DETAILED ACTION
This Office Action is in response to the communication filed on 10/21/2019. 
Claims 1-20 are pending. 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Examiner's Note
In light of paragraph [0055] of the specification which states "Computer storage media excludes signals per se." The term "computer-storage media" as recited in claim 8 has been interpreted as covering only non-transitory computer-storage media.
Claim Objections
Claims 5, and 18 are objected to because of the following informalities: 
The limitation "wherein adding the one or more restrictions on the ports is based on applying the set of restriction rules to the active configuration record," has been recited twice in claims 5 and 18, the second time appears redundant. 
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 1, 4, and 6 recite the limitation "the expected configuration record," however it is unclear whether "the expected configuration record" refers to "an expected configuration record" as recited in line 6 of claim 1, "an expected configuration record" as recited in line 8 of claim 1, or some other expected configuration record. Claims 8, 11, 13, 15, 17, and 19 also have this similar issue. For the purpose of examination, "the expected configuration record" has been interpreted as referring to any expected configuration record.
There is insufficient antecedent basis for the limitation "the set of restriction rules" as recited in claims 5-7, 12-14, and 18-20. It is unclear which limitation "the set of restriction rules" refers to. 

There is insufficient antecedent basis for the limitation "the one or more subscription network policies" as recited in claims 6, 13, and 19. It is unclear which limitation "the one or more subscription network policies" refers to.
Dependent claims are also rejected for inheriting the deficiencies of the independent claims from which they depend on.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 5-6, 8, 12-13, 15, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Kashyap et al. (US 2020/0153758) in view of Brown (US 6,237,007).
Claim 1, Kashyap teaches: 
A computerized system comprising: one or more computer processors; and computer memory storing computer-useable instructions that, when used by the one or more computer processors, cause the one or more computer processors to perform operations comprising: accessing an active configuration record and an expected configuration record of a network segment of a subscription environment in a distributed computing environment; determining that a restriction of a port in an expected configuration record is missing from the active configuration record based on comparing the active configuration record to the expected configuration record; (e.g. fig. 1, [0010], "After the virtual link is established…FIP remains in the background to perform virtual link maintenance functions…FIP continuously verifies reachability between two virtual FC interfaces on the Ethernet network, and offers primitives to delete the virtual link in response to administrative actions" [0029], "the second network element may receive a multi-port status message from the first network element…then the second network element compares the listing of active first virtual ports in the 
Kashyap teaches the restriction of the port is missing, the active configuration record, and the network segment (see above) and does not appear to explicitly teach but Brown teaches: 
based on determining that a restriction of a port is missing, modifying an active configuration record to a modified active configuration record based on adding one or more restrictions on the port; and causing initialization of the modified active configuration record. (e.g. claim 1, "comparing the component port list for the selected component to the module port list for the selected module so as to verify whether said one or more ports in said component port list are present in said module port list; and generating an advisory in the event one or more of the ports in the component port list is missing from the module port list" claim 8, "further comprising generating a proposed modification to the 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Brown into the invention of Kashyap, and the motivation for such an implementation would be for the purpose of quickly finding port list errors and 
Claim 5, Kashyap-Brown combination teaches:
wherein adding the one or more restrictions on the ports is based on applying the set of restriction rules to the active configuration record, wherein adding the one or more restrictions on the ports is based on applying the set of restriction rules to the active configuration record, wherein adding the one more restrictions is based on creating one or more new network policies for the active configuration record. (e.g. Kashyap [0025], [0035]; Brown col. 6 ll. 57 – col. 7 ll. 1; col. 9 ll. 49-53, 61-63)
Claim 6, Kashyap-Brown combination teaches:
wherein adding the one or more restrictions on the ports is based on applying the set of restriction rules to the active configuration record, wherein the set of restriction rules are applied to a calculated set of ports, wherein the calculated set of ports are a set of ports from the expected configuration record 
Claim 8, this claim is directed to a media containing similar limitations as recited in claim 1 and is rejected using the same rationale to combine the references.
Claim 12, this claim is directed to a media containing similar limitations as recited in claim 5 and is rejected using the same rationale to combine the references.
Claim 13, this claim is directed to a media containing similar limitations as recited in claim 6 and is rejected using the same rationale to combine the references.
Claim 15, this claim is directed to a method containing similar limitations as recited in claim 1 and is rejected using the same rationale to combine the references.

