DETAILED ACTION
1.	This final Office action is in response to the applicant’s 11/09/2021 amendment and Remarks. In the amendment, 1-4, 7-13, 18, 20, 24, 27, and 28 have been amended. Therefore, original claims 1-28 are currently pending.

Reissue Applications
2.	For reissue applications, filed before September 16, 2012, all references to 35 U.S.C. 251 and 37 CFR 1.172, 1.175, and 3.73 are to the law and rules in effect on September 15, 2012. Where specifically designated, these are “pre-AIA ” provisions.
For reissue applications filed on or after September 16, 2012, all references to 35 U.S.C. 251 and 37 CFR 1.172, 1.175, and 3.73 are to the current provisions.
3.	Applicant is reminded of the continuing obligation under 37 CFR 1.178(b), to timely apprise the Office of any prior or concurrent proceeding in which Patent 9,935,958 is or was involved. These proceedings would include interferences, reissues, reexaminations, and litigation.
Applicant is further reminded of the continuing obligation under 37 CFR 1.56, to timely apprise the Office of any information, which is material to patentability of the claims under consideration in this reissue application.
These obligations rest with each individual associated with the filing and prosecution of this application for reissue. See also MPEP §§ 1404, 1442.01 and 1442.04.


Response to Arguments
Objection to the Reissue Oath/Declaration 
4.	In response to the reissue declaration being defective in the last Office action, Applicant submitted a supplemental declaration on 11/09/2021 (Remarks at 16). However as will be discussed in the rejection of claims infra in this Office action, Applicant has not properly provided any reasoning as how the identified error renders the original patent to be wholly or partly inoperative as required by MPEP. (See MPEP 1414 (II.) (B.) & 37 CFR 1.175) Therefore, the rejection of claims under 35 USC 251 is maintained.  

 Objection to the Specification
5.	In response to the amendment to the reissue specification being defective in the last Office action, Applicant has amended the specification on 11/09/2021 (Remarks at 17). However, for the reasons explained infra in this Office action, amendment to the specification is still defective. 

Objection to the Claims 
6.	In response to the reissue amendment being defective for informalities in the last Office action, Applicant has amended the claims on 11/09/2021 (Remarks at 17). Informalities have been corrected in view of Applicant amending the claims. However, for the reasons explained infra in this Office action, related to the manner of making amendment in reissue application under 37 CFR 1.173, the amendment to the claims are defective. 

Objection to the Drawings
7.	In response to the objection to the drawings in the last Office action, Applicant has submitted a new drawing on 11/09/2021. However, for the reasons explained infra, the drawing submitted is still defective. 

Rejection under 35 U.S.C. § 112 (b)
8.	In response to the rejection of claims under 35 U.S.C. § 112(b) as being indefinite for particularly point out and distinctly claiming the subject matter, due to claim analysis under 35 USC 112 sixth paragraph, not having the corresponding structure for performing the functions recited in the claims. Applicant argues that the Examiner’s conclusion is conclusory and that the Office has not shown that the claim terms “LAN Controller,” “DMZ server,” “first processor,” and “second processor”, invoke 35 U.S.C. § 112(f) or pre-AIA  35 U.S.C. § 112, sixth paragraph. (Remarks at 19) Applicant’s reasoning is that, the Office must show that each element of the three prongs analysis. (Remarks at 19) However, in the last Office action the Examiner specifically provided explanation and analysis as to why the specification of the ‘958 patent does not have adequate support for the structure and or algorithm of the functions in the claims. See for example page 7 through page 13, almost 7 pages of the analysis for each claim limitation that recite a ‘placeholder’ instead of the term ‘means’. 
Applicant merely argues that the Offices conclusory statement is insufficient.” Applicant argues that none of the terms appearing in the list of exhaustive terms to be non-structural generic place holder. Applicant argues that “because the Office has not made these showings, Applicant submits that the Office has not met its burden” (Remarks at 19)
But Applicant has not provided any reasoning as to why the Examiner’s analysis is insufficient, considering 7 pages of detail explanation as to why each of the terms “LAN not responsive to the Examiner’s analysis presented in the non-final Office action. As to the argument that none of the terms appearing in the list of exhaustive terms, it is noted that the Examiner has specifically stated that the “structure and/or the algorithm” for performing the functions are not disclosed in the specification. Meaning that if the LAN controller is to be treated as a ‘processor’ or ‘a computer’ that perform some functions, the structure and/or algorithm or flow chart (or step procedure) is not described in the specification as required by the MPEP. Applicant has not pointed to any portion of the specification showing any structure and/or algorithm in the form of flow chart or step procedure that perform he functions recited in the clams. This issue (computer implemented function, such as ‘LAN controller’ or ‘DMZ server’ in here) is squarely addressed by the Examiner at page 12 of the last Office action and here in this paper under claim construction analysis.  
   	Applicant argues that, even if the claimed elements “LAN controller,” “DMZ server,” “first processor,” “second processor,” and “service” invoke 35 U.S.C. 112(f) (which Applicant
does not concede), Applicant submits that, at least Specification col. 1, ll. 21-25, col. 2,
ll. 16-32, 36-42, and Figure 1 of this Application provide sufficient description to support
the claimed subject matter. Applicant further argues that one skilled in the art would
have no difficulty understanding the elements of “LAN controller,” “DMZ server,” “first
processor,” “second processor,” and “service” as they are disclosed in the specification,


  	The Examiner disagrees. The question is not whether a conventional ‘LAN Server’, ‘LAN Controller’ or a ‘DMZ Server’ or ‘Processor’ (first or second) or even any ‘generic computer’ with a CPU and memory1, explicitly or inherently, has structural meaning for a person of ordinary skill in the art to perform any function, rather the question is whether any available off the shelf conventional ‘LAN controller’ (‘server’, or ‘processor’) without providing an explanation of the appropriate program - algorithm (that the related programs are based upon-  would be an adequate disclosure of the corresponding structure to perform the specific claimed function satisfy the requirement of 35 USC 112(b) or pre-AIA  35 USC 112, second paragraph. Aristocrat, 521 F.3d at 1334, 86 USPQ2d at 1239; Finisar, 523 F.3d at 1340, 86 USPQ2d at 1623. As set forth in the previous Office action, if any conventional ‘LAN controller’, a conventional ‘DMZ server’, or a conventional ‘processor’ is capable of performing the claimed function, then this would entail that the function is well known in the art, since any ‘LAN controller’, a conventional ‘DMZ server’, or a conventional ‘processor’ can perform the claimed function. 
It is noted that, the specification is devoid of any explanation of the appropriate structure and/or algorithm, flow chart or step/procedure (that is related to the programs), that would have been adequately described to satisfy the requirement of 35 USC 112(b) or pre-AIA  35 USC 112, ‘LAN controller’ a conventional ‘DMZ server’, or a conventional ‘processor’, to perform the recited functions in the claims are not sufficient to be considered as the algorithm or flow chart to perform those functions as required by the MPEP (Id.). As set forth above, if any general-purpose ‘LAN controller’ a conventional ‘DMZ server’, or a conventional ‘processor’ is capable of performing the claimed functions, then this would entail that the functions are well known in the art, since any conventional ‘LAN controller’ a conventional ‘DMZ server’, or a conventional ‘processor’, can perform the claimed functions.  
	Applicant, with respect to the indefiniteness rejections other than the ones that are related to the claim interpretation analysis, has not provided any detail as to how any of the amendments to the claims addresses the rejections detailed in the non-final Office action. For the reasons provided infra in this final Office action, the amended claims are rejection under 35 USC 112 (b) as being indefinite.  

Claim Rejection under 35 U.S.C. § 112 First Paragraph and 35 § U.S.C.  251(New Matter)
9.	In the last Office action, claims 1-28 were rejected under 35 U.S.C. § 112 first paragraph for failing to comply with the written description requirement, because it was determined that several claimed elements such as ‘LAN controller,’ ‘DMZ server,’ ‘first processor,’ ‘second processor,’ and ‘service’ invoke 35 U.S.C. 112(f), and it was determined that the specification does not have adequate written description support for the structure and/or algorithm, or flow chart (step/procedure) for performing the functions in the claims. Applicant does not present any argument as to those rejections and simply relying on his prior argument with respect to the above in response to the Applicant’s indefiniteness argument, incorporated herein by reference, Applicant’s arguments are not persuasive. 
	As to the rejection of claims for lack of written description support for claim limitation ‘TCP/IP level’ in the non-final Office action at 22, Applicant points to specification at 2:58-59 and argues that the Specification makes clear that communications, such as the “client request,” may use “any... TCP/IP based protocols” and that a service may be “any... TCP/IP based service.” Arguing that the specification also discusses generating TCP/IP connections. (Remarks at 21-22) 
	It appears that Applicant is arguing that if a system uses TCP/IP protocol for communication, then all services, such as “storing” (see, e.g., ‘storing’ in claim 1), “check for existence of request”, and “receiving and routing by the DMZ server” (recited in claims) must be happening at TCP/IP level. In other words, if a single prior art or combination of prior arts, show all the functions in claim 1, and uses TCP/IP protocol for communication, then all those functions are necessarily at TCP/IP level. In the event that Applicant concurs with the Examiner’s interpretation in his next response, the rejection of claims under 35 USC 112 first paragraph will be withdrawn.      
	The Examiner’s interpretation is based on Applicant’s explanation and this interpretation would be applied in rejecting claims and responding to Applicant’s arguments.
With respect to the lack of written description support for “plurality of outbound connection” It appears that Applicant argues that the specification describes a system that enables users to communicate with the LAN, and because the system provides secure connection between servers in the LAN and the clients in the WAN, therefore there are plurality of outbound requests received from a client” (Id.) [Emphasis added] as such there are several requests, but there is just one outbound connection for that user (See claim requires, “a DMZ server configured to receive an established outbound connection”). Claim 5 however requires that the established outbound connection includes a plurality of outbound connections. There is no such written description for one user having plurality of outbound connections, and for that reason the rejection of claims 5 and 6 under 35 USC 112 (a) with respect to this issue is maintained.
With respect to the lack of written description support for a “processor”, applicant points to specification at 2:46-3: 23 argues that the specification describing in part DMZ server, LAN server, and various operations. (Remarks at 22) However, the specification teaches that the system uses server(s) for communication, however, the specification does not teach that the system uses “processor” for that purpose. A server has processor, but a processor may not be a server. A server by definition is a computer or computer program that manage access to centralized resource or service in a network. The specification recite ‘server’ for performing the functions, but does not recite processor at all. For the above reason the rejection of claim 13 under 35 USC 112 (a) with respect to this issue is maintained.
In the previous Office action, the Examiner rejected claims 1-28 under 35 USC 112 first paragraph for lack of written description support for many terms in the claims. Applicant has responded to lack of written description support for (1) ‘structure and/or algorithm’, (2) ‘TCP/IP level’, (3) ‘plurality of outbound connections’, (4) ‘first/second processor’, (5) ‘DMZ service’, 
The Examiner has responded Applicant’s arguments to the point that it has been argued by Applicant in his remarks. The rejection of claims 1-28 under 35 U.S.C. § 112 First Paragraph and 35 § U.S.C. 251 (New Matter) are maintained for the reasons explained in response to Applicants arguments or other reasons provided infra in this Office action.  
  
Impermissible Recapture 
10.	In the first non-final Office action mailed on 08/09/2021, claims 1-28 were rejected under 35 USC 251 as being recapture of the broadened claimed subject matter surrendered in the application for the patent upon which the reissue is based. 
	Applicant in response argues that many of the new claims are related to a “separate
species or embodiment that was not covered by a claim (e.g., a generic claim) at any
point during the prosecution of the original application.” MPEP § 1412.012(Il). For example,
claim 11 recites aspects not covered in prior claims, such as “using, by the DMZ stack
pool service, the first outbound TCP/IP connection to send the TCP/IP connection information to the LAN server via the LAN controller” and “causing, by the LAN server, a handshake between the third TCP/IP connection and the fourth outbound TCP/IP connection.” 
non-responsive or at best unpersuasive. First, the examiner has presented a detail analysis of the recapture for claim 9, but Applicant points and reference claim 11 which is dependent on claim 9. Examiner has specifically presented the 3-prong recapture analysis for claim 9, and determined that the claim is broadened as to the SGL limitation of “wherein said DMZ Stack Pool Service, said LAN Controller, and said DMZ server do not change the data of said requests,” and the limitation related to “the system requires no administrative management after initial installation and configuration”. Applicant in response argues that claim 11, has some additional limitations such as “using, by the DMZ stack
pool service, the first outbound TCP/IP connection to send the TCP/IP connection information to the LAN server via the LAN controller” and “causing, by the LAN server, a handshake between the third TCP/IP connection and the fourth TCP/IP connection.”. (Remarks at 23-24) But it is irrelevant. The independent claims 7, 9, 13, and 20 does not require handshaking or other argued limitations. Those claims do not recite any of the limitations Applicant is arguing. 
	Applicant points to MPEP 1412.01(II.) argues that many of the new claims are related to a “[s]eparate species or embodiment that was not covered by a claim (e.g., a generic claim) at any point during the prosecution of the original application.” (Id., Remarks at 23) However, MPEP 1412.01 (II.) specifically states, “[F]or example, if all the claims were drawn to species A in the original application, reissue claims drawn to species B are considered claims to overlooked aspects, assuming that there was not a generic claim that covered both species A and B in the original application.” [Emphasis added] In the present situation, claims 1 and 3 covers both species. Applicant has not shown or provided any reasoning or pointing to a portion of the specification as to why any of the new claims are directed to a different embodiment. The word 
“Second, even if any of the claims are not separate embodiments or species (which Applicant does not concede), many of the broadened aspects cited by the Office no longer exist in the amended claims. See, e.g., Office Action at 41, 42. For example, in claim 1, “a DMZ server configured to receive an outbound connection from a LAN server of said LAN, and to route said established outbound connection to said requests” has now been amended to recite “a DMZ server configured to receive an established outbound connection from a LAN server of the LAN, and to route client request data to the client,” language nearly identical to that of the issued patent. See, e.g., U.S. Patent No. 9,935,958, col. 4, Il. 1-3.” 

	Examiner however agrees with Applicant that claim 1 does not recapture the surrendered subject matter, but not because of the reasoning provided by Applicant, rather because, the original claim was reciting “a DMZ server configured to receive said from a LAN server of said LAN, and to route said established outbound connection to said requests [to said client], wherein receiving and routing by said DMZ server occurs at the TCP/IP level;” which was not correct, because the “request” (request received from a client) was being routed from the LAN Server to said client. (see also the error in the new declaration) At least now, the claim requires “client request data” (which seems to be the data that is requested by client) is routed to the client. In other words, previously, the request for data was being received by the LAN, and later the same request was being rerouted to the client again. However, now as amended, after the DMZ receive an establishing outbound connection from a LAN, the “client request data” (data requested by client), is routed to the client. Since the limitation is brought back into the claim, claims 1-3 are not rejected under 35 USC 251 as being recapture of the broadened claimed subject matter surrendered in the application.   
	Applicant presenting similar argument arguing that claim 1, that the “amended claim 1
recites “a DMZ server configured to. . . route client request data” and issued claim 1

This argument is unpersuasive. First as stated above, the examiner agrees that the amended claim 1 and 3, was sending the “client request” to client again after the outbound connection was being established. (Id. original claim 1) which was not making sense, because according to the specification after the outbound connection is being established, the “client request data” is being routed to the client, and not “client request” is being routed to the client again. (Id.,3:4-9) 
	Applicant has not even noticed that the recapture analysis provided is not just for claim 1, rather the recapture analysis is provided for new claims 7, 9, 13, and 20, and Applicant has not provided any argument or articulated reasoning as to why the new claims that have same scope, as to the original claims 1 and 3 have different embodiment3. 
	As set forth infra, all claims are rejected under 35 USC 112 first and second paragraph. The examiner will reevaluate the issue of impermissible recapture, once the Applicant overcome the rejection of claims under 35 USC 112 first and second paragraph for other reasons that invoking 35 USC 112 (f). 

