DETAILED ACTION
	This office action is in response to the amendment filed on 10/21/2021 in which claims 1-20 are pending.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-20 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Srinivasan et al. (US20200092299A1).

As to claims 1, 6, 7, 16, and 17, Srinivasan teaches a system, comprising: (abstract describes a system) 
one or more processors; and ([0062] the computing system 900 comprises at least one processor 902)
a non-transitory computer-readable storage medium having instructions stored thereupon which, when executed by the one or more processors, cause the system to: ([0064] The operations described herein can be implemented via computer-executable instructions stored on one or more computer storage media that, when executed by one or more processors, enable the one or more processors to perform the operations.)
 receive a request to mirror at least a portion of data packets originating within a Virtual Private Cloud (VPC) associated with a customer of a cloud provider network; ([0072] receive a remote call via an application programming interface (API) configured as part of the cloud-based platform, wherein the remote call requests application of the role-based mirroring policy to the workload executing on the virtual machine, wherein the remote call includes user information associated with a user requesting application of the role-based mirroring policy;)
identify one or more computing resources within the VPC to act as a traffic mirror source that acts as a source of mirrored data packets, wherein the one or more computing resources comprise one or more of a load balancer within the VPC, an internal gateway within the VPC, a transit gateway, an elastic network interface (ENI) within the VPC, an Elastic Container Service (ECS), an Elastic Kubnernetes Service (EKS) interface, an interface for a compute engine that runs containers, or an interface for a service that runs code without provisioning or managing servers;  (fig. 8 step 808 and [0031] the virtual machine includes a container)
identify one or more traffic mirror targets that act as a target for receiving the mirrored data packets; (fig. 8 step 814 send the mirrored packet to another virtual machine)
([0016] the policy can be configured to filter the data packets to be copied and streamed)
establish a traffic mirror session between the traffic mirror source and the one or more traffic mirror targets; (Fig. 8 step 814 stream mirror traffic from source to destination)
configure, the traffic mirror source, to provide data to the one or more traffic mirror targets based, at least in part, on the one or more filters; (fig. 8 step 812 and 814 packets that are sent are copied based on the policy)
 identify, via the traffic mirror source, data packets associated with the traffic mirror source, wherein the data packets comprise one or more of incoming data packets to the traffic mirror source or outgoing data packets from the traffic mirror source; (Fig. 8 step 812 copy the data that is communicated to or from the VM)
identify, via the traffic mirror source, characteristics of the data packets; ([0016] characteristics of the data packet are used to filter packets for mirroring) 
determine, via the traffic mirror source, the at least the portion of the data packets to mirror to at least one of the one or more traffic mirror targets based at least in part on one or more of the characteristics and the one or more filters; ([0016] resources can be saved via the filtering process because not all the data packets may need to be copied and streamed.)
generate, via the traffic mirror source, mirrored data packets based at least in part on the at least the portion of the data packets; and (Fig. 8 step 812 create based on the policy a copy of the data packets)
(Fig. 8 step 814 stream the copy to the destination)
As to claims 2, 8, and 18, Srinivasan teaches the system of claim 1, wherein the one or more computing resources comprise one or more of the elastic network interface (ENI) within the VPC, the Elastic Container Service (ECS), the Elastic Kubnernetes Service (EKS) interface, the interface for a compute engine that runs containers, or the interface for a service that runs code without provisioning or managing servers. (fig. 8 step 808 and [0031] the virtual machine includes a container)
As to claims 3, 10, and 20, Srinivasan teaches the system of claim 1, wherein at least one of the one or more traffic mirror targets are located within a second VPC that is associated with a second customer of the cloud provider network. (Fig. 8 step 814 stream to another virtual machine in a peer virtual network hosted by the cloud based platform)
As to claim 4, Srinivasan teaches the system of claim 1, wherein generate the mirrored data packets comprises encapsulating the at least the portion of the data packets within a VxLAN header. ([0038] a hairpin feature of the networking component 122 is used to make a copy of an original data packet. The original data packet can be encapsulated using VXLAN)
As to claim 5, Srinivasan teaches the system of claim 1, wherein the instructions further cause the system to provide a user interface to a computing device associated with the customer, wherein the request to mirror is received via the user interface. ([0056] –[0057] the request is sent to an API for the user to respond)
As to claims 9, and 19, Srinivasan teaches the computer-implemented method of claim 6, further comprising receiving, from a computing device associated with the customer, data identifying the one or more traffic mirror targets. (Fig. 8 step 802 and 804 [0045] The filter can specify that only data packets being sent to a particular destination be copied.  [0072] receive a remote call via an application programming interface (API) configured as part of the cloud-based platform, wherein the remote call requests application of the role-based mirroring policy [0016] the policy can be configured to filter the data packets to be copied and streamed.)
As to claim 11, Srinivasan teaches the computer-implemented method of claim 6, further comprising: receiving one or more filter rules associated with the target mirror source, wherein the one or more filter rules include one or more inbound rules associated with incoming data packets, or outbound rules associated with outgoing data packets; and configuring the one or more filters to apply the one or more filter rules to the data packets. (fig. 8 step 812 and 814 packets that are sent are copied based on the policy [0016] In various examples, the policy can be configured to filter the data packets to be copied and streamed. The filter can specify that traffic flowing in a particular direction be copied (e.g., only incoming data packets or packets received by the virtual machine, only outgoing data packets or data packets sent by the virtual machine, etc.).)
As to claim 12, Srinivasan teaches the computer-implemented method of claim 11, further comprising establishing a traffic mirror session between the traffic mirror source and the one or more traffic mirror targets; and configuring the traffic mirror source to provide data to the one or more traffic mirror targets based, at least in part, on (fig. 8 steps 812 and 814 mirror based on policy and stream from source to destination.) 
As to claim 13, Srinivasan teaches the computer-implemented method of claim 6, further comprising encapsulating individual ones of the at least the portion of the data packets within a VxLAN header before providing the at least the portion of the data packets to the one or more traffic mirror targets and ([0038] a hairpin feature of the networking component 122 is used to make a copy of an original data packet. The original data packet can be encapsulated using VXLAN)
unencapsulating the individual ones of the at least the portion of the data packets after the providing the at least the portion of the data packets to the one or more traffic mirror targets. ([0032] the host node may be used to encapsulate and/or de-encapsulate (“encap/decap”) data packets and/or to translate addresses from one layer of abstraction to another and/or between physical and virtual layers.)
As to claim 14, Srinivasan teaches the computer-implemented method of claim 6, further comprising limiting a size of the at least the portion of the data packets before providing the at least a portion of the data packets to the one or more traffic mirror targets. ([0016] resources can be saved via the filtering process because not all the data packets may need to be copied and streamed.)
As to claim 15, Srinivasan teaches the computer-implemented method of claim 6, further comprising: causing a computing device associated with the customer to display a graphical user interface that includes user interface elements; and receiving data from the computing device indicating the traffic mirror source, the traffic mirror target, and one or more filter rules based, at least in part, on an interaction with one or (Fig. 8 step 802 and 804 [0045] The filter can specify that only data packets being sent to a particular destination be copied.  [0072] receive a remote call via an application programming interface (API) configured as part of the cloud-based platform, wherein the remote call requests application of the role-based mirroring policy [0016] the policy can be configured to filter the data packets to be copied and streamed.)





Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELTON S WILLIAMS whose telephone number is (571)272-9933. The examiner can normally be reached 8-4 Mon-Fri.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Marsha Banks Harold can be reached on 5712727905. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/Elton Williams/Examiner, Art Unit 2465