Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
	Claims 1-20 are pending.
Claim Rejections - 35 USC § 103
		The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	Claims 1-3, 5, 7, 9-11, 13, 15 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Viswanathan et al. (US Publication No. 2011/0314542 ) in view of Kodama et al. (US Publication No.2008/0104241).
	As per claim 1, 9 and 17, Viswanathan discloses a method for managing a network topology comprising network devices that provide network data unit transmission services based on respective quarantine states of the network devices and a network manager that manages the quarantine states (figure 1 and paragraph [0022]), comprising: obtaining, by the network manager, a [ signature]  message for a device that participates in the network topology, the [signature] message indicating that the device is operating in an undesired manner (paragraph [0025], at step 204, subscription-and –policy unit 160 (network manager) receives one or more messages from IDS unit 170, the message identifying the mobile terminal (device) as a malicious device); making a determination, by the network manager and based on message [signature], that the device should be in a quarantined state; in response to making the paragraph [0026], at step 206, in response to the received message(s) subscription-and- policy unit 160 changes the subscriber profile associated with mobile terminal 102 to a specific quarantine state); and sending, by the network manager, the quarantine state update to a network device of the network devices,  wherein the quarantine state update does not indicate how a quarantine associated with the device is implemented by the network device (at step 208, subscription-and-policy unit 160 instruct the appropriate entities to apply the changes made at step 206. It is noted that the message is instruction to apply the changes (quarantine state) and does not indicate how a quarantine is implemented).
	While Viswanathan discloses obtaining by the network manager a message indicating that device is operating in undesired manner and determining based on the message to place the device in quarantine state a noted above, Viswanathan does not explicitly disclose the message being or including a signature and determining based on the signature that the device should be in a quarantine state. However, in an analogous art, Kodama discloses the message  including a signature and determining based on the signature that the device should be in a quarantine state (paragraph [0080]-[0081] and [0-085], when the harmful site access terminal identifying portion 106 identifies the terminal device 3, a message KMG requesting quarantine of the terminal device is generated and transmitted, the message KMG includes a data section indicating information of a type, a quarantine target terminal IP address (signature); and paragraph [0105], determining based on KMG message and target terminal IP address to perform quarantine of terminal device 3).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Viswanathan and Kodama, in order to achieve the predictable result of identifying harmful sources to prevent damages spread out by harmful sources to other computers.
 	As per claim 2 and 10  Viswanathan furthermore discloses, wherein the quarantine state update causes the network device to perform a first action set that is specific to the network device and modifies operation of the network device to conform to the quarantined state (paragraph [0031], remediation –management unit 180 treat the mobile terminal by for example repairing or reinstalling corrupted software).
	As per claim 3 and 11, Kodama furthermore discloses sending, by the network manager and in response to the determination, a second quarantine state update to a second device (paragraph [0113],“if it related to the request for quarantine of a terminal device 3 that belongs to other LAN the quarantine request message is transmitted to other router 2), wherein the second quarantine state update does not indicate how the second device implements the quarantined state, wherein the second quarantine state update causes the second device to perform a second action set that is specific to the second device and modifies operation of the second device to conform to the quarantined state (paragraph [0121], then quarantine procession portion starts the quarantine process of the terminal 3 belonging to other LAN. In other word the terminal device 3 belonging to other LAN is isolated. Paragraph [0122], the virus check, the destruction of virus, update of vaccine, update of the operating system performed. It is noted that the quarantine message is instruction to apply the changes (quarantine state) and does not indicate how a quarantine is implemented by second device).
	The motivation to combine Viswanathan and Kodama is similar to the motivation provided in claim 1.
	As per claim 5 and 13, Viswanathan furthermore discloses, wherein after sending the quarantine state update to the network device, the network manager operates as-if that the network device implemented the quarantine state without verifying that the quarantine state is implemented by the network device (paragraph [0026]- [0027], subscription-and-policy  unit updates the subscriber profile associated with mobile terminal  to a quarantine state and  instruct the entities to apply the update of the mobile terminal. It is noted that Viswanathan after updates of the subscriber profile of the  mobile terminal instruct the entities to apply the update and does not recite or require  the subscription-and policy unit verifying that the quarantine state is implemented).
	As per claim 7, and 15, Viswanathan furthermore discloses, wherein the quarantine state update specifies that the network device is operably connected to the device and that the device is transmitting paragraph [0024], IDS unit 170 determines that  mobile terminal is a malicious device by monitoring data packet that are transported between the nodes).
	Claims 4 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Viswanathan et al. (US Publication No. 2011/0314542 ) in view of Kodama et al. (US Publication No.2008/0104241), further in view of Kliger et al.  (US Publication No. 2020/0044911).
	As per claim 4, and 12, Viswanathan in view of Kodama discloses all limitation of claim as applied to claim 3 and 11 above. Viswanathan in view of Kodama does not explicitly disclose but in an analogous art, Kliger discloses, wherein the second action set comprises at least one action not included in the first action set (figure 5 and Paragraph [0041], figure 5 illustrates numerous client remediation process sets corresponding to clients 1-6, remediation process set for client 1 include processes/actions A,C,D,F and G for client 1 and A, D, G and H for client 3,not including process C and F for client 3).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Viswanathan and Kodama with Kliger, in order to provide remediation process specific to different clients and alert types.
	Claims 6, 14, 18 and 19, are rejected under 35 U.S.C. 103 as being unpatentable over Viswanathan et al. (US Publication No. 2011/0314542 ) in view of Kodama et al. (US Publication No.2008/0104241), further in view of Aziz et al. (US Patent No. 8,566,946).
	As per claim 6, 14 and 18, Viswanathan in view of Kodama discloses all limitation of claim as applied to claim 1, 9 and 17above. Viswanathan in view of Kodama does not explicitly disclose but in an analogous art, Aziz discloses, wherein the quarantine state update specifies a point in time at which a quarantine of the device will end (column 3, lines 61-63, “[t]he quarantine continues until the predetermined period of time expires”).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Kodama and Viswanathan with Aziz, in order to quarantine digital devices for a predetermined period of time upon connection to communication network.
	As per claim 19, Viswanathan furthermore discloses, wherein the quarantine state update specifies that the network device is operably connected to the device and that the device is transmitting harmful network data units to the network device (paragraph [0024], IDS unit 170 determines that  mobile terminal is a malicious device by monitoring data packet that are transported between the nodes).
	Claims 8 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Viswanathan et al. (US Publication No. 2011/0314542 ) in view of Kodama et al. (US Publication No.2008/0104241), further in view of Guichard  (US Publication No. 2009/0222907).
	As per claim 8 and 16, Viswanathan in view of Kodama discloses all limitation of claim as applied to claim 7 and 15 above. Viswanathan in view of Kodama does not explicitly disclose but in an analogous art, Guichard discloses, wherein the quarantine state update causes the network device to shut off a port through which the network device receives the harmful network data units (paragraph [0378], “the agent 115 performs a step of processing said resource to determine whether it contains malicious software, the user workstation’s external ports then being closed”).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Kodama and Viswanathan with Guichard, in order to protect computer system from external attacks.
	Claim 20 is  rejected under 35 U.S.C. 103 as being unpatentable over Viswanathan et al. (US Publication No. 2011/0314542 ) in view of Kodama et al. (US Publication No.2008/0104241), in view of Aziz et al. (US Patent No. 8,566,946),  further in view of Guichard  (US Publication No. 2009/0222907).
	As per claim 20, Viswanathan in view of Kodama and Aziz discloses all limitation of claim as applied to claim 19 above. Viswanathan in view of Kodama and Aziz does not explicitly disclose but in an analogous art, Guichard discloses, wherein the quarantine state update causes the network device to shut off a port through which the network device receives the harmful network data units (paragraph [0378], “the agent 115 performs a step of processing said resource to determine whether it contains malicious software, the user workstation’s external ports then being closed”).