Double Patenting Rejection
11.	In response to the rejection of claims under non-statutory double patenting rejection, Applicant submits that, the double-patenting rejection is moot in light of the amended claims. Applicant does not provide any reasoning as to why there is no double patenting between claims infra, in this final Office action. As to the statement by Applicant that the non-statutory double patenting is appropriate when “the claim under examination is anticipated by the reference claim(s) . . . i.e., the entire scope of the reference claim falls within the scope of the examined claim,” otherwise an obviousness analysis is required, Applicant statement from the MPEP is acknowledged, however, in the present situation claims in the reissue application are broader than claim in the issued ‘606 patent, and in rare instances that claims of the instant application are narrower, the Examiner have provided explanation as to why that narrow limitation is obvious or well known in the art.  

Claim Rejections under 35 USC 103 -Obviousness
12.	Applicant contends that no prima facie case of obviousness has been established. (Remarks at 27) Applicant argues that Holar fails to teach or suggest,   
“a De-Militarized Zone (DMZ) Stack Pool Service located on a device in a De-Militarized Zone, the DMZ Stack Pool Service being configured to store requests received from a client, wherein the requests are stored at a TCP/IP level: 
[and]
a local area network (LAN) Controller located in a LAN, the LAN Controller being configured to check for existence of the requests in the DMZ Stack Pool Service, wherein the checking is performed at the TCP/IP level[.]” 

	As to the first part of Applicant’s, Applicant in specific argues that, Holar does not mention DMZ Stack Pool Protocol Service whatsoever. However, Applicant does not point to any portion of the specification to show Stack Pool Service has a specific meaning in the 
“The DMZ Server (21) stores the Client Request in the DMZ Stack Pool Service (22).” (Id., 2:47-49)
“One of the innovative aspects of the System is that the LAN Controller (32) constantly, and/or on a predefined set of time basis, checks for Client Requests stored in the DMZ Stack Pool Service (22)”

(Id., at 2:51-54)
“The DMZ Server (21) then creates a Connection Binder in the DMZ Server between the incoming Client 10 Request (that is stored in the DMZ Stack Pool Service (22))”

(Id., at 2:65-3:1)
“The LAN Controller (32) permanently or periodically queries the DMZ Stack Pool Service (22) for incoming Client Requests.”

(Id., at 3:14-16)
	As such the Stack Pool Service is nothing but a storage space or memory. Maybe it sounds different, but after all, it is a memory in the DMZ that can store Client’s request.
	Based on this definition, the DMZ in Holar, can store the messages in the storage system of the DMZ. (Id., at [0007]) Applicant argues that this is not a Stack Pool Service (memory) because, the information is stored temporarily. But the reason that the message is stored temporarily is that, the computational resources located in the DMZ may be limited. (Id., at [0007]) If it is not to be limited, one can store the information permanently, even though such requirement is not in the claims. Even amend the claim to recite “permanently stored in the Stack Pool Memory,” that would be waste of resources, because having available memory at all times, makes the system less efficient. 

	As set forth in response to Applicant’s argument with respect to the rejection of claims under 35 USC 112(b) (Remarks at 20), in the absence of an adequate explanation of the appropriate program - algorithm (that the related programs are based upon- that corresponding the structure for  performing the specific claimed functions, that satisfy the requirement of 35 USC 112(b) or pre-AIA  35 USC 112, second paragraph and first paragraph, and the conclusory Applicant’s response that one skill in the art will understand what structure will perform the cited functions (instead of showing the algorithm or flow chart that perform the functions), the examiner consider any general purpose Server such as the Internal Server 104 to be capable of performing the function of the LAN Controller in the claims, knowing that Server might be a single processor server or double processor server. One processor performing the function of LAN Server and the second one processor performing the function of the LAN controller. Additionally, in the rejection of claims   
	Applicant argues,     
“The Office has not provided a copy of TCP/IP Networking nor has the Office
provided a citation sufficient to allow Applicant to locate this alleged non-patent
literature reference. See MPEP § 707.05(a) (“To assist in providing copies of, or access
to, references, the examiner should: (A) Type the citation of the references on form
PTO-892, ‘Notice of References Cited’ using OACS; (B) Place the form PTO-892 in the
front of the file wrapper.”). Nevertheless, Applicant notes that TCP/IP Networking was
not applied to the elements Holar is alleged to teach. Accordingly, the Office Action still
has neither properly determined the scope and content of the prior art nor properly…”

	(Remarks at 28, first full paragraph) 

	As to the argument that, “Nevertheless, Applicant notes that TCP/IP Networking was
not applied to the elements Holar is alleged to teach,” the argument is unpersuasive. As noted in the rejection of claims, Holar does not explicitly teach that the embodiment wherein said requests are stored at the TCP/IP level, wherein said checking is performed at the TCP/IP level, and/or wherein receiving and routing by said DMZ server occurs at the TCP/IP level. Nevertheless, TCP/IP Networking: An Example delineates that HTTP web requests invoke TCP/IP requests and that such HTTP requests are transferred over TCP connections.
See the example at page 3 illustrates "to send the [HTTP] request, HTTP client program establishes a TCP connection to the HTTP server. Those of ordinary skill in the art understand that HTTP is implemented on TCP/IP. HTTP requests ordinarily entail TCP/IP requests as the lower level datagram and transmission over which the HTTP formatted data will be generated. So prevalent is this usage, HTTP requests are normally ascribed to be performed over TCP port 80. Pages 4-7 further delineate how a basic HTTP request invokes TCP and IP requests on which to carry the HTTP request.

It is interoperable, i.e., it allows cross-platform communications among heterogeneous networks, (iii) It is an open protocol suite. ...(iv) It is a scalable, client-server architecture. 
	Examiner notes that claims 20-26 does not even mention “LAN Controller” therefore, Applicant’s argument does not apply to claims 20-26. 
	Applicant argues that claim 13 includes limitation that claim 1 does not, and the Office has failed to consider. For example, claim 13 recites “s first processor being programmed to create at least one Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP connection to a second processor of a server external to the LAN through an outbound port,” “a firewall protect[ing] the LAN server from unauthorized inbound connections,” and “the first processor enables client to access the resources via the second processor at the TCP/IP level through
at least one TCP/IP connection.” This rejection is a “mere conclusory statement.” (Remarks at 28) However, Examiner notes that claim 13 has the same scope with that of claim 1 except broader than claim 1. Even as argued by Applicant, the LAN server and DMZ server are the ‘first processor’ and the ‘second processor”. As such all functions of LAN server and DMZ server in claim 1 are similar and performed by the first processor and the second processor in claim 13. For example, in claim 1, the DMZ server is receiving an established outbound 
	As to the argument about “a firewall protect[ing] the LAN server from unauthorized inbound connections,” the Examiner notes that, first it is unclear what the inbound connection is meant to be as the claim is rejected under 35 USC 112 first paragraph. Inbound connection is not even mentioned in the specification. If Applicant is arguing about the “firewall” that control the traffic between the DMZ computers and the LAN computers, Holar clearly teaches a firewall between the computers in the DMZ server 112 and the computers in Internal Server 104. (See Fig. Firewall 106 and 108).      
	 Applicant submits the same argument about claim 20, and argues that “Independent claim 20, although different in scope from claim 13, contains similar recitations. However, Applicant’s argument is moot, as Applicant does not provide any explanation as to the similarity or difference in scope between the two claims 13 and 20. 
    	
Amendment to the Reissue Claims Defective
13.	The amendment to the claims filed on November 29, 2021 is defective for failure to comply with 37 CFR 1.173(d), which sets forth the manner of making amendments in reissue applications.
	The MPEP states in part; 
relative to the patent being reissued which are made to the specification, including the claims, upon filing, or by an amendment paper in the reissue application, must include the following markings:
(1) The matter to be omitted by reissue must be enclosed in brackets; and
(2) The matter to be added by reissue must be underlined, …
	[Emphasis added] (MPEP, 1453, and 37 CFR 1.173 (d))
The MPEP also states:
	“[A]mendments made relative to the patent. All amendments must be made relative to the patent specification, including the claims, and drawings, which are in effect as of the date of filing of the reissue application.”
[Emphasis added] (MPEP, 1453, and 37 CFR 1.173 (g))
	First, Amendment to the original claims are improper because, Applicant have used strike through and double bracketing instead of enclosing the omitted matters in single bracket. Double bracketing is used in a second reissue application. (MPEP, 1453 (VI.) (A.). 
	Second amendment to the original claims are improper because the amendment is not relative to the patent specification. See for example, original claim 1, in the first amendment dated 04/02/2020, recite,
“a DMZ server configured to receive [said requests] an established outbound connection from a LAN server of said LAN, and to route said established outbound connection to said requests [to said client], wherein receiving and routing by said DMZ server occurs at the TCP/IP level; wherein said DMZ Stack Pool Service, said LAN Controller, and said DMZ server do not change the data of said requests and the system requires no administrative management after initial installation and configuration.”  

The latest amendment filed on 11/09/2021 recite the same limitation as follows:

“a DMZ server configured to receive an established outbound connection from a
LAN server of the [[said]] LAN, and to route client request data the client the [[said]] DMZ server do not change the data of the [[said]] requests and the system requires no administrative management after initial installation and configuration.” (Id.) [All strike through or double bracketing in original]


Amendment in reissue is not the same as amendment in regular application. As seen from the above example of the two amendments to claim 1, the first amendment is relative to the patent specification, while the second amendment is not relative to the patent specification (claims in the patent). See for example, the ‘[said requests]’ and ‘[to said client]’ are totally eliminated. 
While the above example is not to be exhaustive of such issues, Applicant is requested, in his next response to check his amendment and present the amendment ‘word- for-word’ relative to the patent specification. As required by MPEP, all changes in the reissue are made vis-à-vis the original patent. (MPEP 1453 (V.) (D.)) 

Third, the Amendment to the new claims are also improper because, Applicant did not underline the entire text of the new claims. (See, the MPEP 1453 (V.) (D.)) Additionally, the MPEP states in part, “[A]lthough 37 CFR 1.173(b)(2) does not require using the status identifier "new", its use is recommended so that examiners can easily identify the presentation of new claim(s).” Applicant is recommended to identify the new claims as “new”. 

	As to the future amendment of the new claims, if the new claims are amended, “[T]he presentation cannot contain any bracketing or other indication of what was in the previous version of the claim. This is because all changes in the reissue are made vis-à-vis the original patent, and not in comparison to the prior amendment. Although the presentation of the amended 
	While the above examples are not to be exhaustive of such issues, Applicant is requested to review the specification and claims, ‘word-for-word’, and present the amendment relative to the patent specification. (Id.)
Third, as required by the MPEP “[W]henever there is an amendment to the claims pursuant to paragraph (b) of this section, there must also be supplied, on pages separate from the pages containing the changes, the status (i.e., pending or canceled), as of the date of the amendment, of all patent claims and of all added claims, and an explanation of the support in the disclosure of the patent for the changes made to the claims.” (Id., 1453, 37 CFR 1.173 (c)) 
Examiner notes that Applicant as part of the remarks indicates, “Upon entry of the Amendment, claims 1-28 will remain pending, of which claims 1, 3, 7, 9, 13, 20, 27, and 28 are independent.” Applicant also as part of the support for claim changes states, “The amendments are fully supported by, e.g., column 2 and 3 of the Specification.” 
First, Applicant has not provided on pages separate from the pages containing the changes, the status (i.e., pending or canceled), as of the date of the amendment, of all patent claims and of all added claims as required by the MPEP. 
Second, as to the support for claim changes, the statement provided by Applicant is not sufficient because the statement is no better than saying, “the amendments are fully supported by, e.g., see the specification.” For example, Applicant has amended claims to recite “Stack Pool Service located on a device.” Applicant has not provided any explanation as to where the specification shows that the Stack Pool Service is located on a device. 


Amendment to the Reissue Specification is Defective
14.	In the last Office Action, the amendment to the specification was objected to because of the numbers that were not referenced to anything in the disclosure. Applicant amended the specification to remove such numbers. To that extent, the amendment to the specification is correct. However, Applicant at page 2 of the amendment to the specification indicates the following,
	“This application is a reissue application of U.S. Patent No. 9,935,958, issued on
April 3, 2018, which is the National Stage of International Application No. PCT/IL2013/000017 having a filing date of February 13, 2013, which claims foreign priority from Israeli Application No. 218185 having a filing date of February 19, 2012. The disclosures of the above-referenced applications are expressly incorporated herein by reference in their entireties.”  (Id.)

This part of the amendment to the specification is defective because, first, as set forth above with respect to the amendment in reissue application, all amendments to the reissue application must be made relative to the patent specification. [Emphasis added] (MPEP, 1453, and 37 CFR 1.173 (g)) Applicant had not underlined the entire text of the matter to be added in the above statement.  
Second, the MPEP 211.02, states in part:
“[W]hen a benefit claim is submitted after the filing of an application, and the later-filed application as filed did not incorporate the prior-filed application by reference, applicant cannot add an incorporation by reference statement of the prior application. An incorporation by reference statement added after an application’s filing date is not 

	Applicant in the amendment to the specification incorporated by reference the disclosures of all the prior applications in the priority chain. However, as stated in the MPEP, the incorporation by reference statement is not effective because, no new matter can be added to an application after its filing date. [Emphasis added] Accordingly, applicant cannot add an incorporation by reference statement of the prior applications and for that reason the amendment to the specification is defective.
	Third, the Amendment to the claims filed on 3/22/2016 is defective for failure to comply with provisions of 37 CFR 1.173 (d). Applicant have used strike through and double bracketing instead of enclosing the omitted matters in single bracket. Double bracketing is used in a second reissue application. (MPEP, 1453 (VI.) (A.). 

Reissue Declaration is Defective
15.	The reissue oath/declaration filed with this application is defective because it fails to identify at least one error, which is relied upon to support the reissue application. See 37 CFR 1.175 and MPEP § 1414.  
The MPEP states in part, “[I]n identifying the error, it is sufficient that the reissue oath/declaration identify a single word, phrase, or expression in the specification or in an original claim, and how it renders the original patent wholly or partly inoperative or invalid.” (MPEP 1414 (II.) (B.) & 37 CFR 1.175) 
new declaration filed on 11/09/2021, the error statement indicates the following:
“This reissue application seeks broadened claims, including amended independent claims 1 and 3, which are broader than issued claims 1 and 3, respectively, in some aspects. Issued claims 1 and 3 are directed to a system and method, respectively, for reverse access. The system and method, respectively, of issued claims 1 and 3, however, need not recite "routing" (or "route", as the case may be) "said requests to said client." Instead, amended claim 3, recites “routing client request data to the client,” and claim 1 contains a similar recitation. Thus, amended claims 1 and 3 may be considered broader than issued claims 1 and 3, respectively, in this aspect.” (Id.)