Claim 19, this claim is directed to a method containing similar limitations as recited in claim 6 and is rejected using the same rationale to combine the references.
Claims 2, and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Kashyap et al. (US 2020/0153758) in view of Brown (US 6,237,007) further in view of Arramreddy et al. (US 2017/0118173).
Claim 2, Kashyap-Brown combination teaches the network segment, the subscription environment, the distributed computing environment (see above) and does not appear to explicitly teach but Arramreddy teaches: 
a virtual network firewall, one of a plurality of subscription environments, wherein the plurality of subscription environments are associated with corresponding security maintenance managers that support maintaining a set of pre-defined network policies comprising restrictions for internet-exposed management ports. (e.g. [0028], [0056]-[0059], [0067], [0073])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings 
Claim 9, this claim is directed to a media containing similar limitations as recited in claim 2 and is rejected using the same rationale to combine the references.
Claims 3, 10, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Kashyap et al. (US 2020/0153758) in view of Brown (US 6,237,007) further in view of Lavi et al. (US 2016/0360557).
Claim 3, Kashyap-Brown combination teaches the network segment (see above) and does not appear to explicitly teach but Lavi teaches:
filtering out one or more network policies associated with virtual network interface cards in a network segment, wherein a virtual network interface card inherits one or more restrictions applied to the network segment. (e.g. [0038])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Lavi into the invention of Kashyap-Brown combination, and the 
Claim 10, this claim is directed to a media containing similar limitations as recited in claim 3 and is rejected using the same rationale to combine the references.
Claim 16, this claim is directed to a method containing similar limitations as recited in claim 3 and is rejected using the same rationale to combine the references.
Claims 4, 7, 11, 14, 17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Kashyap et al. (US 2020/0153758) in view of Brown (US 6,237,007) further in view of Pham (US 2019/0081854). 
Claim 4, Kashyap-Brown combination teaches wherein the active configuration record comprises one or more subscription network policies, and  the expected configuration record (see above) and does not appear to explicitly teach but Pham teaches:
one or more Internet Protocol (IP) ranges to be restricted and one or more ports to be restricted based on a set of restriction rules, and wherein the set of 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Pham into the invention of Kashyap-Brown combination, and the motivation for such an implementation would be for the purpose of adding IP addresses to firewalls to protect a device (Pham [0002]-[0003]).
Claim 7, Kashyap-Brown combination teaches an expected configuration record (see above) and does not appear to explicitly teach but Pham teaches:
wherein the set of restriction rules are defined in an expected configuration record, wherein a rule in the set of restriction rules is configurable based with a selected Internet Protocol (IP) range and a corresponding selected port and protocol combination. (e.g. [0028])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings described by Pham into the invention of Kashyap-Brown combination, and the motivation for such an implementation would be for the purpose of adding IP addresses to firewalls to protect a device (Pham [0002]-[0003]).

Claim 14, this claim is directed to a media containing similar limitations as recited in claim 7 and is rejected using the same rationale to combine the references.
Claim 17, this claim is directed to a method containing similar limitations as recited in claim 4 and is rejected using the same rationale to combine the references.
Claim 20, this claim is directed to a method containing similar limitations as recited in claim 7 and is rejected using the same rationale to combine the references.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: US 2013/0074066 discloses a portable port profile that is based on a virtual machine definition file.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMIE C LIN whose telephone number is (571)272-7752. The examiner can normally be reached M-F 9:00AM -5:00PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AMIE C. LIN/Primary Examiner, Art Unit 2436