DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/20/2021 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiners.
     
Response to Amendment
The amendments filed on October 14, 2021 have been entered.
Claims 1, 5, 8, 12, 15, and 19 have been amended.
Claims 2-4, 6, 9-11, 13, 16-18, and 20 have been cancelled.

Response to Arguments
Applicant’s arguments filed on October 14, 2021 have been considered but are moot in view of the new grounds of the current rejection. 












Claim Objections
Claims 1, 5, 12, and 19 are objected to because of the following informality:

	Claim 1 	“first data conduit that is further configured to receive, inspect and output data packets at at less than or equal to a first transfer rate per unit time” should read (Examiner’s suggestion) “first data conduit that is further configured to receive, inspect and output data packets at a less than or equal to a first transfer rate per unit time.”

	Claim 5	“wherein each of the complementary pairs of data conduits is coupled in parallel to the other of the complementary pairs of data conduits within the packet inspection architecture.” The examiners suggest to look at the previously presented Claim 2 (Currently cancelled), as it has predefined the complementary pairs.

Claim 12	“wherein each complementary pair of data conduits is coupled in parallel to the other of the complementary pair of data conduits within the packet inspection architecture.” The examiners suggest to look at the previously presented Claim 2 (Currently cancelled), as it has predefined the complementary pairs.

Claim 19	“wherein each of the complementary pairs of data conduits is coupled in parallel to the other of the complementary pairs of data conduits within the packet inspection architecture.” The examiners suggest to look at the previously presented Claim 2 (Currently cancelled), as it has predefined the complementary pairs.

Appropriate correction is required.







Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1 and 8.		Claim 1 limitations “determination module”, and “selection module”; claim 8 limitations “determination module”, and “selection module”; and claim 8 limitations “determining module”, “second searching module” have been evaluated under the three-prong test set forth in MPEP § 2181, subsection I, but the result is inconclusive. Thus, it is unclear whether these limitations should be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the written description fails to clarify link or associate the disclosed structure, material or acts to the claimed function such that one of the ordinary skill in the art would recognize what structure, material, or acts perform the claimed function. The boundaries of this claim limitation are ambiguous; therefore, the claims are indefinite and are rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.  
In response to this rejection, applicant must clarify whether these limitations should be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. Mere assertion regarding applicant’s intent to invoke or not invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph is insufficient. Applicant may:
(a)          Amend the claims to clearly invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, by reciting “means” or a generic placeholder for means, or by reciting “step.” The “means,” generic placeholder, or “step” must be modified by functional language, and must not be modified by sufficient structure, material, or acts for performing the claimed function;
(b)          Present a sufficient showing that 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, should apply because the claim limitation recites a function to be performed and does not recite sufficient structure, material, or acts to perform that function; 

(d)          Present a sufficient showing that 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, does not apply because the limitation does not recite a function or does recite a function along with sufficient structure, material or acts to perform that function.

Claims 5 and 7 are rejected under 35 U.S.C. 112(b) as they depend on Claim 1.

Claims 12 and 14 are rejected under 35 U.S.C. 112(b) as they depend on Claim 8.





















Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1, 5, 7, 8, 12, and 14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. 

In claims 1 and 8, the applicant is seeking to patent an architecture comprising a determination module and selection module, the examiner checked the specification and the specification discloses in Parag. [0084-0085] that a logic block 205, used for parsing the data, may be used as a deep packet size determination module and/or a deep packet conduit selection module; in addition, Parag. [0118] discloses implemented on a computer-readable medium, for example, by storing computer-executable instructions or modules. The specification limits the modules to only software modules. Therefore, the claims do not fall within the four categories of invention - a process, machine, article of manufacture or composition of matter. One of ordinary skill in the art would give the broadest reasonable interpretation of the claims to include software per se. There are no hardware components, such as a processor and a non-transitory computer readable medium, explicitly recited in the claims. A machine is defined as a concrete thing, consisting of parts, or of certain devices and combination of devices (Burr v. Duryee, 68 U.S. (1 Wall.) 531, 570, 17 L. Ed. 650 (1863) and this definition includes every mechanical device or combination of mechanical powers and devices to perform some function and produce a certain effect or result (Corning v. Burden, 56 U.S. 252, 267, 14 L. Ed. 683 (1854) (see MPEP § 2106 I. i1.)).

Claims 5 and 7 are rejected under 35 U.S.C. 101 because they depend on claim 1.

Claims 12 and 14 are rejected under 35 U.S.C. 101 because they depend on claim 8.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim 1 is rejected under 35 U.S.C. 103 as being unpatentable over  Brebner (Patent No. US 8,775,685), in view of Allen et al. (Pub. No. US 2020/0403905), hereinafter Allen, and in view of Sharma et al. (Pub. No. US 2003/0067876), hereinafter Sharma. 