The Examiner acknowledges that the error in the claim with reference to a specific claim and a specific language is identified however, Applicant has not provided any reasoning as how the identified error renders the original patent to be wholly or partly inoperative as required by MPEP. 

16.	Claims 1-28 are rejected as being based upon a defective reissue declaration under 35 U.S.C. 251 as set forth above.  See 37 CFR 1.175.
The nature of the defect(s) in the declaration is set forth in the discussion above in this Office action.  

Objection to the Drawings
17.	The drawing is objected to under 37 CFR 1.83(a) because they fail to show the feature of 
claims 5, 6, which requires “plurality of established outbound connections”, but the drawing (Fig. 1) shows “outbound TCP/IP only”. Moreover, claims 9 recite, ‘“first’, ‘second’ and ‘fourth’ outbound TCP/IP connection, claim 11 recite ‘third’ TCP/IP connection, and claim 12 recite ‘fourth’ outbound TCP/IP connection, but the drawing just shows, “outbound TCP/IP only” not show any of the ‘first’, ‘second’, ‘fourth’ TCP/IP outbound connection, and ‘third’ TCP/IP connection as recited in claims 9, 11, and 12.
Applicant has provided a new drawing with a dotted line connecting ‘Client Request Data 50’ in the LAN to ‘Client Request 11’ in the WAN, perhaps to show another outbound connection in the claim. However, there is no such second outbound connection predicted in the specification. The specification states, “Once the Connection Binder, in the DMZ Server, binds the Client Request and the outbound connection (42) arriving from the LAN Server, the Client Request is then streamed through the DMZ Server and the LAN Server over the System, and then the client request data streams from the Service (33) to the Client (11).” (Id., at 3:4-9) Therefore, according to the specification, by using the connection binder in the DMZ and the outbound connection 42, the client request data is streamed from Service 33 to the client 11. There is no other outbound connection (such as the dotted line) described in the specification. As such, the new drawing is in error and is not according to the specification.
Additionally, claims 13-19 recite “first processor”, and “second processor,” the drawing does not show any processor, first, second, or otherwise. The drawing shows LAN Server, DMZ Server only. As discusses in response to the remarks related to 35 USC 112 (b), a server has processor, but is not a processor. A server by definition is a computer or computer program that manage access to centralized resource or service in a network.  
  
Claim Interpretation
18.	The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 


An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification, as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:

(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 

Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 

Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: a ‘LAN controller configured to’ and ‘DMZ server configured to’ in claims 1, 7 and 27, the ‘first processor configured to’ in claims 13 and 18, ‘second processor configured to’ in claims 15, 17 and 19, the ‘server is configured to’ in claims 22, 24 and 26, and the ‘service is configured to’ in claim 25. 
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed functions, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Re: Claims 1, 2, 5 and 7-8
Claims 1, 7 and 27 recites, (1) “the LAN controller being configured to check for existence of the requests in the DMZ Stack Pool Service, wherein the checking is performed at the TCP/IP level; and (2) a DMZ server configured to receive an established outbound connection from a LAN server of the LAN, and to route client request data to the client, wherein the receiving and routing by the DMZ server occurs at the TCP/IP level].”  Claim 7 and 27 recites similar limitations.  
The examiner determines that the above limitations uses a placeholder such as “a local area network (LAN) Controller being configured to …; a DMZ server configured to”.  Therefore, this limitation meets prong A. In addition, each placeholder is followed by some function as recited in the claim. Therefore, the limitation meets prong B. The examiner further determines that in each case, the generic placeholder is not modified by sufficient structure, 
In view of the above analysis, the examiner considers that the above claimed phrases to invoke 112 6th paragraph. In accordance with MPEP § 2181.II, after a claimed phrase has been shown to invoke 35 U.S.C. § 112, sixth paragraph, the next step is to determine the corresponding structure, material, or act as described in the specification. 
As to the “a local area network (LAN) Controller”, that perform the functions in claim 1, the examiner notes that the specification discloses: 
“One of the innovative aspects of the System is that the LAN Controller (32) constantly, and/or on a predefined set of time basis, checks for Client Requests stored in the DMZ Stack Pool Service (22).” (Id., at 2:51-54) 

Later the specification states:

“The LAN Controller (32) permanently or periodically queries the DMZ Stack Pool Service (22) for incoming Client Requests. The DMZ Server (20) will accept all Client Requests and route them to the LAN-Server (31), without changing the data that the Client Requests contains.” (Id., at 3:14-18)

As seen from the above portion, the specification, using language similar to the claim language in describing the functions performed by the “LAN controller” and the DMZ server in claims 1 and 7. However, the specification of the ‘958 patent, while discussing the function related to the LAN controller, does not disclose the corresponding structure and/or algorithm (in the form of flow chart or step/procedure) that perform the claimed functions identified above. 
It is for that reason that independent claims 1, 7 and 27, and dependent claims 2, 5, and 8 are rejected under 35 U.S.C. § 112 second paragraph as being indefinite and under 35 USC 112 first paragraph for failing to comply with written description requirement, as will be discussed further infra. 

Re: Claims 13, 15, 17, 18, 19, 22, 24, 25 and 26
Claim 13 recites, “the first processor is configured to receive via the second processor a request from a client for access to the resources within the LAN at a TCP/IP level; and the first processor enables the client to access the resources via the second processor at the TCP/IP level through the at least one TCP/IP connection.”
The specification with respect to the LAN server states, “Once the Connection Binder, in the DMZ Server, binds the Client Request and 15 the outbound connection (42) arriving from the LAN Server, the Client Request is then streamed through the DMZ Server and the LAN Server over the System, and then the client request data streams from the Service (33) to the Client (11).” (Id., at 3:4-9)
Claim 15 recites, “wherein the second processor is configured to relay communication between the LAN and the WAN.”
Claim 17 recites, “wherein the second processor is configured to receive the request from the client from the WAN.” 
 Claim 18 recites, “wherein the first processor is configured to: determine a response to the request from the client and send the response to the second processor through the at least one TCP/IP connection.” 
Claim 19 recites, “wherein the second processor is configured to route the response provided by the first processor to the client.”
Applying the three-prong analysis, the examiner determines that the above limitations uses a placeholder such as “the first processor is configured to” in claims 13, and claim 18 “the second processor configured to” in claims 15, 17 and 19. These limitations do invoke 35 U.S.C. § 112, sixth paragraph, similar to the DMZ server and LAN controller discussed above, however infra in the rejection of claims under 35 USC 112 first ¶, there is no sufficient written description support for the functions performed by the first/second processors, because claim 13 is directed to “a first processor residing within the LAN programmed to” do functions recited in the claims, and there is insufficient written description support for the detail of the program (algorithm or step/procedure) for performing the functions recited in claims 13, 15, 17, 18 and 19.    

Re: Claims 22, 24, 25 and 26
As to claims method claims 22, 24, 25 and 26 the examiner determines that the above limitations uses a placeholder such as “the server configured to ….  Therefore, this limitation meets prong A. In addition, each placeholder is followed by some function as recited in the claim. Therefore, the limitation meets prong B. The examiner further determines that in each case, the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. Therefore, in each case the limitations meet prong C. 

In view of the above analysis, the examiner considers that the above claimed phrases to invoke 112 6th paragraph. In accordance with MPEP § 2181.II, after a claimed phrase has been shown to invoke 35 U.S.C. § 112, sixth paragraph, the next step is to determine the corresponding structure, material, or act as described in the specification. 
However similar to the analysis of claims 15, 17, 18 and 19, the specification does not adequately describe the structure and/or algorithm (or flow chart and step procedure) associated 
Applicant may argue that the structure of “a server” is well known in that art and a person of ordinary skill in the art would recognize that the claimed invention is programmed in the memory which is processed by the “server” disclosed in the specification. However, MPEP strictly explain that, 
“[F]or a computer-implemented 35 U.S.C. 112(f) claim limitation, the specification must disclose an algorithm for performing the claimed specific computer function, or else the claim is indefinite under 35 U.S.C. 112(b) (b). See Net MoneyIN, Inc. v. Verisign. Inc., 545 F.3d 1359, 1367 (Fed. Cir. 2008). See also In re Aoyama, 656 F.3d 1293, 1297, 99 USPQ2d 1936, 1939 (Fed. Cir. 2011) ("[W]hen the disclosed structure is a computer programmed to carry out an algorithm, ‘the disclosed structure is not the general purpose computer, but rather that special purpose computer programmed to perform the disclosed algorithm.’") (quoting WMS Gaming, Inc. v. Int’l Game Tech., 184 F.3d 1339, 1349, 51 USPQ2d 1385, 1391 (Fed. Cir. 1999)).” (Id., at 2181. (B.))

Indeed, if any general-purpose “server” is capable of performing the claimed function, then this would entail that the function is well known in the art, since any conventional “server”, can perform the claimed function. 
Additionally, for computer-implemented means-plus-function claim limitation invoking 35 U.S.C. 112(f) the Federal Circuit has stated that, “a microprocessor can serve as structure for a computer-implemented function only where the claimed function is ‘coextensive’ with a microprocessor itself." EON Corp. IP Holdings LLC v. AT&T Mobility LLC, 785 F.3d 616, 622, citing In re Katz Interactive Call Processing Patent Litigation, 639 F.3d 1303, 1316 (Fed. Cir. 2011). "‘It is only in the rare circumstances where any general-purpose computer without any special programming can perform the function that an algorithm need not be disclosed.’" EON Corp., 785 F.3d at 621, quoting Ergo Licensing, LLC v. CareFusion 303, Inc., 673 F.3d 1361, 1365 (Fed. Cir. 2012). "‘[S]pecial programming’ includes any functionality that is not Katz court vacated the district court’s decision and remanded for the district court to determine whether disclosure of a microprocessor was sufficient." Id. at 622. Thus, "[a] microprocessor or general-purpose computer lends sufficient structure only to basic functions of a microprocessor. All other computer-implemented functions require disclosure of an algorithm." Id. In the present situation, the functions recited in the claims are special programming that are not ‘coextensive’ with a “server” or a general-purpose computer. 
For all the above reasons, the examiner believes that, claims 1-6, 7-8, 13-19, 22, 24, and 25-27 should be rejected under 112 second and first ¶ as will be discussed infra. 
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f)  or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f)  or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f)  or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
19.	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION. The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

20.	Original claims 1-4 and new claims 5-28, are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
As set forth above with respect to the examiner’s claim interpretation of various limitations under 35 U.S.C. 112 6th paragraph, the examiner determined that the claims recite various phrases such as “LAN controller configured to”, and “DMZ server configured to” (in claims 1, 7 and 27), and “server configured to” (in claims 22, 24, 25 and 26) for performing various claimed functions. 
	As to the structure corresponding to these elements, the specification of the ‘958 patent, although discussing the function related to these elements, does not to disclose the corresponding structure and/or algorithm (or step/procedure) corresponding to these claimed means. [Emphasis added] Claim 13 recites “the first processor programmed to” and then recite functions performed by the processor. A review of the specification provides further details as to the claimed functions however, the examiner cannot ascertain any physical structure and/or algorithm in the form of a flow char or step procedure, which corresponds to these claimed elements. For all the reasons set forth above, the examiner determines that the specification does not clearly discloses the structure and/or algorithm (in the form of step/procedure or flow chart) to perform the corresponding functions in those claims. Therefore, the examiner finds that each of claims 1-4, and new claims 5-28 are indefinite. 
above claimed limitations invoking 112 (f) in accordance with the broadest reasonable interpretation (BRI). As such, for the purpose of applying art the Examiner considering any general-purpose server, and any general-purpose controller to be the structure for performing the functions of the DMZ sever and LAN controller respectively, for performing the functions in the claims. This is because the specification does not disclose an algorithm for performing the claims functions. (See MPEP at, 2181 (II.) (B.), “[I]n cases involving a special purpose computer-implemented means-plus-function limitation, the Federal Circuit has consistently required that the structure be more than simply a general-purpose computer or microprocessor and that the specification must disclose an algorithm for performing the claimed function. See, e.g., Noah Systems Inc. v. Intuit Inc., 675 F.3d 1302, 1312, 102 USPQ2d 1410, 1417 (Fed. Cir. 2012); Aristocrat, 521 F.3d at 1333, 86 USPQ2d at 1239.    

In addition to the above, claims are rejected under 35 USC 112 second paragraph as being indefinite for the following reasons. Claim 1 recite, “the DMZ Stack Pool Service being configured to store requests received from a client,” The examiner interpreting the stack pool service 22 (Fig. 1) to be a storage associated with the DMZ Server. 
Claim 1 is rejected under 35 USC 112 second paragraph because the claim recites, “wherein said requests are stored at the TCP/IP level.” The specification is silent as to the meaning of the “TCP/IP level.” In networking we have TCP/IP protocol, or TCP/IP model, but there is no TCP/IP level. It is unclear what storing at TCP/IP level is to be interpreted.  
Claim 1 is further rejected under 35 USC 112 second paragraph because the claim recite “the checking is performed at the TCP/IP level”. The specification is silent as to the meaning of 
Claim 1 is rejected for the reason that the claim recites “a DMZ server configured to receive an established outbound connection from a LAN server of the LAN.” It is unclear whether the “LAN” has “[a] server” or “[multiple] server.” The specification refers to “LAN Server: Server running in the LAN (31).” Does not say that LAN has multiple servers4.
Claim 1 is rejected because the claim refers to “TCP/IP” level, while there is no definition for this term in the specification. Therefore, it is unclear what the terms “TCP/IP level” (e.g., “stored at the TCP/IP level”, “performed at the TCP/IP level,” and “occurs at the TCP/IP level”) is to be interpreted.   
Claim 3 recites similar limitation and is rejected for the same rational. 
Claim 3 recites, “receiving an established outbound connection from a LAN server of the LAN.” This limitation is indefinite because, first it does not clear, who is receiving the outbound connection and second how it is related to any other steps of the claim. It appears to be extra step or information without being connected to the other steps.  
Claim 3 is rejected under 35 USC 112 second paragraph because the claim refers to “TCP/IP” level, while there is no definition for this term in the specification. Therefore, it is unclear what the terms “TCP/IP level” (e.g., “storing request …at a TCP/IP level”, “checking at the TCP/IP level,” and “routing occurs at the TCP/IP level”) is to be interpreted.  

LAN Controller located in the LAN, configured to check for existence of one of the requests in the DMZ Stack Pool Service.” The request does not have proper antecedent basis. 

