DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This office action is in reply to Applicant’s Response dated 09/16/2021. Claims 1, 10 and 18 are amended. Claims 2 and 11 are canceled. Claims 1, 3-10 and 12-18 remain pending in the application.
	
Response to Arguments
In response the Applicant’s argument (see page 6), with respect to the rejection of claim 18 under 35 U.S.C. 112(b), the rejection of claim 18 under 35 U.S.C. 112(b) has been withdrawn in view of the amendment made to the claim.

In response the Applicant’s argument (see page 6), with respect to the rejection of claims 10-17 under 35 U.S.C.101, the rejection of claims 10-17 under 35 U.S.C.101 has been withdrawn in view of the amendment made to claim 10.

The Applicant argues (see pages 7-8) that Applicant respectfully submits that features of amended independent claims 1 and 10 are missing from the teachings of 
In response to the Applicant’s argument, the rejection of claims 1 and 10 under 35 U.S.C. 102(a)(2) has been withdrawn in view of the amendments made to the claims. However, upon further consideration, a new ground of rejection under 35 U.S.C. 103 as being unpatentable over Kuppannan et al. (U.S. PGPub 2021/0136117) in view of Rickerd et al. (U.S. Patent 10574702) further in view of Lee et al. (U.S. Patent 10348767) is made. The combination of Kuppannan, the new reference (Rickerd) and Lee is now relied upon to teach all the features of claims 1 and 10.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA  35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

Claims 3 and 12 rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.  Claims 3 and 12 depend from canceled claims 2 and 11 respectively and therefore, claims 3 and 12 are improper dependent form.  Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 6, 8-10, 12, 15 and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Kuppannan et al. (U.S. PGPub 2021/0136117) in view of Rickerd et al. (U.S. Patent 10574702) further in view of Lee et al. (U.S. Patent 10348767).

Regarding claims 1 and 10, Kuppannan teaches A method for determining and modifying a security configuration of a networking device, the method comprising: mapping, by the at least one processor, device information of the networking device to a 
wherein the respective security policy includes criteria for securing the networking device; (Kuppannan, see figs. 1 and 4A-4D; see paragraph 0017 where  change in the IP address of a host machine results in an event-based change in the security policy, and accordingly triggers a recomputation of the security policy to include the changed IP address…, which indicates that the security policy is mapped to the IP address and criteria is the change in the IP address and to include the changed IP address)
determining, by the at least one processor, that the respective security policy is not implemented on the networking device; and (Kuppannan, see figs. 1 and 4A-4D; see paragraph 0017 where  change in the IP address of a host machine results in an event-based change in the security policy, and accordingly triggers a recomputation of the security policy to include the changed IP address…, which indicates that the security policy that includes the changed IP address is not implement and thus, recomputation (modification) is performed)

automatically modifying, by the at least one processor, the security configuration of the networking device prior to the networking device being placed into production, to implement the respective security policy on the networking device.
Rickerd teaches recognizing, by at least one processor configured by executing code, that a networking device has been commissioned on the network prior to being placed into production, (Rickerd, see figs. 2, 6 and 8; see abstract where assesses (recognizes) a security configuration proposed (prior to) for production on a target computer system (networking device). The system may receive the security configuration proposed for production; see col. 2, lines 20-65 where evaluating the proposed configuration in view of the hardware and/or software configuration of the target computer system. As a result of applying the set of assessments to the proposed configuration, status information may be generated indicating the security and/or operability of the proposed configuration...authorization service may provide an authorization recommendation to the production environment regarding whether the proposed configuration should be authorized for production on the target computer system...)
automatically modifying, by the at least one processor, the security configuration of the networking device prior to the networking device being placed into production, to implement the respective security policy on the networking device. (Rickerd, see figs. 2, 6 and 8; see the system may receive the security configuration proposed for production; 
It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Kuppannan and Rickerd to provide the technique of recognizing, by at least one processor configured by executing code, that a networking device has been commissioned on the network prior to being placed into production and automatically modifying, by the at least one processor, the security configuration of the networking device prior to the networking device being placed into production, to implement the respective security policy on the networking device of Rickerd in the system of Kuppannan in order to reduce the adverse effect on the ability of some users to connect to a service and to reduce slowdowns or outages (Rickerd, see col. 1, lines 7-20).

