DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.
Information Disclosure Statement
The references listed in the Information Disclosure Statement, filed on 12/29/2020, 03/31/2021, 07/01/2021, 09/28/2021, 12/08/2021, have been considered by the examiner (see attached PTO-1449 form or PTO/SB/08A and 08B forms).
Claim Objections
Claim 1 is objected to because of the following informalities:  
Regarding claim 1, there is insufficient antecedent basis for the claimed limitation “the method” in line 3.
Appropriate correction is required.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Sundararajan et al. (PG Pub US 2021/0112034 A1) in view of Markuze et al. (PG Pub US 2019/0268421 A1).
Regarding claim 1, Sundararajan discloses for a software-defined wide area network (SD-WAN) connecting first and second sites (“a Software-Defined WAN (SD-WAN)” [0019]), with the first site comprising an edge node and the second site comprising a plurality of forwarding hub nodes (“WAN edge routers 132, which may sit at the network edge between the sites 140 and a transport network, such as the Internet 152, the MPLS network 154, the LTE network 156, and so forth” [0062], “logical transport tunnel endpoints or Transport Locations (TLOCs) 202” [0047]), the method comprising: 
at the edge node of the first site, using the flow attribute to identify a hub-selection rule from a plurality of hub selection rules, each hub-selection rule identifying at least one forwarding hub node at the second site for receiving one or more flows from the first site (“When selecting routes, the WAN fabric controller 122 and the WAN edge routers 132 can take the origin type and subtype into consideration” [0054], “OMP can use administrative distance as the measure to select the best path when there are two or more different routes to the same destination from multiple routing protocols. When OMP selects a particular route to a destination, it can prefer the one with the lower or lowest administrative distance value” [0055], [0056]), the plurality of hub-selection rules 
using the identified hub-selection rule to identify a forwarding hub node for the particular flow (“When selecting routes, the WAN fabric controller 122 and the WAN edge routers 132 can take the origin type and subtype into consideration” [0054], “OMP can use administrative distance as the measure to select the best path when there are two or more different routes to the same destination from multiple routing protocols. When OMP selects a particular route to a destination, it can prefer the one with the lower or lowest administrative distance value” [0055], [0056]).
However, although Sundararajan implies receiving a flow packet and sending the flow packet to the identified node, Sundararajan does not explicitly disclose receiving a 
Nevertheless, Markuze discloses “the firewall enforcing engine 210 (e.g., firewall service VM) of an MFN receives firewall rules form the VNP central controllers 160. A firewall rule in some embodiments includes a rule identifier and an action. The rule identifier in some embodiments includes one or more match values that are to be compared to data message attributes, such as layer 2 attributes (e.g., MAC addresses), layer 3 attributes (e.g., five tuple identifiers, etc.), tenant ID, location ID (e.g., office location ID, datacenter ID, remote user ID, etc.), in order to determine whether the firewall rule matches a data message” [0253], “After identifying these routes, the controller cluster supplies (at 2435) forwarding records for one or more routes to the particular MMCN edge node and the MFNs. For instance, in some embodiments, the controller cluster provides forwarding records (e.g., routing records that specify the next hop, routing records that specify the virtual network egress node, etc.) to particular MMCN edge node and to the MFN CFEs. By using these forwarding records to perform their routing operations, the particular MMCN edge node and MFN CFEs implement the optimal and failover routes defined (at 2430) by the controller cluster. In some embodiments, the controller cluster supplies new routing records to the particular MMCN edge node and the MFN CFEs whenever it identifies new optimal or failover routes” [0323], [0342].
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to receive a packet of a particular flow comprising a flow attribute and send the packet from the edge node at the first site 
Regarding claim 2, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses a tuple identifier of the packet (“6-tuple match (e.g., source and destination IP addresses and ports, Differentiated Services Code Point (DSCP) fields, and protocol)” [0069]). However, Sundararajan does not explicitly disclose the flow attribute comprises a five tuple identifier of the packet.
Nevertheless, Markuze discloses “five tuple identifiers” [0253].
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have the flow attribute comprises a five tuple identifier of the packet because of design choice.
Regarding claim 3, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses the flow attribute comprises attributes other than layers 2-4 header values (“attributes, such as a TLOC 202, origin, originator, preference, service, site identifier, tag, and VPN, among others” [0050]).