Claim 9 recite, “first outbound TCP/IP connection” and “second outbound TCP/IP connection”, while claim 11 (which by default include limitations in claim 9) recite “third TCP/IP connection”, and “a fourth outbound TCP/IP connection.” It is unclear whether the “Third TCP/IP connection” (appears as sequence of first and second in claim 9) is the same type of ‘first’ and ‘second’ “TCP/IP outbound connection” (appears as sequence of first second and fourth) or different. Giving meaning to the claim limitation, it appears that a “TCP/IP connection” is called “TCP/IP outbound connection” because, the connection is out from the LAN to the DMZ, and the TCP/IP connection from the service in the LAN is just a “TCP/IP connection” and is an inbound because it is inside the LAN. Therefore, giving the connection sequence ‘third’ and ‘fourth’ is confusing because it is not an “outbound connection” and does not fit into the sequence of the outbound connections5.     
Claim 13 recite, “receiving, by a DMZ server located in the De-Militarized Zone, a second outbound TCP/IP connection from a LAN server located in the LAN, the DMZ server using the TCP/IP connection information to route the second outbound TCP/IP connection to stream client request data to the corresponding client request.” This claim limitation is vague to the point that it does not make understanding. First the specification states, “Once the and the outbound connection (42) arriving from the LAN Server, the Client Request is then streamed through the DMZ Server and the LAN Server over the System, and then the client request data streams from the Service (33) to the Client (11).” [Emphasis added] (Id., at 3:4-9) Therefore, according to the specification, by using the connection binder in the DMZ and through the outbound connection 42, the client request data is streamed from the Service 33 to the client 11. There is no data streamed from the LAN server by using the outbound connection (the “second outbound connection”) described in the specification. The “client request data” is streamed from Service 33 through the “outbound connection 42”, which connect the LAN to the DMZ and from the DMZ through TCP/IP connection to the “Client Request 11.”  As such, it is unclear what data is streamed from the LAN server 31 to client 11.  
 Claim 11 recites, “the-LAN-server using, by the LAN server, the TCP/IP connection information to generate a third TCP/IP connection with a service in the LAN;
the LAN server generating, by the LAN server, a fourth outbound TCP/IP
connection with the DMZ server.”
Based on specification and drawing in Fig. 1, it appears that the first outbound connection is the TCP/IP outbound connection 41, from LAN Server 31 (Id.,), the second outbound connection is outbound connection 42 from LAN Server to DMZ Server, and the third connection is the connection between LAN Server 31 and Service 30. It is unclear what the fourth outbound connection might be. There is no other outbound connection described in the specification. The claim is also rejected under 35 USC 112 first paragraph, as not having written description support for fourth outbound TCP/IP connection in the specification.  



Claim 13 recite, “a first processor of the LAN server or a LAN controller residing within the LAN, the first processor being programmed to create at least one
Transmission Control Protocol/Internet Protocol (TCP/IP) FGRAP
connection to a second processor of a server external to the [[said]]
LAN through an outbound port, wherein:” The claim language is indefinite. The claim is vague, because, if “a first processor” is being programmed to create ate least …”,  and if the “LAN controller” is also capable of being programmed to create at least …,” then the claim should read as “a first processor or the LAN controller is being programmed to create ate least …” Otherwise the LAN controller is not tied to any other part of the claim and is extraneous information or is not relevant to the other claim limitations.  

Claim 13 is further rejected because; the preamble is directed to “connection between a local area network (LAN) server residing on a LAN and resources connected to LAN server - and client on wide area network (WAN).” Later the claim recites, “firewall protects the LAN server from unauthorized inbound connections.” The preamble is directed to securing resources connected to the LAN server, while the body if the claim firewall protects the LAN server from unauthorized inbound connections. This does not make sense. See the specification recites, “The computers on the DMZ have limited connectivity to the computers on the LAN and are usually separated by a firewall that controls the traffic between the DMZ computers and the LAN computers.” (Id., 1:29-32) Inbound connection in the context of the LAN server is connection to the Resources (such as Service 33), therefore, the metes and bound of the claim is not clear. 
	Claim 20 as a whole is so incomplete and vague that it does not allow understanding. The claim recites, “transferring, on the TCP/IP connection and at the TCP/IP level, data
provided by the service in response to the request.” This statement is vague to the point that it does not allow understanding. While the preamble calls for “providing client access to a service”, the last statement is directed to transferring “on the TCP/IP connection and the TCP/IP level, data provided by the service to the request” (which is between the server outside of the LAN and the service (which could read on DMZ according to the specification), however at the end the data is provided. But the connection is between LAN service and the server outside the LAN. It could be the DMZ according to the specification. The “data” from the service never gets to the client which is a separate entity than the “server outside the LAN.”
  	Claim 25 recite, “’a service configured to’ send a response to the request to the server through the TCP/IP connection” is indefinite and does not make understanding. How a service can send a response. What is a service anyway? 
	
Claim Rejections - 35 USC § 112
21.	The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a)  IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:


22.	Original claims 1-4, and new claims 5-28, are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, for failing to comply with written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for pre-AIA  the inventor(s), at the time the application was filed, had possession of the claimed invention.  
With respect to claims 1-2, and new claims 5, 7-8, 13-19, 22, 24, 25, 26 and 27, as described above, the specification of the ‘958 patent does not provide adequate structure and/or algorithm to perform the various claimed functions as recited in those claims [Emphasis added] (See the Claim Interpretation analysis, and 35 USC § 112 second paragraph analysis, supra). The specification does not demonstrate that applicant has made an invention that achieves the claimed function because the specification does not describe with sufficient detail such that one of the ordinary skill in the art can reasonably conclude that the inventors had possession of the claimed invention.  
When rendering patentability determinations, the Office may not disregard the structure disclosed in the specification corresponding to the means-plus-function language. In cases involving a special purpose computer-implemented means-plus-function limitation, the Federal Circuit has consistently required that the structure be more than simply a general-purpose computer or microprocessor and that the specification must disclose an algorithm for performing the claimed function. See, e.g., Noah Systems Inc. v. Intuit Inc., 675 F.3d 1302, 1312, 102 USPQ2d 1410, 1417 (Fed. Cir. 2012); Aristocrat, 521 F.3d at 1333, 86 USPQ2d at 1239. To  disclose only a general-purpose computer as the structure designed to perform that function amounts to pure functional claiming. Aristocrat, 521 F.3d 1328 at 1333, 86 USPQ2d at 1239. In this instance, the structure corresponding to a 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph claim limitation for a computer-implemented function must include the algorithm needed to transform the general-purpose computer or microprocessor disclosed in the specification. Aristocrat, 521 F.3d at 1333, 86 USPQ2d at 1239; Finisar Corp. v. DirecTV Group, Inc., 523 F.3d 1323, 1340, 86 USPQ2d 1609, 1623 (Fed. Cir. 2008); WMS Gaming, Inc. v. Int’l Game Tech., 184 F.3d 1339, 1349, 51 USPQ2d 1385, 1391 (Fed. Cir. 1999). The corresponding structure is not simply a general-purpose computer by itself but the special purpose computer as programmed to perform the disclosed algorithm. Aristocrat, 521 F.3d at 1333, 86 USPQ2d at 1239. (MPEP 2181 (B).

In addition to the rejection of claims under 35 U.S.C. 112 (pre-AIA ), first paragraph for failing to provide adequate structure and/or algorithm, original claims 1-4, and new claims 5-28 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement
At the outset it must be pointed out that claims 1, 3, 13, 20, 27, and 28 are rejected for the reason that they recite “TCP/IP level” There is no “TCP/IP level” even mentioned in the specification, and there is no written description support for all the claim limitations that are related to the “TCP/IP level.” 

With respect to (i) and (ii) the specification states that, “[O]ne of the innovative aspects of the System is that the LAN Controller (32) constantly, and/or on a predefined set of time basis, checks for Client Requests stored in the DMZ Stack Pool Service (22).” (Id., at 2:51-54) The specification later states, “[T]he DMZ Server (21) then creates a Connection Binder in the DMZ Server between the incoming Client 10 Request (that is stored in the DMZ Stack Pool Service (22))” (Id., at 2:65 – 3:1) The specification however does not even mention level, let alone “requests are stored at TCP/IP level”, or checking is performed at TCP/IP level”.
With respect to (iii), the specification states, “[T]he DMZ Server (20) will accept all Client Requests and route them to the LAN-Server (31)” (Id., at 3:16-17) The specification however does not disclose that the “routing by said DMZ server occurs at the TCP/IP level.” 
As to the generation of the TCP/IP connection, the specification states, 
“The Fifth step: The LAN Server (31) then generates two TCP/IP connections: One connection is to the Service (33), which is the destination service, based on 5 the Client Connection Information. The second connection is an outbound connection (42) to the DMZ Server (21). In addition, the LAN Server (31) creates a Connection Binder in the LAN Server between the Service (33) and the outbound connection (42).” (Id., at 2:58-65) 
As such, according to the specification, the “request are stored by using TCP/IP connection”, “checking is performed by using TCP/IP connection” or “routing by said server occurs by using TCP/IP connection.” The specification is silent with respect to any of the above functions being performed at “TCP/IP level.” What is TCP/IP level anyway. There are TCP/IP 
As stated in part in MPEP, “[a]pplicant is free to be his or her own lexicographer, a patentee or applicant may use terms in a manner contrary to or inconsistent with one or more of their ordinary meanings if the written description clearly redefines the terms. See, e.g., Process Control Corp. v. HydReclaim Corp., 190 F.3d 1350, 1357, 52 USPQ2d 1029, 1033 (Fed. Cir. 1999) ("While we have held many times that a patentee can act as his own lexicographer to specifically define terms of a claim contrary to their ordinary meaning," in such a situation the written description must clearly redefine a claim term "so as to put a reasonable competitor or one reasonably skilled in the art on notice that the patentee intended to so redefine that claim term."); Hormone Research Foundation Inc. v. Genentech Inc., 904 F.2d 1558, 15 USPQ2d 1039 (Fed. Cir. 1990). Accordingly, when there is more than one meaning for a term, it is incumbent upon applicant to make clear which meaning is being relied upon to claim the invention. Until the meaning of a term or phrase used in a claim is clear, a rejection under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph is appropriate.” Applicant has not provided any  
For the purpose of examination and applying art the examiner interpreting “TCP/IP level” to mean “TCP/IP connection” according to the description of the term in the specification as noted above.  
Claim 3 is the method claim of system claim 1 and recite similar limitations. The claim is rejected for the same rational as the rejection in claim 1. 
Claim 13 recite, (i) “wherein said first processor is configured to receive via the second processor a request from a client for access to the resources within the LAN at the TCP/IP level;” 
With respect to (i) in claim 13, the specification discloses, “The DMZ Server (21) then creates a Connection Binder in the DMZ Server between the incoming Client 10 Request (that is stored in the DMZ Stack Pool Service (22)) and the outbound connection (42) arriving from the LAN Server (31), and by that completes the route of the Client Request.” (Id., at 2:65 – 3:3) There is no “receiv[ing] via the second processor…. within the LAN at the TCP/IP level.” With respect to (ii) in claim 13, the specification states, “[T]he Fifth step: The LAN Server (31) then generates two TCP/IP connections: One connection is to the Service (33), which is the destination service, based on 5 the Client Connection Information. The second connection is an outbound connection (42) to the DMZ Server (21). In addition, the LAN Server (31) creates a Connection Binder in the LAN Server between the Service (33) and the outbound connection (42).” There is no ““enables[ing] said client to access said resources via the second processor at the TCP/IP level through the at least one TCP/IP connection.”
Claim 20 recite, (i) “relaying, by the server residing outside of said LAN, the request for access to said LAN at the TCP/IP level”, and (ii) “transferring data provided by the service in response to the request at the TCP/IP level on said TCP/IP connection.” 
With respect to (i) and (ii), the specification states, “[T]he DMZ Server (21) then creates a Connection Binder in the DMZ Server between the incoming Client 10 Request (that is stored in the DMZ Stack Pool Service (22)) and the outbound connection (42) arriving from the LAN Server (31), and by that completes the route of the Client Request.” (Id, at 2:65 – 3:3) First, there is no “relay[ing]” even mentioned in the specification. Second if the claim is directed to a situation where the DMZ server (the server residing outside of the LAN) is forwarding connection is a “TCP/IP level” connection.
As such, all claim limitations with reference to “TCP/IP level” do not have sufficient written description support in the specification. [Emphasis added]
In addition to the above, claim 1 recite, “wherein said DMZ Stack Pool Service, said LAN Controller, and said DMZ server do not change data of said request.” The specification recite that the “The DMZ Server (20) will accept all Client Requests and route them to the LAN-Server (31), without changing the data that the Client Requests contains.” (Id., at 3:16-18) First, the specification says that the DMZ server does not change data that the client request contains. There is no teaching that the DMZ service, and LAN controller does not change data of said request. There is no sufficient written description support for this limitation as how it is accomplished, or what hardware in system claims 1, 7, 13, and 27, and/or what software in the method claims 3, 9, 20 and 28 are accomplishing the task of routing request by the DMZ service and/or LAN controller without changing the data of the request. There is absolutely no teaching of the DMZ stack pool service and the LAN controller do not change data of said request. There is insufficient written description support as to how the above functions are accomplished. 
In the absence of any teaching as how the task of routing request by the DMZ service and/or LAN controller without changing the data of the request, for the purpose of applying art, in the rejection claims 1, 3, 7, 9, 27 and 286 the Examiner concludes that this limitation would have been well known in the art at the time the invention was made.  

the Client Request is then streamed through the DMZ Server and the LAN Server over the System, and then the client request data streams from the Service (33) to the Client (11).” (Id., at 3:4-9) There is no “routing of client request data from the Service to the Client” disclosed in the specification. Applicant can argue that the “routing” is the same as “streaming”, however, the Examiner notes that routing is the process of selecting a path across a network, while streaming is the process of content being delivered and played back in real time, and the two are different. 

Claims 3 and 7 recite the same limitation and are rejected for the same rational.

Claim 3 requires that the “permitting access to DMZ stack pool service for checking ….” With respect to checking for client request, the specification teaches, “One of the innovative aspects of the System is that the LAN Controller (32) constantly, and/or on a predefined set of time basis, checks for Client Requests stored in the DMZ Stack Pool Service (22).” (Id., 2:51-54) The specification however, does not have adequate written description support for “permitting access to DMZ.” Constantly checking for client request in the DMZ” and “permitting access to the DMZ for checking for existence of the request” are two different things. 
Claim 28 is the method claim of claim 3 and recite similar limitation and is rejected for the same rational.

plurality of established outbound connections.” There is no sufficient written description support for this limitation in the specification. The specification teaches “two TCP/IP” connections, wherein one is to the Service (33), and the second connection is an [singular] outbound connection. (2:57-62) There is no sufficient teaching for a plurality of outbound connections. [Emphasis added] Applicant in his remarks argues that the specification teaches that the system “enables users to communicate with the LAN” (id, at 2:12-14 and 33-35), therefore, there are plurality of outbound connection. However, this argument is unpersuasive because, the claim does not specify that one [1] separate outbound connection is associated with one [1] user. In other words, the claim reads on a situation where there are several outbound connections for a single user and for that reason the rejection of claim under 112 first paragraph is maintained.
 
Claims 1, 3, 7, 27 and 28 recites “a De-Militarized Zone (DMZ) Stack Pool Service located on a device in a De-Militarized Zone,” and does not have proper written description support in the specification. However, the specification is silent as to stack Pool Service being on a device. 
The Examiner notes that Applicant keeps adding limitation to the claims which do not have support in the specification. Applicant cannot import new matter into the specification and/or claims or complete the disclosure after the fact, when the patent has been issued and that is improper. 
The specification states that the “The DMZ Server (21) stores the Client Request in the DMZ Stack Pool Service (22)” (Id., at 2:47-49) It appears that the stack pool service is a device 

Claim 7 recite, “the DMZ Stack Pool Service being configured to store TCP/IP connection information from requests received from a client, the TCP/IP connection information for each request comprising an IP- address and an IP-port associated with a service in a local area network (LAN),” The specification with respect to IP-address and IP-port limitation teaches, “[DMZ] Stack Pool Service: Stores and handles Client's Requests (22) in the DMZ;” (Id., 2:21-22)  and later teaches, “Second step: The DMZ Server (21) stores the Client Request in the DMZ Stack Pool Service (22).” (Id, at 2:47-49) As understood, the DMZ server store the request and there is insufficient support for storing the TCP/IP connection information in the DMZ. The specification does not even recite “TCP/IP connection information.” There are “client connection information” (Id., Abs. and at 2:24-28, 2:55, and 2:60-61), but there is no recitation of “TCP/IP connection information” in the specification.
Claims 9 and 11 recite the same limitation and are rejected for the same reason. 
Claim 11 recites, “the-LAN-server using, by the LAN server, the TCP/IP connection information to generate a third TCP/IP connection with a service in the LAN;
the LAN server generating, by the LAN server, a fourth outbound TCP/IP
connection with the DMZ server;”
Based on specification and drawing in Fig. 1, it appears that the first outbound connection is the TCP/IP outbound connection 41, from LAN Server 31 (Id.,), the second outbound connection is outbound connection 42 from LAN Server to DMZ Server, and the third 31 and Service 30. There is no other outbound connection described in the specification. Therefore, the claim is ejected under 35 USC 112 first paragraph, as not having written description support in the specification for fourth outbound connection.  
Claim 12 is rejected because the claim recite fourth outbound connection and as stated above there is no written description support for this limitation.  

