DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 08/11/2021 has been entered.
3.	Claims 21-38 are pending. 

Response to Arguments and Amendments
4.	Applicant’s arguments, see pages 2-4 on remarks, filed 07/09/2021, with respect to the rejection(s) of claim(s) 21-38 under 103 rejection have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of James Ferris (US 20120137001) and Choung-Yaw Michael Shieh (US 20130117801), Mark Buer (US 8996885).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

5.	Claims 21-23, 26-38 are rejected under 35U.S.C 103 as being unpatentable over James Ferris (US 20120137001), in view of Choung-Yaw Michael Shieh (20130117801), hereinafter Shieh.

	Regarding claim 21:
	Ferris disclose deploying a network security software within a virtualized network of the cloud computing system so that the network security software can be executed by a computing resource deployed within the virtualized network to provide a security service on the virtualized network he set of subscribed services' resource rules 334 can be configured to store rules or best practices for deploying subscribed services in computing cloud environment such as the clouds 304 and 306.  The set of subscribed services' resource rules 334 can be configured to include requirements for subscribed services provided by the owners and operators of the clouds 304 and 306.  The set of subscribed services' rules 334 can also be configured to include resources available in the clouds 304 and 306 (Ferris, para 59). Examiner interprets subscribed service’s resource rules 334 is network security software claimed.  In paragraph 40, subscribed service can be security services, messaging service, data storage service, backup service and authorization service. 
Ferris further teaches receiving an application programming interface (API) call from a customer platform device external to the virtualized network each instantiated virtual machine can communicate with the cloud management system 104 and the underlying registered set of resource servers 108 via a standard Web application programming interface (API), or via other calls or interfaces (Ferris, para 32), and also the cloud management system 104 can communicate with one or more set of resource servers 108 to locate resources to supply the required components , other software services that are provided outside of the cloud 102 and hosted by third parties can be invoked by in-cloud virtual machines (Ferris, para 25). Examiner interprets outside of cloud 102 is external to the virtualized network in claim 21. 
However, Farris fails to disclose executing the network security software by the computing resource deployed within the virtualized network to provide the security service on the virtualized network.
a software agent installed in each physical and virtual network devices communicates with security gateway 150 to provide network security according to an integrated security (Fig, 2, para 24), and further software agent running on the virtual machine itself to determine that access to the virtual machine at the first physical location was permitted by the security gateway (para 37). Examiner interprets that security software agent installed in each physical device is equivalent with executing the network security software and provide the security service on the virtualized network.   Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the claimed invention was made that Ferris with that of Shieh in order to install security software to provide firewall protection, intrusion detection, intrusion prevention, or authentication.
	
Regarding claim 22:
Shieh further discloses wherein the operations further comprise: exposing, to the customer platform device, an API to provide access to the security service provided by the network security software (Shieh, Fig.3, step 305, apply a security policy associated with the security boundary to communications between the network and the virtual machine at the second physical location, and (para 21, client system 101 to access data hosted by hosts 111-114 or one of storage devices in the network). Examiner interprets that security software agent installed in each physical device is equivalent with executing the network security software and provide the security service on the virtualized network.   Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the claimed invention was made that Ferris with that of Shieh in order to install security software to provide firewall protection, intrusion detection, intrusion prevention, or authentication.


Regarding claim 23:
	Ferris discloses wherein the computing resource used to execute the network security software includes at least one virtual machine resources of the cloud can further refer to any communications resources, such as ports or channels provided to a virtual machine or other machine or process in the cloud (Ferris, para 19).

Regarding claim 26:
Shieh discloses wherein in response to receiving the API call, the at least one processor provides the security service to a virtualized asset deployed within the virtualized network the software agent running on the virtual machine itself to determine that access to the virtual machine at the first physical location was permitted by the security gateway (para 37). Examiner interprets that security software agent installed in each physical device is equivalent with executing the network security software and provide the security service on the virtualized network.   Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the claimed invention was made that Ferris with that of Shieh in order to install security software to provide firewall protection, intrusion detection, intrusion prevention, or authentication.

Regarding claim 27:
Ferris discloses wherein the security service is a firewall that provides firewall protection to the virtualized asset the subscribed services 316 and 318 can be any type of service, such as, identity management services, firewall services, security services (Ferris, para 40).


Regarding claim 28:
Claim 28 is rejected under the same reason set forth in rejection of claim 21.