Regarding claim 5, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses the L7 attribute identifies a traffic type of the particular flow (“the network controllers can receive one or more network policies to perform WAN optimization services on certain types of traffic” [0020], “The network environment 800 may deploy one or more policies that the optimized traffic should be routed through one or more network security appliances 252 (e.g., firewalls, IDPs, etc.). Thus, the network can provision the firewalls 252A-D in the sites 140A-D, respectively, and route the optimized traffic through the firewalls” [0135]).
Regarding claim 6, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses each hub-selection rule in the plurality of hub-selection rules specifies a different set of forwarding hub nodes for receiving flows of a particular flow category (“If the TLOC preference values are equal, OMP can compare the origin type, and select the first match among connected, static, 
Regarding claim 7, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses each hub-selection rule in the plurality of hub-selection rules comprises match criteria defined in terms of flow attributes (“To route traffic through the network appliance 252, a control policy (e.g., including match criteria based on a destination prefix or its attributes) or a data policy (e.g., including the source address, source port, DSCP value, destination port of the packet or traffic flow, etc.) can be provisioned” [0075]).
Regarding claim 8, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses using the flow attribute to identify a hub-selection rule comprises comparing the flow attribute to match criteria of the plurality of hub selection rules to identify a matching hub-selection rule  (“To route traffic through the network appliance 252, a control policy (e.g., including match criteria based on a destination prefix or its attributes) or a data policy (e.g., including the source address, source port, DSCP value, destination port of the packet or traffic flow, etc.) can be provisioned” [0075]).
Regarding claim 9, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses at least two hub-selection rules 
Regarding claim 10, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses each forwarding hub node in the plurality of forwarding hub nodes is associated with a different network address, wherein sending the packet from the edge node at the first site to the identified hub at the second site comprises sending the packet from the edge node at the first site to a network address associated with the identified hub at the second site (“This information can include the service-side or LAN-side prefixes and routes that the WAN edge router has learned from local static and dynamic routing (e.g., BGP, OSPF, etc.), the router's transport address or TLOC, and the network addresses or other identifiers of physical or virtual network appliances located on the router's service-side or LAN-side network, including firewalls, load balancers, IDPs, NATs, ADCs, WAN optimizers, and other network devices that can transform, inspect, filter, or otherwise manipulate traffic” [0096], [0050].

Regarding claim 12, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses the plurality of forwarding hub nodes also provide access to resources of the datacenter (‘OMP routes can represent physical or virtual network appliances in a data center, network appliances at a branch office, or collections of physical or virtual hosts and other endpoints in the sites 140 of the overlay network” [0049]).

Regarding claim 14, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses the plurality of hub selection rules are received from a controller of the SD-WAN (“When authenticated and registered by the WAN fabric controller 122, the WAN edge routers 132 can automatically collect routes from directly connected networks, as well as static routes and routes learned from Interior Gateway Protocol (IGP), BGP, and other conventional routing protocols” [0049]).
Regarding claim 15, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses receiving an updated set of hub selection rules from the controller, wherein the updated set of hub selection rules comprise at least one hub selection rule identifying at least one additional forwarding hub node for receiving a particular category of flows from the first site (“the routers can then receive updated, current network information from the controller. When the WAN fabric controller 122 and the WAN edge routers 132 enable graceful restart, the devices can cache the OMP information learned from each other as OMP peers. This information can include OMP routes, TLOC routes, service routes, IPSec Security Association (SA) parameters, and centralized data policies, among others. When one of the OMP peers is no longer available, the other peer can use the cached information to continue operating in the network environment 200. For example, when the WAN edge 
Regarding claim 16, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses the controller generates the updated set of hub selection rules based on an analysis of network traffic statistics from the plurality of forwarding hub nodes (“The analytics engine 114 can provide visibility into application and network performance based on information collected from the network environment 100 as well as correlated information from other networks” [0036]).
Regarding claim 17, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses the controller analyzes the network traffic statistics to identify groups of forwarding hub nodes that need additional or fewer forwarding hub nodes for receiving flows from the first site (“Forecasting can help plan for the sites 140 that may need additional bandwidth” [0036]).
Regarding claim 18, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses sending the packet to the identified forwarding hub node comprising sending the packet via any one of fiber, cable, 5G, and Digital Subscriber Line (DSL) (“DSL”, “fiber-optic” [0044]).

Regarding claim 20, Sundararajan, Markuze discloses everything claimed as applied above. In addition, Sundararajan discloses at least one hub-selection rule identifies a first forwarding hub node group for first and second different sets of flow, the method further comprising receiving a new hub-selection rule identifying a second forwarding hub node group to which to send the second set of flows (“the WAN fabric controller 122 can regularly receive OMP route advertisements from the WAN edge routers 132 and, after recalculating and updating the routing paths, the controller can advertise new routing information to the routers” [0067]).
Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Sundararajan, Markuze in view of Mayya et al. (PG Pub US 2019/0140890 A1).
Regarding claim 21, Sundararajan, Markuze discloses everything claimed as applied above. However, Sundararajan, Markuze does not explicitly disclose the edge 
Nevertheless, Mayya discloses “Each of the edge devices 312, 314 can establish a tunnel (e.g. tunnels A and B 320, 322) directly with a gateway system. The gateway system can determine that an edge is connected, active and passing traffic. The gateway system can open a tunnel to the second edge. The gateway system can signal to the edge to go to standby on the local LAN 318. If it is detected that the edge loses connectivity, then the gate system can signal to the other edge to become the active edge” [0038].
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have the edge node of the first site is a first edge node of a high-availability pair of edge nodes of the first site, wherein the first edge node is an active edge node of the first site and a second edge node of the high-availability pair of edge nodes is a standby edge node of the first site because “This process can be used to logically prevent the split-brain scenario from occurring. LAN can connect with edge devices 712, 714 via active LAN that responds to ARP” [0046].
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTINE T DUONG whose telephone number is (571)270-1664. The examiner can normally be reached Monday - Friday 8 AM - 6 PM EST with every other Friday off.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yemane Mesfin can be reached on (571)272-3927. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHRISTINE T DUONG/Primary Examiner, Art Unit 2462                                                                                                                                                                                                        02/07/2022