Claim 12 is rejected under 35 USC 112 first paragraph not only because the claim depend from a rejected base claim but also because claim 12 recite, “The method of claim 11 further comprising: causing by the DMZ server a handshake between the corresponding client request and the fourth outbound TCP/IP connection.” There is insufficient written description support a “handshake between the corresponding client request and the fourth outbound TCP/IP connection”. 

Claim 13 is rejected for the reason that the claim recite, “a first processor of a LAN server or a LAN controller residing within the LAN, the first processor being programmed to create at least one Transmission Control Protocol/Internet Protocol (TCP/IP) connection to a second processor of a server external to the LAN through an outbound port.” The MPEP with respect to computer program and algorithm state, 
“Similarly, original claims may lack written description when the claims define the invention in functional language specifying a desired result but the specification does not sufficiently describe how the function is performed or the result is achieved. For software, this can occur when the algorithm or steps/procedure for performing the computer function are not explained at all or are not explained in sufficient detail (simply restating the function recited in the claim is not necessarily sufficient). In other words, the algorithm or steps/procedure taken to perform the function must be described with 
(Id., at 2161.01 (I.))
There is insufficient written description support for the programming (in the form of a flow chart and/or algorithm) for performing the function of “creating an outbound connection” in the specification as required by the MPEP.
Claim 13 recites “a first processor programmed to create at least one TCP/IP connection associated to a second processor of a server external to the LAN through an outbound port” However, the specification does not provide any detail of a program or algorithm (flow char or step procedure) to perform the functions recited in the claim. Claims 15, 17, 18 and 19 are all dependent on claim 13, and further adds more functionality to the function of the program in claim 13. Similar to the rejection with respect to claim 13, the specification does not provide adequate written description support for those claims.  
Claim 13 further recite, “wherein … the first processor is configured to receive via the second processor a request from a client for access to the resources within the LAN at a TCP/IP level.” The specification does not have sufficient support for accessing resources within the LAN. The specification makes several references to client request, but never mention whether the request is for just establishing communication or access to any resource or otherwise. The specification is devoid of any content of the client request. The word “resource” is not even mentioned in the specification, let alone “access to the resources.”    

Claim 13 further recite, “the first processor enables the client to access said resources via the second processor at the TCP/IP level through the at least one TCP/IP connection.” There is no sufficient written description for this limitation in the specification. As stated earlier, the 

Claim 15 recite, “wherein the second processor is configured to relay communication between the LAN and the WAN.” There is no sufficient written description support for relaying between the LAN and the WAN in the specification. He word ‘relaying’ is not even mentioned in the specification. What does ‘relaying’ mean in the context of the invention anyway?

Claim 18 recite, “wherein the first processor is configured to determine a response to the request from the client, and send the response to the second processor through the at least one TCP/IP connection.” Additionally, the specification states, “Once the Connection Binder, in the DMZ Server, binds the Client Request and the outbound connection (42) arriving from the LAN Server, the Client Request is then streamed through the DMZ Server and the LAN Server over the System, and then the client request data streams from the Service (33) to the Client (11).” (Id., at 3:4-9) There is no sufficient written description support for “first processor determining a response to the request from the client and sending the response to the second processor” in the specification. 

Claim 19 recite, “wherein the second processor is configured to route the response provided by the first processor to the client.” There is no sufficient written description support for routing the response by the first processor to the client. Because there is no response even mentioned in the specification, let alone response by the first processor. 


“The LAN Server (31) then generates two TCP/IP connections: One connection is to the Service (33), which is the destination service, based on 5 the Client Connection Information. The second connection is an outbound connection (42) to the DMZ Server (21).” (Id., at 2:58-62)

As to the “said first processor”, that perform the functions in claim 13, the claim limitation appears to be like a wish list without any structure and/or algorithm in the form of a flow char (step procedure) that can perform the claimed functions. There is no detail of any structure and/or algorithm (see the claim limitation specifically recite, “a first processor of the LAN server or a LAN controller residing within the LAN, the first processor programmed to create … “) for performing the functions recited in claim 13. 

Re: Claims 15, and 17 
Each of the claims 15 and 17, adds more functionality to the functions performed by the “second processor” in claim 13. For example, claim 15 recites that the “second processor” is “configured to relay communication between the LAN and the WAN.” The specification with respect establishing communication states,
“In accordance with this invention as described above, no administrative management is required in the LAN Server (31) to establish or maintain communications after it is initially installed and configured on the LAN (30) and on the DMZ (20).”
(Id., at 3:10-13)
Therefore, according to the specification the communication is established initially between LAN and the WAN. The communication is initially installed and there is no indication as to what element rely the communication between the two.
As to claim 17 that recites that the “second processor” is “configured to receive the request from the client from the WAN.” The specification states, 
Id., at Abs). 

Later the specification states,

“The Client Request (of the client (11)) reaches the DMZ Server (21).”
(Id., at 2:46-47)

The specification teaches that the client request reaches the DMZ server and there is no teaching as to who is performing this operation. Once it is stored in the DMZ, it is the LAN controller that establishes TCP based connection to the DMZ Stack Pool service that passes the client connection information to the LAN server. The specification is devoid of any teaching as to what algorithm (step/procedure) is performing the function recited in claim 17. For all the above reasons, dependent claims 15 and 17 are rejected under 35 USC 11 first paragraph as will be explained. 

Re: Claims 18 and 19
Claim 18 adds more functionality to the functions performed by the “first processor” in claim 13. The claim recites that the “first processor” is “configured to determine a response to the request from the client, and the first processor is configured to send the response to the second processor through the at least one TCP/IP connection.” 
The specification states, 

“Once the Connection Binder, in the DMZ Server, binds the Client Request and the outbound connection (42) arriving from the LAN Server, the Client Request is then streamed through the DMZ Server and the LAN Server over the System, and then the client request data streams from the Service (33) to the Client (11).”

(Id., at 3:4-9)

“In accordance with this invention as described above, no administrative management is required in the LAN Server (31) to establish or maintain 5 communications after it is initially installed and configured on the LAN (30) and on the DMZ (20). The LAN Controller (32) permanently or periodically queries the DMZ Stack Pool Service (22) for incoming Client Requests. The DMZ Server (20) will accept all Client Requests and route them to the LAN-Server (31), without changing the data that the Client Requests contains. For example, if a Client Request uses the HTTPS connection protocol, then the HTTPS connection protocol will be transmitted over the System, as with any other common protocols such as SSH/SFTP/FTP/FTPS/RDP/SMTP/TLS/ or any other TCP/IP based protocols.” (Id., at 3:10-23). As understood, the LAN controller spool the DMZ service for client request, and the DMZ server route the requests to the LAN-server. 

(Id., at 3:10-23)
The specification however, does not describe an algorithm (flow chart or a step/ procedure) of a processor that perform the function recited in claim 18. No response even mentioned in the specification, let alone what structure is configured to send the response to the second processor. 
  Claim 19 requires that the second processor is “configured to” route the response provided by the first processor to the client. The specification states, that the DMZ route the request to the LAN. There is no structure or algorithm (flow chart or step/procedure) that perform the function recited in claim 19. No response is even mentioned in the specification, let alone a structure routing response provided by the first processor to the client.

Claim 20 recite, “wherein the second processor is configured to route the response provided by the first processor to the client.” There is no sufficient written description support for routing the response by the first processor to the client. Because there is no response even mentioned in the specification, let alone response by the first processor.
Id., at 2:57-62) The LAN server (which is inside the LAN) establishes a TCP/IP connection to the service, and not the server outside the LAN establishes connection to the service. 
Claim 20 is further rejected because the claim recites, “transferring data provided by the service in response to the request at the TCP/IP level on said TCP/IP connection.” No transferring data is provided in “response to the request” in the specification once communication is established. See the specification states, “Once the Connection Binder, in the DMZ Server, binds the Client Request and 15 the outbound connection (42) arriving from the LAN Server, the Client Request is then streamed through the DMZ Server and the LAN Server over the System, and then the client request data streams from the Service (33) to the Client (11).” (Id., at 3:4-9)
Claim 22 is rejected for the reason that the claim recites, “wherein the server is configured to relay communication between the LAN and the WAN.” For the reasons explained in the rejection of claim 15, this limitation does not have sufficient written description support in the specification. 
a response to the request to the server through the TCP/IP connection.” There is insufficient written description support for this limitation. 
Claim 26 is rejected for the same reason because, there is no response to the request described in the specification.
Claim 28 recite, “wherein said method requires no administrative management of the LAN server after initial installation and configuration.” The specification does not have sufficient written description support for this limitation. The specification does not have any explanation as to how the method is performed without requiring any administrative management or how this task is accomplished. There is no any detail of any software algorithm (or step procedure) as to how the method is performed without requiring any administrative management is accomplished.    

Claim Rejections -35 USC 251 (New Matter)
23.	Original claims 1-4 and new claims 5-28 are rejected under 35 U.S.C. 251 as being based upon new matter added to the patent for which reissue is sought. The added material, which are not supported by the patent, are discussed above (See the 35 USC § 112 1st paragraph analysis, supra). 

Impermissible Recapture
24.	Claims 5-28 are rejected under 35 U.S.C. § 251 as being an impermissible recapture of broadened claimed subject matter surrendered in the application for the patent upon which the present reissue is based. See Greenliant Systems, Inc. et al v. Xicor LLC, 692 F.3d 1261, 103 In re Shahram Mostafazadeh and Joseph O. Smith, 643 F.3d 1353, 98 USPQ2d 1639 (Fed. Cir. 2011); North American Container, Inc. v. Plastipak Packaging, Inc., 415 F.3d 1335, 75 USPQ2d 1545 (Fed. Cir. 2005); Pannu v. Storz Instruments Inc., 258 F.3d 1366, 59 USPQ2d 1597 (Fed. Cir. 2001); Hester Industries, Inc. v. Stein, Inc., 142 F.3d 1472, 46 USPQ2d 1641 (Fed. Cir. 1998); In re Clement, 131 F.3d 1464, 45 USPQ2d 1161 (Fed. Cir. 1997); Ball Corp. v. United States, 729 F.2d 1429, 1436, 221 USPQ 289, 295 (Fed. Cir. 1984). The reissue application contains claim(s) that are broader than the issued patent claims. The record of the application for the patent shows that the broadening aspect (in the reissue) relates to claimed subject matter that applicant previously surrendered during the prosecution of the application. Accordingly, the narrow scope of the claims in the patent was not an error within the meaning of 35 U.S.C. 251, and the broader scope of claim subject matter surrendered in the application for the patent cannot be recaptured by the filing of the present reissue application.
	During prosecution of U.S. Patent Application No. 14/379,305 (“the ‘305 application”), on 06/27/2015, the examiner issued a non-final Office action in which, rejected claims 1-2 under 35 USC 102(b) as being anticipated by Holar (USPGPUB 20090064307, herein after “Holar”). 
The Applicant on 10/27/2015, filed a response in which cancelled claims 1-2 and added new claims with broader scope, but narrower by adding the limitation “wherein said routing being via TCP/IP layer only and without changing the data of said request.” (Id., amendment of 10/27/2015, at p. 2) Applicant in that response argued that Holar must change the data of the request it utilized HTTP functionality, which inherently has application and protocol signature. Applicant further argued that the data must be decrypted and interpreted and the use of various protocols to even interpret an Application layer 7 HTTP logic would inherently change the data of the request many times. (Id., Remarks of 10/27/2015 at p. 5)   

On 02/09/2016 the examiner issued a final Office action rejecting claims 3-6 under 35 USC 102(b) as being anticipated by Holar. 

On 07/31/2016 Applicant fled an amendment and response to the final Office action amended claim 3 by changing “request” to “TCP/IP request”, and amended the claim as follows; “wherein said routing does not does not change TCP/IP request and does not expose services in the De-Militarized zone.” 
Applicant in his remarks argued that, independent claims 3 and 5 now specify that it is a TCP/IP request from a client that is stored in a De Militarized Zone instead of an HTTP request as in Holar. Also, it is the data of the entire TCP/IP request that does not change as opposed to only the data of the HTTP request in Holar that does not change. For even these distinctions alone, Holar cannot anticipate the claims. Nonetheless, applicant provides an additional reason to withdraw the rejection:
“[A] major distinction of the invention from Holar, which exposes a reverse HTTP gateway in the De-Militarized zone, is that services in the claimed invention are not exposed in the De-Militarized zone. Independent claims 3 and 5 are now amended to explicitly recite this distinction. For this additional reason, Holar cannot anticipate the claims.” (Id., Remarks at p. 4)
On 09/20/2016, the examiner issued a non-final Office action (after the RCE dated 08/07/2016) rejecting claims 3-6 under 35 USC 103(a) as being obvious over Holar in view of TCP/IP Networking an Example, pages 1-12. 
 
