DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
The following is an examiner’s statement of reasons for allowance: the claims require 
connecting a security device inline between a first port placed in communication with a network computer system and a second port placed in communication with network hardware of a computer network;
intercepting, by the security device, network traffic of the computer network flowing from the network hardware to the network computer system;
analyzing the network traffic intercepted by the security device for a threat level of the network traffic exceeding a pre-set safe level;
modulating a gate of the security device as a function of the threat level, wherein opening the gate in response to security threat creates an air gap preventing network traffic from passing from the second port through the security device to the first port in communication with the network computer system;
determining, by the security device, that the threat level of the network traffic exceeds the pre-set safe level;
further determining, by the security device, that the threat level of the network traffic is less than a maximum threat level or maximum threat level range set by the security device;

in response to said buffering, opening or closing the gate.

Available prior art such as Kuperman and Lefebvre teach modulating a gate based on a preset safe level to protect a system from malicious data. The combination does not teach the threat level being above a preset safe level but below a maximum threat level and buffering the anomalous data and then further determining an action to be performed. 
20222 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Claims 1-20 are allowed.

EXAMINER’S AMENDMENT
Authorization for this examiner’s amendment was given in an interview with Jack Friedman on 2/8/2020.
The application has been amended as follows: 

1. (Currently amended) A computer-implemented method comprising:

intercepting, by the security device, network traffic of the computer network flowing from the network hardware to the network computer system;
analyzing the network traffic intercepted by the security device for a threat level of the network traffic exceeding a pre-set safe level; [[and]]
modulating a gate of the security device as a function of the threat level, wherein opening the gate in response to security threat creates an air gap preventing network traffic from passing from the second port through the security device to the first port in communication with the network computer system;
determining, by the security device, that the threat level of the network traffic exceeds the pre-set safe level;
further determining, by the security device, that the threat level of the network traffic is less than a maximum threat level or maximum threat level range set by the security device;
buffering the network traffic received by the security device in an on-board buffer, preventing the network traffic from entering the network computer system; and
in response to said buffering, opening or closing the gate.

4. (Currently amended) The computer-implemented method of claim 1, said method further comprising:



prior to said opening or closing the gate, 
transmitting metadata or compressed data of the network traffic to cloud-based analytics determining a correlation between a threat posed by the network traffic and known threats to computer systems; and
receiving from the cloud-based analytics, a decision to modulate the gate of the security device into an open or closed position as a function of the correlation between the threat posed by the network traffic and the known threats to the computer systems, wherein opening the gate creates an air gap between the second port and the first port, preventing the network traffic from passing from the network hardware through the security device and to the network computer system and closing the gate releases the network traffic from the buffer, allowing the network traffic to pass through the security device and to the network computer system.
	


a security device connected inline between a first port placed in communication with a network computer system and a second port placed in communication with network hardware of a computer network;
at least one processor placed in electronic communication with the security device; and
a computer-readable storage media coupled to the at least one processor, wherein the computer-readable storage media contains program instructions executing a computer-implemented method comprising:
intercepting, by the security device, network traffic of the computer network flowing from the network hardware to the network computer system,
analyzing the network traffic intercepted by the security device for a threat level exceeding a pre-set safe level, [[and]]
modulating a gate of the security device as a function of the threat level, wherein opening the gate in response to security threat creates an air gap preventing network traffic from passing from the second port through the security device to the first port in communication with the network computer system;
determining, by the security device, that the threat level of the network traffic exceeds the pre-set safe level;
further determining, by the security device, that the threat level of the network traffic is less than a maximum threat level or maximum threat level range set by the security device;
buffering the network traffic received by the security device in an on-board buffer, preventing the network traffic from entering the network computer system; and
in response to said buffering, opening or closing the gate.

11. (Currently amended) The computer system of claim 8, further comprising:



prior to said opening or closing the gate, 
transmitting metadata or compressed data of the network traffic to a cloud-based analytics determining a correlation between a threat of the network traffic and known threats to computer systems; and
receiving from the cloud-based analytics, a decision to modulate the gate of the security device into an open or closed position as a function of the correlation between the threat of the network traffic and the known threats to the computer systems, wherein opening the gate creates an air gap between the second port and the first port, preventing the network traffic from passing from the network hardware through the security device and to the network computer 



one or more computer-readable storage media having computer-readable program instructions stored on the one or more computer-readable storage media, said program instructions executes a computer-implemented method comprising:
intercepting, by a security device connected inline between a first port placed in communication with a network computer system and a second port placed in communication with network hardware of a computer network, network traffic of the computer network flowing from the network hardware to the network computer system;
analyzing the network traffic intercepted by the security device for a threat level exceeding a pre-set safe level; [[and]]
modulating a gate of the security device as a function of the threat level, wherein opening the gate in response to security threat creates an air gap preventing network traffic from passing from the second port through the security device to the first port in communication with the network computer system;
determining, by the security device, that the threat level of the network traffic exceeds the pre-set safe level;
further determining, by the security device, that the threat level of the network traffic is less than a maximum threat level or maximum threat level range set by the security device;
buffering the network traffic received by the security device in an on-board buffer, preventing the network traffic from entering the network computer system; and
in response to said buffering, opening or closing the gate.

18. (Currently amended) The computer program product of claim 15, further comprising:



prior to said opening or closing the gate, 
transmitting metadata or compressed data of the network traffic to a cloud-based analytics determining a correlation between a threat of the network traffic and known threats to computer systems; and
receiving from the cloud-based analytics, a decision to modulate the gate of the security device into an open or closed position as a function of the correlation between the threat of the network traffic and the known threats to the computer systems, wherein opening the gate creates an air gap between the second port and the first port, preventing the network traffic from passing from the network hardware through the security device and to the network computer system and closing the gate releases the network traffic from the buffer, allowing the network traffic to pass through the security device and to the network computer system.
Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLUGBENGA O IDOWU whose telephone number is (571)270-1450. The examiner can normally be reached Monday-Friday 8am - 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/OLUGBENGA O IDOWU/Primary Examiner, Art Unit 2494