	
References Cited, Not Used

	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
	Chen et al. (US Publication No.2011/0185061), discloses a system and method for quarantining IP service devices (ISDs). When an lSD is placed into a quarantined environment, any request from the ISD will be re-directed to a quarantine alert server in a quarantine sub-system. In response to the request, the quarantine alert server may provide the user with information about the quarantine and may redirect, or instruct the user to redirect, the request to a quarantine response server. The quarantine response server may provide additional information that is not in the quarantine video message as to how the user may end the quarantine.
	Bradley et al. US Publication No.2016/0014149, discloses a network security method and system
for use in a communications network, said network comprising a plurality of devices adapted to communicate over the network, at least one device capable of downloading or uploading an application over the network, said system comprises means for data capture on the network by receiving data from a first data source and a second data source; means for analyzing comprising means for correlating data arising from network behavior of at least one device obtained from the first data source and data from a second data source and means for generating a data structure; and based on said analyses of the generated data structure, means for identifying applications on devices which are behaving suspiciously.

Conclusion
	 Any inquiry concerning this communication or earlier communications from the examiner should be directed to Ali Abyaneh whose telephone number is (571) 272-7961. The examiner can normally be reached on Monday-Friday from (8:00-5:00). If attempts to reach the examiner by telephone are 
/ALI S ABYANEH/Primary Examiner, Art Unit 2437