01/26/2017, Applicant filed an amendment and response, cancelling claims 4 and 6 and amending claim 3 as follows,
“Claim 3 (currently amended): A system for reverse access, said system comprising: a DMZ Stack Pool Service, configured forhandling -wherein said requests are handled at the TCP/IP level: 1-4
wherein said DMZ Stack Pool Service feeing is located in a wherein said checking of said request is performed at the TCP/IP level: said LAN Controller being in a LAN; and
a DMZ server configured for receiving said requests 
server of said LAN and routing said requests to said client: wherein said receiving and routing occur at the TCP/IP level:
wherein said handling and routing does not change the data of said s and the system requires no administrative management after initial installation and configuration 
(Id. at p. 2) 
The independent method claim 5 was amended by adding similar language to the amendment of claim 3. Applicant in his Remarks argued, the invention in the ‘305 application discloses a reverse invoke server that handles requests at the TCP/IP level (level ¾ of the OSI model). Arguing that “[I]n contrast. Holar discloses utilizing a Reverse Invoke Server that handles requests at the Application level (level 7 of the OSI model) - specifically with HTTP/HTTPS Application level protocol s only, and does not cover the reverse invoke concept at TCP/IP level (level 3/4 of the OSI model). [For support, please see: Mizhar, page 3 lines 6, 9, 10, 21, 28 and page 4 line 21; Holar, paragraph 25]. Applicant further with respect to the amended limitation argued that With the instant invention there is no need for administrative management of the LAN server after initial installation for it to establish or maintain communications, while Holar requiring administrative management of these servers in the DMZ. (Id., Remarks at pp. 5-6). 
On 05/23/2017, the examiner issued a final Office action rejecting claims ,5,7,8 under pre-AIA  35 U.S.C. 103(a) as being obvious over Holar et al. USPGPUB 20090064307 in view of TCP/IP Networking an Example, pages 1-12. (hereinafter, TCP/IP Networking) 
On 09/20/2017, Applicant filed response to the outstanding Office action, amending independent claim 3 as follows:
“Claim 3 (currently amended): A system for reverse access, said system comprising: a De-Militarized Zone (DMZ) Stack Pool Service located in a De-Militarized Zone, the DMZ Stack Pool Service being arranged to store stored a level no higher than the TCP/IP level;
local area network (LAN) Controller configured to check for existence in a level no higher than the TCP/IP level [[;]] arid said LAN Controller is located 
a DMZ server configured to receive to route by said DMZ server occurs a level no higher than 
wherein said DMZ Stack Pool Service, said LAN Controller, and said DMZ server do installation and configuration.”
In his remarks, Applicant argued that, “[t]he claim now requires that the storing, checking, receiving, and routing to be performed at a level no higher than the TCP/IP level. Thus, the claim language means that no processing is performed at the Application level, i.e., layer 7. However, given, as conceded, that the “heart" of the invention of Holar et al. is not performed at the TCP/IP level but rather at the higher layers, by prohibiting operations at such higher layers the claim distinguishes over Holar in view of TCP/IP Networking, even according to the Office Action’s explanation.” (Id., at p. 10)
Similar changes were made to previously pending independent claim 5.
On 01/11/2018, the examiner issued a Notice of Allowance, including an amendment to the claim and replacing the claim language, “at a level no higher than the TCP/IP level” to “at TCP/IP level,” where the authorization for the examiner’s amendment was given in an interview with Attorney Ben-Shimon on 12/14/2017.      
	MPEP in 1412.02 states:
In Clement, 131 F.3d at 1468-70, 45 USPQ2d at 1164-65, the Court of Appeals for the Federal Circuit set forth a three-step test for recapture analysis. In North American Container, 415 F.3d at 1349, 75 USPQ2d at 1556, the court restated this test as follows:
We apply the recapture rule as a three-step process:
(1) first, we determine whether, and in what respect, the reissue claims are broader in scope than the original patent claims; 
(2) next, we determine whether the broader aspects of the reissue claims relate to subject matter surrendered in the original prosecution; and 
(3) finally, we determine whether the reissue claims were materially narrowed in other respects, so that the claims may not have been enlarged, and hence avoid the recapture rule. 

In North American Container, the court cited Pannu, 258 F.3d at 1371, 59 USPQ2d at 1600; Hester, 142 F.3d at 1482-83, 46 USPQ2d at 1649-50; and Clement, 131 F.3d at 1468, 45 USPQ2d at 1164-65 as cases that lead to, and explain the language in, the North American Container recapture test. 

Group (1), will cover the application of the three-step process for original claims 1-4, and Group (2) is the application of the three-step process for new claims 5-28.  

Group (1) Three Step-Process for Original Claims 1-4
With respect to step (1), the original claim 1 is broadened as following:
“a DMZ server configured to receive [said requests] an established outbound connection from a LAN server of the [said] LAN, and to route client request data  to [said requests] to the [said client], wherein receiving and routing by the [said] DMZ server occurs at the TCP/IP level;” (bracketing and underlining shows elements deleted and added respectively) claim 3 does not recite DMZ server but recite similar limitation and broadened similar to claim 1. As such, step (1) is satisfied. 
With respect to step (2) Applicant in the amendment of 01/26/2017 amended claim 3 (patent claim 1) as following:
“a DMZ server configured for rereceiving said requests and routing said requests to said client: wherein said receiving and routing occur at the TCP/IP level;”
Later in the amendment of 09/20/2017 amended claim 3 as following: 
(“a DMZ server configured to receive to route by said DMZ server occurs a level no higher than Id.)

The same limitation is broadened in this reissue application as following:
an established outbound connection from a LAN server of said LAN, and to route said established outbound connection to said requests [to said client], wherein receiving and routing by said DMZ server occurs at the TCP/IP level;”
Claim 3 is amended similar to claim 1. Since the broader aspects of the reissue claims (receiving the request) relate to subject matter surrendered in the original prosecution, therefore, step (2) is satisfied.

With respect to step (3), the Surrendered Subject Limitation (the “SGL”) has not been entirely eliminated from claims in this reissue application. In such situations, the MPEP states that, “[I]t must be determined what portion of the amendment or argued limitation has been retained, and whether the retained portion materially narrows the original claims to avoid recapture.” 
See Youman, 679 F.3d at 1346 n.4, 102 USPQ2d at 1870 n.4 ("'original claims' are defined as 'the claims before surrender'"). "[I]f the patentee modifies the added [or argued] limitation such that it is broader than the patented claim yet still materially narrows relative to the original claim, the recapture rule does not bar reissue." Id. at 1347, 102 USPQ2d at 1870. On the other hand, if the retained portion of the modified limitation is "well known in the prior art," impermissible recapture has not been avoided. See Mostafazadeh, 643 F.3d at 1361, 98 USPQ2d at 1644. It is to be noted that if the retained portion of the modified limitation is well known in the prior art, then impermissible recapture exists, even in a case where a further limitation which is not related to the surrendered subject matter (i.e., a limitation that does not Id. [Emphasis added]
	In this case, the issue is whether “a DMZ server configured to receive an established outbound connection from the LAN server ….and to route …server occurs ate the TCP/IP level” was well known in the prior art. During prosecution of the ‘958 application, Holar was relied upon to disclose all the limitation of the claims which teaches this limitation as well. See Holar discloses the retained claim limitation, “[F]or reverse invoke to work, the internal firewall 108 must still allow a connection (e.g., an outbound connection) from the internal server 104 to the DMZ 110.” (Id., at [0030], [emphasis added]) Therefore the broadened limitation was well known in the prior art and thus is subject to recapture. Accordingly, step (3) is satisfied and the broadened limitations in claims 1 and 3 are subject to recapture. 

Group (2) Three Step-Process for New Claims 5-28
Examiner determine that each of the new independent new claims 7, 9, 13, 20, 27 and 28 are broader as compared to the scope of the original claims of the patent. In claims 7 and 9 the amended limitations related to “TCP/IP level” is entirely eliminated (See the amendment dated 01/26/2017 in the ‘305 Application). In claims 7, 13 and 20, the amended limitation related to “the DMZ Stack Pool Service being configured to store requests received from a client” in entirely eliminated (See the amendment dated 09/20/2017 in the ‘305 Application). In claims 13, 20 and 28 the limitation [or similar limitation] related to “wherein said DMZ Stack Pool Service, said LAN Controller, and said DMZ server do not change the data of said requests,” is entirely eliminated (See the amendment of 09/20/2017 in the ‘305 Application). In claim 7, 9, 13 and 20 the limitation related to “the system requires no administrative management after initial installation and configuration” is entirely eliminated (See the amendment dated 01/26/2017 in the ‘305 Application). As such, the examiner determines that claims are broader in scope than the original claims and therefore, step (1) is satisfied.

	With respect to step (2), the broader aspects of the reissue claims relate to subject matter surrendered in the original prosecution. As set forth above in the prosecution history, the applicant specifically amended and/or argued about the broadened limitations boldfaced/underlined identified in step (1). As such, step (2) is satisfied. 

	With respect to step (3), the examiner notes that, many limitations that were surrendered during prosecution of the original patent claims are entirely eliminated. Those limitations are identified (boldface limitations) in the analysis of step (1) set forth above. With respect to step (3) according to MPEP at 1412.02 (2.) (C.) and modification of an SGL is broken down into two possibilities that will be addressed below.
Wirth respect to first possibility, the MPEP states in part:
“1) If a surrender generating limitation (SGL) has been entirely eliminated from a claim present in the reissue application, then a recapture rejection under 35 U.S.C. 251 may be proper. For example, if a claim limitation present in the original patent that was added to overcome a rejection or that was argued by applicant to distinguish over the prior art is entirely eliminated from a claim in the reissue application and not replaced by a new SGL-related limitation, then a recapture rejection under 35 U.S.C. 251 is proper and must be made for that claim.
Id.) 
	In the present situation, many limitations that was added to overcome the rejection over Holar in view of TCP/IP Networking are entirely eliminated in the new claims 7, 9, 13, 20, 27 and 28. Those limitations are the broadened limitations boldfaced/underlined identified in step (1) above.  
Wirth respect to second possibility, the MPEP states in part:

2) If the SGL has not been entirely eliminated from a claim in the reissue application (i.e., the amendment narrowing the claim or the argued limitation has not been entirely eliminated from the claim in the reissue application), but rather it has been made less restrictive in the reissue application claim (such that the claim is broadened), the analysis (based on In re Mostafazadeh, 643 F.3d 1353, 98 USPQ2d 1639 (Fed. Cir. 2011) and In re Youman, 679 F.3d 1335, 102 USPQ2d 1862 (Fed. Cir. 2012)) is as follows:
It must be determined what portion of the amendment or argued limitation has been retained, and whether the retained portion materially narrows the original claims to avoid recapture.” (Id.) 
In the present situation the claims 7 and 9, similar to the amended claims 1 and 3, are broadened to recite “and a DMZ server configured to receive an outbound connection from a LAN server of said LAN, and to use said TCP/IP connection information to route said outbound connection to the corresponding client request” instead of  ““a DMZ server configured to receive said requests from a LAN server of said LAN, and to route said requests, wherein receiving and routing by said DMZ server occurs at the TCP/IP level,” in the original patent claims 1 and 3. As 
See Youman, 679 F.3d at 1346 n.4, 102 USPQ2d at 1870 n.4 ("'original claims' are defined as 'the claims before surrender'"). "[I]f the patentee modifies the added [or argued] limitation such that it is broader than the patented claim yet still materially narrows relative to the original claim, the recapture rule does not bar reissue." Id. at 1347, 102 USPQ2d at 1870. On the other hand, if the retained portion of the modified limitation is "well known in the prior art," impermissible recapture has not been avoided. See Mostafazadeh, 643 F.3d at 1361, 98 USPQ2d at 1644. It is to be noted that if the retained portion of the modified limitation is well known in the prior art, then impermissible recapture exists, even in a case where a further limitation which is not related to the surrendered subject matter (i.e., a limitation that does not materially narrow the claims) has been added to define the claims over the art. Id. [Emphasis added]
	In this case, the issue is whether “a DMZ server configured to receive an established outbound connection from the LAN server ….and to route …server occurs ate the TCP/IP level” was well known in the prior art. During prosecution of the ‘958 application, Holar was relied upon to disclose all the limitation of the claims which teaches this limitation as well. See Holar discloses the retained claim limitation, “[F]or reverse invoke to work, the internal firewall 108 must still allow a connection (e.g., an outbound connection) from the internal server 104 to the DMZ 110.” (Id., at [0030], [emphasis added]) Therefore the broadened limitation was well known in the prior art and thus is subject to recapture. Examiner notes that, claim 13 is In re Mostafazadeh analysis, it is determined that the outbound port is well known in the art as evidenced by Holar at ¶¶ [0035] and [0036].
	For all the above reasons, all claims 1-28 are rejected under 35 U.S.C. § 251 as being an impermissible recapture of broadened claimed subject matter surrendered in the application for the patent upon which the present reissue is based.   

Double Patenting Rejection
25.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

26.	Claims 3-4, and 6 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3 of the U.S. Patent No. 10,110,606. Although the claims at issue are not identical, they are not patentably distinct from each other because claims in the instant application are broader than those in the ‘606 patents. The examiner also notes that the instant application has some narrowing aspects as will be discussed below. See for example the following claim chart mapping claims of 3 of application ‘401 and claim 1 of the ‘606 patent.   

16.838,401 Application
10,110,606 Patent 
Claim 3. 
[3.0] A method for reverse access, the method comprising:
 
Claim 1. 
[3.0] A method for providing a secured connection between servers on a local area network (LAN) and clients on a wide area network (WAN) via a de-militarized zone (DMZ), wherein the LAN includes a Service, 

storing requests received from a client in a De-Militarized Zone DeMilitarized zone (DMZ) Stack Pool Service and at a TCP/IP level, wherein the DMZ Stack Pool Service is located on a device in a De-Militarized Zone;

[1.a] storing a client request reaching the DMZ Server in the DMZ Stack Pool Service;
[3.b] permitting access to the DMZ Stack Pool service for checking for existence of the requests at the request at the TCP/IP level, wherein the checking is performed by a
local area network (LAN) Controller located in a LAN; 
[1.b] passing Client Connection Information by the DMZ Stack Pool Service to the LAN Server via the LAN Controller;

See claim 2 recites, “checking by the LAN Controller on a regular basis for client request stored in the DMZ Stack Pool Service  
[3.c] receiving an established outbound connection from a LAN server of the
LAN; and
[1.c] establishing, by the LAN Controller, an outbound TCP based connection to the DMZ Stack Pool Service;

[3.d] routing client request data to the
Client;
[1.d] generating, by the LAN Server, two TCP/IP connections, a first TCP/IP connection being to the Service and a second TCP/IP being an outbound connection to the DMZ Server, and wherein the LAN server creates a Connection Binder in the LAN Server between the Service and the outbound connections;



[1.e] creating, by the DMZ Server, a Connection Binder in the DMZ Server that binds the incoming Client Request and the outbound connection arriving from the LAN Server to complete the route of the Client Request;



[1.f] streaming the Client Request through the DMZ Server and the LAN Server; and streaming the client request data from the Service to the Client.



[3.f] wherein the method requires no administrative management of the
LAN server after initial installation and configuration.




As seen from the above chart, claim 3 in the ‘401 application is much broader than claim 1 in ‘606 patent. Element for element is compared in the above claim chart. See the boldface limitations in each in each claim. As to the limitation “checking for existence of the requests at the request” in claim 3 of the ‘401 application, claim 2 in the ‘606 patent recites exactly the same limitation. As to the limitation that storing, routing and checking is at TCP/IP level, in light of the interpretation - according to the specification - that “TCP/IP level” being “TCP/IP connection”, the receiving and routing in the ‘401 application is performed through the TCP/IP connection which has been made obvious as noted in the rejection of claims. Also see [3.d] in ‘401 application is the same as [1.f] in the issued ’606 patent. Additionally, claim 3 in the ‘401 application is narrower with respect to limitations [3.e], and [3.f], however these two limitations are obvious as explained in the rejection of claims over Holar in view of TCP/IP Networking as shown in the rejection of claims.   
As to claim 4, the claim recites, wherein computer programs and sensitive data of the LAN server reside only in the LAN. See claim 1 in the ‘606 patent requires that the LAN include service which covers for sensitive data and computer programs.   