Regarding claim 29:
Ferris discloses a system comprising at least one hardware computing resource upon which instructions are stored that, when executed, cause the hardware computing resource to perform operations comprising: 
customer can request the instantiation of a virtual machine or set of machines from those resources from a central server or management system to perform intended tasks or applications (Ferris, para 3); receiving an application programming interface (API) call from a customer platform device external to the virtualized network each instantiated virtual machine can communicate with the cloud management system 104 and the underlying registered set of resource servers 108 via a standard Web application programming interface (API), or via other calls or interfaces (Ferris, para 32).
Shieh discloses configuring a virtual machine to support a security service on a virtualized network security gateway 150 includes memory 150A that includes information (e.g., a set of security policies) and code to perform access control using security policies, as well as communicate with virtual machines and perform operations associated with those situations (Shieh, para 23).
and in response to receiving the API call, executing a network security software deployed within the virtualized network by the virtual machine instantiated on the hardware computing resource deployed within the virtualized network  to provide the security service on the virtualized network a software agent installed in each physical and virtual network devices communicates with security gateway 150 to provide network security according to an integrated security (Fig, 2, para 24), and further software agent running on the virtual machine itself to determine that access to the virtual machine at the first physical location was permitted by the security gateway (para 37). Examiner interprets that security software agent installed in each physical device is equivalent with executing the network security software and provide the security service on the virtualized network.   Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the claimed invention was made that Ferris with that of Shieh in order to install security software to provide firewall protection, intrusion detection, intrusion prevention, or authentication.

Regarding claim 30:
Claim 30 is rejected under the same reason set forth in rejection of claim 22.


Ferris and Chow disclose wherein the hardware computing resource is a part of a distributed computing environment comprising a plurality of hardware computing resources computing systems can include a number of hardware resources, which are used to Support the Subscribed services (e.g. virtual machines, software appliances, processes and the like) in the clouds 304 and 306 (Ferris, para 41).

Regarding claim 32:
Claim 30 is rejected under the same reason set forth in rejection of claim 26.

Regarding claim 33:
Claim 30 is rejected under the same reason set forth in rejection of claim 27.

Regarding claim 34:
Shieh disclose wherein the API call identifies a virtualized asset within the virtualized network and instructs that the security service be provided to the virtualized asset software gateway 150 could use the published API of the management console to access the individual virtual devices (Shieh, para 26). Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the claimed invention was made that Ferris with that of Shieh in order to install security software to provide firewall protection, intrusion detection, intrusion prevention, or authentication.

Regarding claim 35:
Claim 35 is rejected under the same reason set forth in rejection of claim 34.

Regarding claim 36:
Ferris and Chow disclose wherein in response to receiving the API call, the security service is provided to a virtualized asset deployed within the virtualized network assigns the virtual machine at the second physical location to the security boundary (processing block 304), and applies a security policy associated with the security boundary to communications between the network and the virtual machine at the second physical location (Sheih, para 34). Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the claimed invention was made that Ferris with that of Shieh in order to install security software to provide firewall protection, intrusion detection, intrusion prevention, or authentication.

Regarding claim 37:
Ferris and Chow disclose wherein the security service is a firewall that provides firewall protection to the virtualized asset the subscribed services 316 and 318 can be any type of service, such as, identity management services, firewall services, security services (Ferris, para 40).

Regarding claim 38:
Ferris and Chow disclose wherein the API call identifies a virtualized asset within the virtualized network and instructs that the security service be provided to the virtualized asset software gateway 150 could use the published API of the management console to access the individual virtual devices (Shieh, para 26). Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the claimed invention was made that Ferris with that of Shieh in order to install security software to provide firewall protection, intrusion detection, intrusion prevention, or authentication.


6.	Claim 25 is rejected under 35U.S.C 103 as being unpatentable over James Ferris (US 20120137001), in view of Choung-Yaw Michael Shieh (20130117801), and further in view of Mark Buer (US 8996885), hereinafter Buer.

	Ferris discloses API call (please see claim 21), but fails to disclose includes a request for the security service. Buer teaches the USH processor may also include an API to expose the security services to applications executing on the host processor and/or the low power host processor (Buer, Abstract, lines 16-18]). Therefore, it would have been obvious to one ordinary skill in the art before . 

7.	Claim 24 is rejected under 35U.S.C 103 as being unpatentable over James Ferris (US 20120137001), in view of Choung-Yaw Michael Shieh (20130117801), and further in view of Timothy Abels (US 20060184935), hereinafter Abels.

	Regarding clam 24:
Ferris and Sheih disclose deploy security software (please see rejection of claim 1), but fail to disclose wherein the network security software has been decoupled from a hardware of a network security device. However, Abels teaches resource virtualization decouples software applications from hardware information handling systems by placing the software applications in “virtual machine” containers. A virtual machine is a software abstraction of the hardware layer that provides all of the functionality of a physical hardware system having operating systems and applications installed just like a physical information handling system (Abels, paragraph 7). Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the claimed invention was made that Ferris with that of Abels in order to reduced energy and hardware costs, as well as increasing the flexibility they have in the deployment of their mission-critical applications.

Conclusion
Any inquiry concerning this communication from the examiner should be directed to Thanh Le whose telephone number is 571-272-8556. The examiner can normally be reached on Monday-Friday 8:00a.m to 5p.m. EST
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor Nickerson Jeffrey L can be reached on (469) 295-9235.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either obtained from either Private PAIR or Public PAIR. Status information for 
/THANH H LE/Examiner, Art Unit 2432                                                                                                                                                                                                        
/FATOUMATA TRAORE/Primary Examiner, Art Unit 2436