynamic Enabling/Disabling of Firewall Rule Based on Usage Events” which covers paragraph 57, “Firewall rule are grouped into 
detecting the specific network application has ceased execution by using deep packet inspection; and closing the micro-firewall container (paragraph 79, “”Deep packet inspection support (configurable based on local resource availability)”, and paragraph 80, “Dynamically provisioned (API/authentication framework to allow external injection of rules and activation/deactivate of rule)”.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The references cited on form PTO-892 are cited to further show the state of the art with respect to the implementation of firewalls within a network environment. 
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEREMIAH L AVERY whose telephone number is (571)272-8627. The examiner can normally be reached M-F 8:30am -5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 



/JEREMIAH L AVERY/Primary Examiner, Art Unit 2431