27.	Claims 9-12 are rejected on the ground of non-statutory double patenting as being unpatentable over claim 1 of U.S. Patent No. 10,110,606.
606.838,401 Application
10,110,606 Patent 
Claim 9. 
[9.0] A method for reverse access, the method comprising:
 
Claim 1. 
[3.0] A method for providing a secured connection between servers on a local area network (LAN) and clients on a wide area network (WAN) via a de-militarized zone (DMZ), wherein the LAN includes a Service, a LAN Server, and a LAN Controller and the DMZ includes a DMZ Server and a DMZ Stack Pool Service, the method comprising:

[9.a] storing requests received from a client 
[1.a] storing a client request reaching the DMZ Server in the DMZ Stack Pool Service;
[9.b] and Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP connection information of the requests in a De-Militarized zone (DMZ) Stack Pool Service, 

wherein the DMZ Stack Pool Service is located in a De-Militarized Zone, and the TCP/IP connection information for each request comprises an IP address and an IP port IP port associated with a service in a local area network (LAN);
[1.b] passing Client Connection Information by the DMZ Stack Pool Service to the LAN Server via the LAN Controller;
[9.c] establishing, by a LAN Controller
located in the LAN, a first outbound TCP/IP connection with the DMZ stack pool service and 
using the first outbound TCP/IP connection to check for existence of one of the requests in the DMZ Stack Pool Service and obtain the corresponding TCP/IP connection information from the DMZ Stack Pool Service; 
[1.c] establishing, by the LAN Controller, an outbound TCP based connection to the DMZ Stack Pool Service;

a second outbound TCP/IP connection from the LAN server located in the LAN, the DMZ server using the TCP/IP connection information to route the second outbound TCP/IP connection 
[1.d] generating, by the LAN Server, two TCP/IP connections, a first TCP/IP connection being to the Service and a second TCP/IP being an outbound connection to the DMZ Server, and wherein the LAN server creates a Connection Binder in the LAN Server between the Service and the outbound connections;



[1.e] creating, by the DMZ Server, a Connection Binder in the DMZ Server that binds the incoming Client Request and the outbound connection arriving from the LAN Server to complete the route of the Client Request;


to stream client request data to the corresponding client; 
[1.f] streaming the Client Request through the DMZ Server and the LAN Server; and streaming the client request data from the Service to the Client.
[9.f] wherein the DMZ server does not change data of the request



	As seen from the above chart, claim 9 in the ‘401 application is much broader than claim 1 in ‘606 patent. Element for element is compared in the above claim chart. See the boldface limitations in each in each claim. Also , claim 9 in the ‘401 application is narrower with respect to limitations [9.f], however this limitation is obvious as explained in the rejection of claims over Holar in view of TCP/IP Networking.  
As to clam 10, the claim recites, wherein computer programs and sensitive data of the LAN server reside only in the LAN. See claim 1 in the ‘606 patent requires that the LAN include service which covers for sensitive data and computer programs.   
As to clam 11, the claim recites, using, by the DMZ stack pool service, the first outbound TCP/IP connection to send the TCP/IP connection information to the LAN server via the LAN 
As to a handshake between the third TCP/IP connection and the fourth outbound TCP/IP connection, the limitation would be obvious over Holar, see for example Holar establishes a handshake between the client on a public network and at least one internal server directly which constitute a “handshake”. (Id., Holar at ¶¶ [0013], [0014], and Fig. 2 and 4).
 
28.	Claims 20-26 are rejected on the ground of non-statutory double patenting as being unpatentable over claim 1 of U.S. Patent No. 10,110,606.

16.838,401 Application
10,110,606 Patent 
Claim 20. 
A method for providing client access to a service that reside within a local area network (LAN) protected by a firewall, comprising:
 
Claim 1. 
[3.0] A method for providing a secured connection between servers on a local area network (LAN) and clients on a wide area network (WAN) via a de-militarized zone (DMZ), wherein the LAN includes a Service, a LAN Server, and a LAN Controller and the DMZ includes a DMZ Server and a DMZ Stack Pool Service, the method comprising:

relaying, by the server residing outside of the LAN, the request from the client for access to the service at a TCP/IP level said LAN at the TCP/IP level; 

[1.a] storing a client request reaching the DMZ Server in the DMZ Stack Pool Service;
permitting access to the DMZ Stack Pool service for checking for existence of the requests at the request at the TCP/IP level, wherein the checking is performed by a
local area network (LAN) Controller located in a LAN; 
[1.b] passing Client Connection Information by the DMZ Stack Pool Service to the LAN Server via the LAN Controller;

[1.c] establishing, by the LAN Controller, an outbound TCP based connection to the DMZ Stack Pool Service;

establishing a Transmission Control Protocol/Internet Protocol (TCP/IP)
connection between the server residing outside of the LAN and the service; and
[1.d] generating, by the LAN Server, two TCP/IP connections, a first TCP/IP connection being to the Service and a second TCP/IP being an outbound connection to the DMZ Server, and wherein the LAN server creates a Connection Binder in the LAN Server between the Service and the outbound connections;



[1.e] creating, by the DMZ Server, a Connection Binder in the DMZ Server that binds the incoming Client Request and the outbound connection arriving from the LAN Server to complete the route of the Client Request;


transferring, on the TCP/IP connection and at the TCP/IP level, data provided by the service in response to the request.  
[1.f] streaming the Client Request through the DMZ Server and the LAN Server; and streaming the client request data from the Service to the Client.


As seen from the above chart, claim 20 in the ‘401 application is much broader than claim 1 in ‘606 patent. Element for element is compared in the above claim chart. See the boldface limitations in each in each claim. 
As to clam 21, the claim recites, wherein the server is positioned between the LAN and a wide area network (WAN). The DMZ server in claim 1 in the ‘606 patent is in between the LAN and the WAN. 
As to clam 22, the claim recites, wherein the server is configured to relay communication between the LAN and the WAN. The DMZ server client connection information and other data is passed between the LAN and the WAN.   


  As to clam 24, the claim recites, wherein the server is configured to receive, from the WAN, the request from the client for access to the service from the WAN. As shown in claim 1 of the ‘606 patent, the DMZ server is configured to receive, from the WAN, the request from the client for access to the service from the WAN.
As to clam 25, the claim recites, wherein the service is configured to send a response to the request to the server through the TCP/IP connection. As explained in the rejection of claims infra, response to the request forwarded at TCP/IP level, in light of the interpretation - according to the specification - that “TCP/IP level” being “TCP/IP connection”, the receiving and routing in the ‘401 application is performed through the TCP/IP connection which has been made obvious as noted in the rejection of claims.
As to clam 26, the claim recites, wherein the server is configured to route the response to the client. As shown in claim 1 of the ‘606 patent, the server is configured to route the response to the client.
29.	Claim 28 is rejected on the ground of non-statutory double patenting as being unpatentable over claim 1 of U.S. Patent No. 10,110,606.

16.838,401 Application
10,110,606 Patent 
Claim 28. 
[28.0] A method for reverse access, the method comprising:
 
Claim 1. 
[3.0] A method for providing a secured connection between servers on a local area network (LAN) and clients on a wide area network (WAN) via a de-militarized zone (DMZ), wherein the LAN includes a Service, a LAN Server, and a LAN Controller and the 

storing requests received from a client in a De-Militarized Zone DeMilitarized zone (DMZ) Stack Pool Service and at a TCP/IP level, wherein the DMZ Stack Pool Service is located on a device in a De-Militarized Zone;

[1.a] storing a client request reaching the DMZ Server in the DMZ Stack Pool Service;
[28.b] permitting access to the DMZ Stack Pool service for checking for existence of the requests at the request at the TCP/IP level, wherein the checking is performed by a
local area network (LAN) Controller located in a LAN; 
[1.b] passing Client Connection Information by the DMZ Stack Pool Service to the LAN Server via the LAN Controller;
[28.c] receiving an established outbound connection from a LAN server of the LAN; and 
[1.c] establishing, by the LAN Controller, an outbound TCP based connection to the DMZ Stack Pool Service;

[28.d] creating a connection binder between the requests received from the client and the established outbound connection; wherein the established outbound connection and the connection binder occur at the TCP/IP level, and 
 
[1.d] generating, by the LAN Server, two TCP/IP connections, a first TCP/IP connection being to the Service and a second TCP/IP being an outbound connection to the DMZ Server, and wherein the LAN server creates a Connection Binder in the LAN Server between the Service and the outbound connections;



[1.e] creating, by the DMZ Server, a Connection Binder in the DMZ Server that binds the incoming Client Request and the outbound connection arriving from the LAN Server to complete the route of the Client Request;



[1.f] streaming the Client Request through the DMZ Server and the LAN Server; and streaming the client request data from the Service to the Client.
[28.e] the storing, the receiving, and the creating do not change data of the requests; and wherein the method requires no 

[28.f] wherein the method requires no administrative management of the LAN server after initial installation and configuration.


As seen from the above chart, claim 28 in the ‘401 application is much broader than claim 1 in ‘606 patent. Element for element is compared in the above claim chart. See the boldface limitations in each in each claim. Claim 28 in the ‘401 application is narrower with respect to limitations [28.e], and [28.f], however these two limitations are obvious as explained in the rejection of claims over Holar in view of TCP/IP Networking.  


Claim Rejections – 35 USC § 103
30.	 The following is a quotation of 35 U.S.C. 103, which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


31.	Claims 1-28 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over
Holar et al. USPGPUB 20090064307 in view of TCP/IP Networking an Example, pages 1-12. (hereinafter TCP/IP Networking).
As noted above, based on the analysis of the 35 U.S.C. 112, sixth paragraph, claims 25-28 are rejected under 35 USC 112 second paragraph as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as his invention and, under 35 USC 112 first paragraph for failing to comply with written 
	In the rejection of claims over Holar in view of TCP/IP Networking, the processor 310 in client device 110 is considered as the processor that perform the functions similar to the functions in claim 17.    

Examiner’s Note
The examiner is aware that Holar and TCP/IP Networking was used in the rejection of claims during original prosecution of the patent claims 1-4, However, in view of interpreting the term “TCP/IP level” to mean “TCP/IP connection” according to the specification (see the rejection of claims under 35 USC 112 first ¶, above), examiner determines that the same prior art is applicable in rejection of claims 1-28 in this Office action.  
Additionally, as set forth in response to the Applicant’s argument that the structure of ‘LAN Controller”, ‘DMZ server’, first processor’, ‘second processor’, and ‘service’ either explicitly or inherently, has structural meaning for a person of ordinary skill in the art to perform any function7, for the purpose of applying art the Examiner considering any general purpose server, and any general purpose LAN controller,  any general purpose processor, and/or any general purpose service (or whatever that means) to be the structure for performing the functions of the DMZ sever and LAN controller,  first processor, second processor, and service,  112 in Holar is capable of performing all the functions performed by the DMZ Server, the Internal Server 104 in Holar is capable of performing all the functions of the LAN Controller and all the functions of the LAN server, and finally a generic computer used by an External Client 202 is capable of performing all the functions of the Client 11 computer recited in claims 1-28.      
Re: Claim 1
A system for reverse access (See Holar, Abs., Fig. 2, and ¶ [0001] describing a network including a reverse gateway), said system comprising:

a De-Militarized Zone (DMZ) Stack Pool Service located on a device in a De-Militarized Zone, the DMZ Stack Pool Service being configured to store requests received from a client, wherein the requests are stored at a TCP/IP level (Holar Fig. 2, DMZ 112. Holar teaches that “[t]he entire input message has to be stored at least temporarily (e.g., in memory) in the DMZ Server, e.g., pending protocol and/or data conversion.” See also Holar teaches a DMZ Stack Pool, located in a DeMilitarized Zone being configured to store (see above explanation) from a client; wherein said DMZ Stack Pool Service is located in a DeMilitarized Zone, where the DMZ includes a reverse invoke server [00351, Figures 1, 2, & where client requests may be placed in a ''pool'' Holar et al. [00061 see also [00071, [0091-00981 for HTTP client requests.);

a local area network (LAN) Controller located in a LAN, the LAN Controller being configured to check for existence of the requests in the DMZ Stack Pool Service, wherein the checking is performed at the TCP/IP level; and (Holar Fig. 2, DMZ 112. See Holar at the second person who lives in the house occasionally look out the window. If the second person sees someone standing there, that person is let in.” See also Holar at [0040] teaches how an external client request is handles in a reverse invoke scenario, where the DMZ reverse invoke server forwards the client connection information to the internal server via the internal server controller. Holar et al. [0040] see also [0038-0039] & [0049-0050], and where the reverse invoke server may directly route HTTP 1.1 requests [0058-0061], eliminating the need for ancillary services.
	
a DMZ server configured to receive [said requests] an established outbound connection from a LAN server of the LAN (See Holar at ¶ [0030] teaches; “For reverse invoke to work, the internal firewall 108 must still allow a connection (e.g., an outbound connection) from the internal server 104 to the DMZ 110.” See also ¶ [0036], and ¶ [0037]), and to route client request data to the client, wherein the receiving and routing by the DMZ server occurs at the TCP/IP level;
 (This limitation is rejected under 35 USC 112 second ¶, however for the purpose applying prior art the examiner interpreting this limitation as associating (connecting or binding) the outbound connection to the stored request. Holar teaches this limitation. See Holar at ¶ [0028] teaches that, external clients send requests to the reverse invoke server 112, which, in turn, passes the requests to the internal server 104. After processing the requests, the internal server 104 sends the response to the reverse invoke server 112, which in turn, passes them back to the external client. This is done through the outbound connection established by the Internal 

Holar et al. teaches a system for reverse access and teaches all the limitations in claim 1. Holar however, does not explicitly teach that the embodiment wherein said requests are stored at the TCP/IP level,  wherein said checking is performed at the TCP/IP level , and/or wherein receiving and routing by said DMZ server occurs at the TCP/IP level. 
Nevertheless, TCP/IP Networking: An Example delineates that HTTP web requests invoke TCP/IP requests and that such HTTP requests are transferred over TCP connections.
For example, page 3 illustrates "to send the [HTTP] request, HTTP client program establishes a TCP connection to the HTTP server. Those of ordinary skill in the art understand that HTTP is implemented on TCP/IP. HTTP requests ordinarily entail TCP/IP requests as the lower level datagram and transmission over which the HTTP formatted data will be generated. So prevalent is this usage, HTTP requests are normally ascribed to be performed over TCP port 80. Pages 4-7 further delineate how a basic HTTP request invokes TCP and IP requests on which to carry the HTTP request.
	It would have been obvious to one of ordinary skill in the art at the time of invention to run HTTP over TCP/IP, thereby having each HTTP request entail a TCP/IP request. Performing HTTP requests over the TCP/IP was well known in the art at the time the invention was made. Thus, one of ordinary skill in the art would be so motivated to implement the HTTP requests in Holar over TCP/IP in order to take advantage of the benefits associated with the use of TCP/IP protocol. The benefits associated with the use of TCP/IP protocol is, for example; (i) It is an industry–standard model that can be effectively deployed in practical networking problems (ii),

	As to the limitation, wherein the DMZ server does not change data of the requests and the system requires no administrative management after initial installation and configuration, first, the above limitation does not have sufficient written description support in the specification. There is no written support for the above limitations in the specification. The examiner acknowledges that the specification with reference to this claim limitation states, 
“The DMZ Server (20) will accept all Client Requests and route them to the LAN-Server (31), without changing the data that the Client Requests contains.” (Id., at 3:16-18)

“In accordance with this invention as described above, no administrative management is required in the LAN Server (31) to establish or maintain 5 communications after it is initially installed and configured on the LAN (30) and on the DMZ (20).” 