Lee teaches wherein the networking device is arranged to connect two networks and to forward data packets from one of the two networks to the other of the two networks; (Lee, see figs. 7 and 8; see col. 13, lines 51-65 where the virtual network switch between the domains provides an outbound traffic destination for end points in the first network domain, and an outbound traffic destination for end points in the second domain.; see col. 14, lines 13-20 where initiate a first connection outbound to a virtual network switch between the first and second network domains)
It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Kuppannan-Rickerd and Lee to provide the technique of the networking device is arranged to connect two networks and to forward data packets from one of the two networks to the other of the two networks of Lee in the system of Kuppannan-Rickerd in order to provide better computing security to protect against attacks and reduce network vulnerability (Lee, see col. 1, lines 53-61).

Regarding claims 3 and 12, Kuppannan-Rickerd-Lee teaches wherein the networking device is further arranged to optimize bandwidth among a plurality of connected computing devices. (Lee, see col. 5, lines 19-36 where Switches offers more dedicated bandwidth to users or groups of servers. A switch can forward a data packet only to the appropriate port for the intended recipient, based on information in each packet header. To insulate the transmission from the other ports, the switch establishes 
The motivation regarding to the obviousness to claims 1 and 10 is also applied to claims 3 and 12.

Regarding claims 6 and 15, Kuppannan-Rickerd-Lee teaches wherein recognizing that the networking device has been commissioned on a network comprises: monitoring, by at least one processor, network asset inventories. (Kuppannan, see fig. 1; see paragraph 0017 where when an administrator adds (commissions) a resource (networking device) to a group, the resource has a security policy that allows traffic to and from resources in the group...; see paragraph 0015 where security policy is, for example, a host-based firewall policy implemented at each of multiple resources, for example, endpoint devices; see paragraph 0016 where policy tracing engine monitors 101 events occurring at a corresponding resource...software agent captures any event that occurs at the resource, for example, a change in the IP address of the resource, an addition of a new interface to the resource, an installation of a new patch on the resource, a new login to the resource, etc...)

Regarding claims 8 and 17, Kuppannan-Rickerd-Lee teaches further comprising: mapping, by the at least one processor, the device information to a different security policy, wherein the different security policy includes different criteria for securing the networking device, (Kuppannan, see figs. 1 and 4A-4D; see paragraph 0015 where configuration of a new security policy, modification of a previously deployed security 
determining, by the at least one processor, that the different security policy is not implemented on the networking device; and (Kuppannan, see figs. 1 and 4A-4D; see paragraph 0017 where  change in the IP address of a host machine results in an event-based change in the security policy, and accordingly triggers a recomputation of the security policy to include the changed IP address…, which indicates that the security policy (new or different policy) that includes the changed IP address is not implement and thus, recomputation (modification) is performed)
reporting or modifying, by the at least one processor, the security configuration of the networking device to implement the different security policy on the networking device. (Kuppannan, see figs. 1 and 4A-4D; see paragraph 0017 where change in the IP address of a host machine results in an event-based change in the security policy, and accordingly triggers a recomputation of the security policy to include the changed IP address…, which indicates that the security policy (new or different policy) that includes the changed IP address is not implement and thus, recomputation (modification) is performed)
	
Regarding claim 9, Kuppannan-Rickerd-Lee teaches wherein the received device information is encapsulated in a format that is interpretable by the at least one 
The motivation regarding to the obviousness to claim 1 is also applied to claim 9.