(Id., at 3:10-14)

	However, MPEP with respect to written description support states in part, “[W]hile there is a presumption that an adequate written description of the claimed invention is present in the specification as filed, In. re Wertheim, 541 F.2d 257, 262, 191 USPQ 90, 96 (CCPA 1976), a question as to whether a specification provides an adequate written description may arise in the context of an original claim. An original claim may lack written description support when (1) the claim defines the invention in functional language specifying a desired result but the disclosure fails to sufficiently identify how the function is performed or the result is achieved or” (Id., at 2163.03) In the present situation, does not teach how the above two functional languages are functional languages are accomplished. 
	In other words, if the use of TCP/IP in a reverse access system causes the servers in the system (DMZ service, LAN controller, and DMZ server) do not change data, then the servers in 

	Re: Claim 2 
	 The system of claim 1, wherein computer programs and sensitive data of the LAN server reside only in the LAN (where the sensitive information of the LAN server reside on the internal set of servers. Holar et al. Fig. 2 & 7, See ¶¶ [0136-01381] see also ¶¶ [0038-0040] & [0049-0050] teach of the area between the outer firewall 106 and inner firewall 108). 

	Re: Claim 3 
	Claim 3 is a method claim wherein the steps and functions of the method claim are performed by the elements in the system claim 1. Identified in the rejection of claim 1 are the DMZ, which perform the function of storing. The function of checking is performed by the LAN controller in the Internal Network 104, and the step of receiving is performed by the server invoke server in the DMZ.

  Re: Claim 4
	The method of claim 3, wherein computer programs and sensitive data of LAN server, reside only in the LAN. 
See the rejection of claim 2 above.

Re: Claim 5 
wherein the established outbound connection includes a plurality of established outbound connections. As set forth above, there is no sufficient written description support for this limitation. However, Holar teaches plurality of outbound connections at ¶¶ [0036] [0037]).

  Re: Claim 6
The system of claim 3, wherein the established outbound connection includes a plurality of established outbound connections.	
See the rejection of claim 5 above.

  Re: Claim 7
A system for reverse access (See Holar, Abs., Fig. 2, and ¶ [0001] describing a network including a reverse gateway), said system comprising:
a De-Militarized Zone (DMZ) Stack Pool Service located on a device in a De-Militarized Zone, the DMZ Stack Pool Service being configured to store Transmission Protocol/Internet Protocol (TCP/IP) connection information from a client the TCP/IP connection information comprising an IP-address and an IP-port associated with a service in a local area network (LAN);
(Holar Fig. 2, DMZ 112. Holar teaches that “[t]he entire input message has to be stored at least temporarily (e.g., in memory) in the DMZ Server, e.g., pending protocol and/or data conversion.” See also Holar teaches a DMZ Stack Pool, located in a DeMilitarized Zone being configured to store (see above explanation) from a client; wherein said DMZ Stack Pool Service is located in a DeMilitarized Zone, where the DMZ includes a reverse invoke server [00351, 
As to the connection information, Holar teaches that about the source address and destination address which are stored in the reverse invoke server 112 from any proxy port 204. (Holar Fig. 2 and ¶ [0036]) 
Examiner notates that the specification with respect to “storing” states that the DMZ request is sored but never say that the “client connection information is stored.”(2:46-3:3) assuming that, it is well known in the art that when request is stored, the connection information is stored as well. As such “storing request” is accompanied by “storing connection information”, and “”checking for the request” also include “obtaining the corresponding TCP/IP connection information.” Claim 9 is evidenced that when the “request is stored” the connection information of the request is stored as well. See the limitation, “storing requests received from a client, wherein TCP/IP connection information of said requests are stored in a De-Militarized zone (DMZ) Stack Pool Service,” As such, whenever the request is stored, the “connection information” of the request is stored too.

With that interpretation according to the specification, for the rejection of the limitation, 
a LAN Controller located in the LAN, configured to check for existence of one of the requests in said DMZ Stack Pool Service, the LAN Controller establishing an outbound TCP/IP connection with said DMZ stack pool service to check for the request and obtain the corresponding TCP/IP connection information from the DMZ stack pool service; and see the rejection of claim 1 for the same limitation; 
a DMZ server configured to receive an outbound connection from a LAN server of the LAN, and to use the TCP/IP connection information to route client request data to the corresponding client; See the rejection of claim 1 for the same limitation. 
wherein the DMZ server does not change data of the request. See the rejection of claim 1 for the same limitation.

 	 Re: Claim 8
The system of claim 7, wherein computer programs and sensitive data of the LAN server reside only in the LAN. See the rejection of claim 4 above. 

Re: Claim 9
Claim 9 is drafted to similar to claim 1, except uses plurality of established outbound connections instead of a single “established outbound connections.” As set forth above, with respect to the rejection of claims 9 and 11 under 112 first paragraph, there is no written description support for the plurality of outbound connections, including “first”, “second”, “third”, and “fourth” outbound connections. Considering just one outbound connection, the claim is similar to method claim 3 and rejected for the same reason. See the rejection of claim 3, above.   
 
Re: Claim 10
The method of claim 9, wherein computer programs and sensitive data of the LAN server reside only in the LAN. See the rejection of claim 4 above.

Re: Claims 11 and 12
Id., Holar at ¶¶ [0013], [0014], and Fig. 2 and 4).
     Re: Claim 13
 	As set forth in the rejection of claim under 35 USAC 112 first paragraph, “the first processor”, and the “second processor” do not have sufficient written description support in the specification. However, interpreting the “first processor” to be the “LAN server” and the “second processor” to be the “DMZ server”, system claim is similar to system claim 1, and is rejected for the same reason set forth above with respect to the rejection of claim 1.
    
     Re: Claim 14
	The system of claim 13, wherein the second processor is positioned between the LAN and the WAN. Holar, teaches that the DMZ server is between the internal network 104 and the External Client 202. (Id., at Fig. 2)

Re: Claim 15
wherein the second processor is configured to relay communication between the LAN and the WAN. Holar teaches. “A common communication protocol is implemented on both sides of the DMZ.”  (Id., claim 1)

Re: Claim 16
The system of claim 13, wherein the second processor is separated from the LAN by a firewall (See Holar Fig. 2).

Re: Claim 17
The system of claim 13, wherein the second processor is configured to receive the request from the client from the WAN. (See Holar at Fig. 2, and description at ¶ [0054] teaching that “When the reverse invoke server receives a request from the outside, it forwards it along to the internal server on the already-open connection, thus functioning like a reverse HTTP gateway.”)

Re: Claims 18 and 19
The system of claim 13, wherein the first processor is configured to determine a response to the request from the client, and to send the response to the second processor through the at least one TCP/IP connection. And 
The system of claim 18, wherein the second processor is configured to route the response provided by the first processor to the client.
As set forth above, there is no written description support for any “response” in the specification. As to the establishing any communication between the LAN server and the DMZ 

Re: Claim 20
A method for providing client access to a service that resides within a local area network (LAN) protected by a firewall, comprising: (See Holar, Abs., Fig. 2, and ¶ [0001] describing a network including a reverse gateway), comprising: (Holar Fig. 2, DMZ 112. Holar et al. at [0061] see also [00071, [0091-00981 for HTTP client requests.);
	
receiving, by a server residing outside of the LAN, a request from a client for access to the service; (Holar Fig. 2, DMZ 112. Holar teaches that “[t]he entire input message has to be stored at least temporarily (e.g., in memory) in the DMZ Server, e.g., pending protocol and/or data conversion.” See also Holar teaches a DMZ Stack Pool, located in a DeMilitarized Zone being configured to store (see above explanation) from a client; wherein said DMZ Stack Pool Service is located in a DeMilitarized Zone, where the DMZ includes a reverse invoke server [00351, Figures 1, 2, & where client requests may be placed in a ''pool'' Holar et al. [00061 see also [00071, [0091-00981 for HTTP client requests.);
	
relaying, by the server residing outside of the LAN, the request from the client for access to the service at a TCP/IP level: (See Holar Fig. 2, DMZ 112, and at [0005] and [0006], the analogy for reverse invoke server, “The reverse invoke solution in this analogy is to have the second person who lives in the house occasionally look out the window. If the second person sees someone standing there, that person is let in.” See also Holar at [0040] teaches how an external client request is handles in a reverse invoke scenario, where the DMZ reverse invoke server forwards the client connection information to the internal server via the internal server controller. Holar et al. [0040] see also [0038-0039] & [0049-0050], and where the reverse invoke server may directly route HTTP 1.1 requests [0058-0061], eliminating the need for ancillary services.
	
establishing a Transmission Control Protocol/Internet Protocol (TCP/IP) connection between the server residing outside of the LAN and the service; and
	(See Holar at ¶ [0030] teaches; “For reverse invoke to work, the internal firewall 108 must still allow a connection (e.g., an outbound connection) from the internal server 104 to the DMZ 110.” See also ¶ [0036], and ¶ [0037]), and to route said established outbound connection to said requests [to said client], wherein receiving and routing by said DMZ server occurs at the TCP/IP level;
 (This limitation is rejected under 35 USC 112 second ¶, however for the purpose applying prior art the examiner interpreting this limitation as associating (connecting or binding) the outbound connection to the stored request. Holar teaches this limitation. See Holar at ¶ [0028] teaches that, external clients send requests to the reverse invoke server 112, which, in turn, passes the requests to the internal server 104. 
transferring, on the TCP/IP connection and at the TCP/IP level, data provided by the service in response to the request. 
After processing the requests, the internal server 104 sends the response to the reverse invoke server 112, which in turn, passes them back to the external client. This is done through 
Holar et al. teaches a system for reverse access and teaches all the limitations in claim 20.  Holar however, does not explicitly teach that the embodiment the requests from the client for access to service at the TCP/IP level, and/or transforming, on the TCP/IP connection and at the TCP/IP level. 

Nevertheless, TCP/IP Networking: An Example delineates that HTTP web requests invoke TCP/IP requests and that such HTTP requests are transferred over TCP/IP connections.
	As stated in response to Applicants arguments with respect to rejection of claims under 35 U.S.C. § 112 first paragraph, when combination of prior arts, show all the functions in claim 20, and use TCP/IP protocol for communication, then all those functions are necessarily at TCP/IP level. 
For example, page 3 of the TCP/IP Networking illustrates "to send the [HTTP] request, HTTP client program establishes a TCP connection to the HTTP server. Those of ordinary skill in the art understand that HTTP is implemented on TCP/IP. HTTP requests ordinarily entail TCP/IP requests as the lower level datagram and transmission over which the HTTP formatted data will be generated. So prevalent is this usage, HTTP requests are normally ascribed to be performed over TCP port 80. Pages 4-7 further delineate how a basic HTTP request invokes TCP and IP requests on which to carry the HTTP request.
	It would have been obvious to one of ordinary skill in the art at the time of invention to run HTTP over TCP/IP, thereby having each HTTP request entail a TCP/IP request and 
It is interoperable, i.e., it allows cross-platform communications among heterogeneous networks, (iii) It is an open protocol suite. ...(iv) It is a scalable, client-server architecture. 

	Re: Claim 21
The method of claim 20, wherein the server is positioned between the LAN and a wide area network (WAN).  See Fig. 2 in Holar. Also, identified in the rejection of claim 20 are the DMZ, which is between the LAN (Internal Network) and the Internet.

 Re: Claim 21
The method of claim 20, wherein the server is positioned between the LAN and the WAN. See Holar teaches. The DMZ is positioned between Internal server and Internet (Fig. 1)
Re: Claim 22

The method of claim 21, wherein the server is configured to relay communication between the LAN and the WAN. See Holar teaches. “A common communication protocol is implemented on both sides of the DMZ.” 
Re: Claim 23
wherein the server is separated from the LAN by the firewall. See Horal Figs. 1 and 2.

Re: Claim 24
The method of claim 21, wherein the server is configured to receive from the WAN, the request from the client for access to the service. See Holar teaches “external clients send requests to the reverse invoke server 112 which, in turn, passes the requests to the internal server 104.” (Id., at [0024}, [0028], and [0031]).

 Re: Claim 25
The method of claim 20, wherein the service is configured to send a response to the request to the server through the TCP/IP connection. See Holar teaches, “The internal server 104 sends a response to the reverse invoke server 112 (line 4). The reverse invoke server 112 forwards the response back to the trading partner (line 5).”  (Id., at [0029]) and “The internal server 104 processes the request, and then sends a response to the reverse invoke server 112. The reverse invoke server 112 sends a response to the external client 202” (Id., at [0040]). 

Re: Claim 26
The method of claim 25, wherein the server is configured to route the response to the client. See Holar teaches “The internal server 104 processes the request, and then sends a response to the reverse invoke server 112. The reverse invoke server 112 sends a response to the external client 202.” (Id., at [0040]).
Re: Claim 27
and a DMZ server configured to receive an established outbound connection from a LAN server of the LAN, and create a connection binder between the requests received from the client and the established outbound connection.” However, Holar teaches a connection binder that “(2) specify a bind address (e.g., providing the ability to bind to a specific IP address on a machine).” (Holar at ¶ [0066]).

Re: Claim 28
Claim 28 is similar to method claim 3, and is rejected as explained in the rejection of claim 3, additionally reciting a “a connection binder” in the limitation related to, “receiving an established outbound connection from a LAN server of the LAN, and creating a connection binder between the requests received from the client and the established outbound connection.” However, Holar teaches a connection binder that “(2) specify a bind address (e.g., providing the ability to bind to a specific IP address on a machine).” (Holar at ¶ [0066])
	
Conclusion
32.	THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, 
	Any inquiry concerning this communication or earlier communications from the
Examiner should be directed to Majid Banankhah whose telephone number is (571)272-
3770. The examiner can normally be reached on Monday to Thur. 7:30 am to 4:30 pm, F. 8:00 am-noon, *Pacific Time. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's
Supervisor, Hetul Patel can be reached on (571) 272-4184. The fax phone number for the organization where this application or proceeding is assigned is 571-273-9000.		
	Information regarding the status of an application may be obtained from the
Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only.
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Signed:

/MAJID A BANANKHAH/Reexamination Specialist, Art Unit 3992                                                                                                                                                                                                        


Conferees:

/Ovidio Escalante/
Primary Examiner, Art Unit 3992

/HBP/


    
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
    

    
        1 These are addressed by Applicant at Fig. 1 and at 1:21-25 (e.g., “Any computer running programs that provide services to users outside of the organization internal network can be placed on the DMZ”), or addressed at 2:16-32 (e.g., ‘LAN Server’, and ‘DMZ Server) or addressed at 2”36-42 (e.g., ‘LAN Server’, “LAN Controller’, or ‘DMZ Server’) 
        2 Applicant in his remarks referring to 1412(II.) while the correct address is 1412.01(II.)
        3 The specification does not even mention the word ‘embodiment’ let alone different embodiment.
        4 Perhaps, the claim should read as “a DMZ server configured to receive an established outbound connection from LAN server of the LAN.”
        5 Applicant’s attention is directed to claim 1 in the related patent 10,110,606 and claim 1 which recite, “generating, by the LAN Server, two TCP/IP connections, a first TCP/IP connection being to the Service and a second TCP/IP being an outbound connection to the DMZ Server, and wherein the LAN server creates a Connection Binder in the LAN Server between the Service and the outbound connections.” In here, the claim is properly directed to two [2] connections, one “TCP/IP connection” to the service (See the Service connection from 31 to 33 in Fig. 1) and the second one is the “TCP/IP outbound connection” from the LAN to the DMZ (See the outbound connection from 31 to 21 in Fig. 1)
        6 Claims 1, 7, 9, and 27, recite, “the DMZ server do[es] not change the data of the request”, while claims 3 and 28 uses a different variation of the phrase, such as “the storing and routing does not change data of the requests.”
        7 Meaning that a generic “LAN controller,” “DMZ server,” “first processor,” “second processor,” and “service” can perform the functions recited in the claim.