Regarding claim 18, Kuppannan-Rickerd-Lee teaches wherein the received device information is encapsulated in a format that is interpretable by the computing device, prior to being received. (Lee, see col. 35, lines 35-55 where The sending of data over the network includes a data encapsulation process at the source and a data decapsulation process at the destination; see col. 50, lines 5-15 where when a data packet associated with a virtual IP address is to be physically routed, the data packet can be passed in a downward direction through the network stack and be wrapped or encapsulated with a physical IP address)
The motivation regarding to the obviousness to claim 10 is also applied to claim 18.

Claims 4-5 and 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Kuppannan-Rickerd-Lee in view of Wang et al. (U.S. Patent 9,705,736).

Regarding claims 4 and 13, Kuppannan-Rickerd-Lee teaches wherein recognizing that the networking device has been commissioned on a network comprises: receiving, by at least one processor, the device information of the networking device, (Kuppannan, see figs. 1 and 4A-4D; see paragraph 0017 where  change in the IP address of a host machine results in an event-based change in the security policy, and accordingly triggers a recomputation of the security policy to include the changed IP address…, which indicates that the security policy is mapped to the IP address; see paragraph 0019 where configures a security policy to allow a transmission control protocol (TCP)-22 from a resource such as Machine-A having an IP address "IP-A" to another resource such as Machine-B having an IP address "IP-B")
However, Kuppannan-Rickerd-Lee does not explicitly teach wherein the device information includes an IP address, a device type, and a device model of the networking device. 
Wang teaches wherein the device information includes an IP address, a device type, and a device model of the networking device. (Wang, see fig. 11A and 11B; see col. 31, lines 20-63 where device request message includes at least a device type and a network address; see claim 9 where sends a network address, a device type, a unique device identifier (device model), a display 40 type, a current geographic location and a first set of electronic information including power level information including power levels of receive and transmit signals of the one or more mobile location-aware network devices)
It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Kuppannan-Rickerd-Lee and Wang to provide the 

Regarding claims 5 and 14, Kuppannan-Rickerd-Lee-Wan further teaches wherein receiving the device information of the networking device is in response to a request, transmitted from the at least one processor to at least one computing device, for the device information of the networking device. (Wang, see fig. 11A and 11B; see col. 31, lines 20-63 where device request message includes at least a device type and a network address; see claim 9 where sends a network address, a device type, a unique device identifier (device model), a display 40 type, a current geographic location and a first set of electronic information including power level information including power levels of receive and transmit signals of the one or more mobile location-aware network devices)
The motivation regarding to the obviousness to claims 4 and 13 is also applied to claims 5 and 14.

Claims 7 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Kuppannan-Rickerd-Lee in view of Liu (U.S. PGPub 2019/0158282).

Regarding claims 7 and 16, Kuppannan-Rickerd-Lee teaches all the features of claims 1 and 10. However, Kuppannan-Rickerd-Lee does not explicitly teach further 
Liu teaches further comprising: transmitting, by the at least one processor, a message to at least one computing device that the networking device is ready to be placed into production after the security configuration of the networking device has been modified. (Liu, see paragraph 0069 where a message, for example, RRCConnectionReconfigurationComplete message, back to the S5G-NB...The RCConnectionReconfigurationComplete message may also indicate that the UE has completed the configuration with the new security key. In some embodiments, in this message, e.g., RRCConnectionReconfigurationComplete message, there is also an indication for indicating when the UE will start to use the new security key. In some embodiments, the indication may be a sequence number (SN) for protocol data unit. That is, the SN may indicate the protocol data unit of subsequent protocol data units transmitted to the S5G-NB which will start to apply the new security key in UL, i.e., the encryption of subsequent protocol data units with the new security key by the UE will start with certain protocol data unit of UL that is specified by the indication)
It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Kuppannan-Rickerd-Lee and Liu to provide the technique of transmitting, by the at least one processor, a message to at least one computing device that the networking device is ready to be placed into production after the security configuration of the networking device has been modified of Liu in the .

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG VANG whose telephone number is (571)270-7023. The examiner can normally be reached Monday - Friday 8:30 AM - 4:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MENG VANG/Primary Examiner, Art Unit 2457