Claim 1. 	Brebner discloses a deep packet inspection architecture, said deep packet inspection architecture for providing data diversion paths for limiting bandwidth consumption by the deep packet inspection architecture, said diversion paths formed from a plurality of data conduits (i.e., pipelines), said plurality of conduits comprising a first data packet inspection conduit and a second data packet inspection conduit, said deep packet inspection architecture for diverting data packets selected from a data stream into one of a plurality of data conduits (Col. 3 lines 7-10; (The art relate to communication protocols, and , the deep packet inspection architecture comprising: 
a data packet size determination module, said data packet size determination module for determining a data packet size of a data packet in a data stream (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets are determined and each packet is assigned to a respective one of a plurality of processing pipelines for processing)); 
a data packet conduit selection module, the data packet conduit selection module for selecting, for data packet inspection, a conduit from among the plurality of conduits, said selecting the conduit that depends on a data packet size of the data packet (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets are determined and each packet is assigned to a respective one of a plurality of processing pipelines for processing. Assignment of packets is performed as a function of the respective packet size of the packet and a processing size of the processing pipelines. The processing size associated with one of the processing pipelines being different from the processing size associated with at least one other of the processing pipelines. The respective packet size of the packet being less than or equal to the processing size associated with the assigned one of the processing pipelines));  
wherein the first data conduit is configured to receive and inspect data packets that include a data packet size that is greater than a predetermined data packet size (Col. 2 lines 38-Col. 4 lines 1-8; (The art teaches that each processing pipeline is configured and arranged to process packets having a size greater than or equal to the associated processing size. The scheduling circuit is coupled to the K processing pipelines and is configured and arranged to determine respective packet sizes of one or more packets input in parallel from a bus and assign each packet of the one or more packets for processing by one of the K processing pipelines as a function of the respective packet size of the packet and the processing sizes associated the processing pipelines. The respective packet size of each packet is less than or equal to the ; and  
the second data conduit is configured to receive and inspect data packets that include a data packet size that is less than or equal to the predetermined data packet size (Col. 2 lines 38-Col. 4 lines 1-8; (The art teaches that each processing pipeline is configured and arranged to process packets having a size greater than or equal to the associated processing size. The scheduling circuit is coupled to the K processing pipelines and is configured and arranged to determine respective packet sizes of one or more packets input in parallel from a bus and assign each packet of the one or more packets for processing by one of the K processing pipelines as a function of the respective packet size of the packet and the processing sizes associated the processing pipelines. The respective packet size of each packet is less than or equal to the processing size associated with the assigned one of the K processing pipelines. The art teaches that in an example five different parallel packet processing pipelines with different processing sizes may be implemented. The different processing sizes are 256-byte (i.e., first pipeline), 128-byte (i.e., second pipeline for data packet size that is less than or equal to the predetermined data packet size of the first pipeline), 80-byte, 64-byte, and 48-byte)).  
Brebner doesn’t explicitly disclose that the first data conduit that is further configured to receive, inspect and output data packets at at less than or equal to a first transfer rate per unit time, said first transfer rate per unit time that comprises a magnitude; second data conduit that is further configured to receive, inspect and output data packets at a second transfer rate per unit time, said second transfer rate per unit time that comprises a magnitude that is greater than the magnitude of the first transfer rate per unit time; wherein: each of the first and second data conduits (i.e., pipelines) is operable to review and analyze data packets; -2-each of the first and second data conduits is operable to review and analyze the data at a different security level from the other data conduit; and said review and analysis of the data packets is based on flow characteristics of the data packets in a data stream, said flow characteristics that indicate a likelihood of intrusion detection and/or lack thereof.
However, Allen discloses wherein: 
each of the first and second data conduits (i.e., pipelines) is operable to review and analyze data packets; -2-each of the first and second data conduits is operable to review and analyze the data at a different security level from the other data conduit (Parag. [0028], Parag. [0066-0068], Parag. [0074], and Fig. 7-8; (The art teaches a packet processing application vendor may design a complex packet processing pipeline that is able to detect attempted network attacks very rapidly (e.g., using sophisticated pattern matching or machine learning algorithms), and use the server-less packet processing service SPPS to implement virtual appliances that are able to implement such pipelines. By design, the SPPS may be tightly integrated with the IVN infrastructure in at least some embodiments—e.g., packet processing operations for implementing and enforcing IVN configuration requirements (e.g., security rules selected by the clients on whose behalf the IVNs have been set up, routing rules of the IVNs, and the like) may be implemented transparently, together with vendor-supplied packet processing pipelines that implement the appliance logic. The art teaches in Fig. 7 that packet processing pipelines comprising multiple stages (i.e., different levels), according to at least some embodiments. Two types of pipelines are shown, where each of the pipelines 705 and 715 may have one or more stages represented by respective nodes in a directed acyclic graph (DAG), one or more entry points and one or more exit points in the depicted embodiment. An exit point may comprise a networking construct (such as a virtual network interface) that can be used to direct traffic to, or transfer traffic from, the nodes at which the pipeline logic is implemented. FIG. 8 illustrates example mappings of packet processing pipeline stages to nodes of a packet processing service, according to at least some embodiments. Depending on the logic of the packet processing application being implemented, a given pipeline may be implemented entirely within an FPPN, or the work of different groups of one or more stages may be performed at respective FPPNs. For example, an FPPN 812A may be used to perform operations corresponding to each of the stages (810A, 810B, 810C, 810D 810K, etc.) of one pipeline 815A (i.e., first pipeline). In contrast, for pipeline 815B (i.e., second pipeline), several different FPPNs may be used (i.e., different level): FPPN 812B for stages 810P and 810Q, FPPN 812C for stages 810R and 810S, and FPPN 812D for stage 810T. Further, the art teaches that some of the aspects of the pipeline-based approach towards packet processing, using small efficient programs that can be run very quickly at each stage of a pipeline. A given stage may have one rule or multiple rules. Some rules may simply be used to add context information for the packet for analysis during subsequent stages)); and 
said review and analysis of the data packets is based on flow characteristics of the data packets in a data stream, said flow characteristics that indicate a likelihood of intrusion detection and/or lack thereof (Parag. [0039]; (The art teaches that a wide variety of packet processing applications may be supported at an SPPS via the pipeline-based approach. Such applications may include transferring data securely to or from a virtual private network, intrusion detection, per-user or per-group bandwidth usage tracking, load balancing, secure transmission of data between a provider network data center and a premise external to the provider network)).   
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner to incorporate the teaching of Allen. This would be convenient for achieving various advantages and practical applications/benefits such as enabling very high volumes of message traffic to be processed efficiently in accordance with customizable packet processing application pipelines, using automatically scaled fleets of packet processing nodes, and enhancing the security of packet processing applications (Parag. [0029]).
Sharma discloses that the first data conduit that is further configured to receive, inspect and output data packets at at less than or equal to a first transfer rate per unit time, said first transfer rate per unit time that comprises a magnitude; second data conduit that is further configured to receive, inspect and output data packets at a second transfer rate per unit time, said second transfer rate per unit time that comprises a magnitude that is greater than the magnitude of the first transfer rate per unit time (Parag. [0002], Parag. [0056], and Fig. 3; (According to Fig. 3, different pipes (i.e., first and second pipes) are associated with different pipe rates (e.g. the rate of Pipe 3 (i.e., second pipe) has a magnitude that is greater than the rate of Pipe 2 (first rate)). The rate is per second)). 
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner in view of Allen to incorporate the teaching of Sharma. This would be convenient for maintaining service levels at a relatively low cost for network service providers (Parag. [0002]).



Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over  Brebner (Patent No. US 8,775,685), in view of Allen et al. (Pub. No. US 2020/0403905), hereinafter Allen, in view of Sharma et al. (Pub. No. US 2003/0067876), hereinafter Sharma, and in view of Shanbhag et al. (Pub. No. US 2019/0306034), hereinafter Shanbhag.

Claim 5. 	Brebner in view of Allen and Sharma discloses the architecture of claim 1, 
Brebner further discloses wherein each of the complementary pairs of data conduits is coupled in parallel to the other of the complementary pairs of data conduits within the packet inspection architecture (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets are determined and each packet is assigned to a respective one of a plurality of processing pipelines for processing. Assignment of packets is performed as a function of the respective packet size of the packet and a processing size of the processing pipelines. The processing size associated with one of the processing pipelines being different from the processing size associated with at least one other of the processing pipelines. The respective packet size of the packet being less than or equal to the processing size associated with the assigned one of the processing pipelines)).   
Brebner doesn’t explicitly disclose that the packet inspection architecture is a deep packet inspection architecture.
However, Shanbhag discloses that the packet inspection architecture is a deep packet inspection architecture (Parag. [0008]; (The art teaches programmable policy engine at each of a sniffing access points serving as intrusion detection sensors to sniff traffic at various locations on the Wi-Fi network are reprogrammed dynamically. The adjustments reprogram a sniffing pipeline at each of the intrusion detection sensors including adjusting an endpoint device for sending sniffed traffic and dropping more traffic during deep packet inspection)).
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner to incorporate the teaching of Shanbhag. This would be convenient for achieving many advantages such as detailed inspection, analyze network usage, troubleshoot network performance, ensure that data is in the correct format, and check for malicious code.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over  Brebner (Patent No. US 8,775,685), in view of Allen et al. (Pub. No. US 2020/0403905), hereinafter Allen, in view of Sharma et al. (Pub. No. US 2003/0067876), hereinafter Sharma, and in view of Gallatin et al. (Pub. No. US 2005/0254490), hereinafter Gallatin. 

Claim 7. 	Brebner in view of Allen and Sharma discloses the architecture of claim 1,  
The combination doesn’t explicitly disclose wherein said diverting data packets into plurality of data conduits comprises diverting packets using port mirroring or using an optical splitter.  
However, Gallatin discloses wherein said diverting data packets into plurality of data conduits comprises diverting packets using port mirroring or using an optical splitter (Parag. [0039-0040] and Claim 14; (The art teaches that the movement of packets between the ports is implemented by port mirroring and redirecting packets from an ingress port to an egress port)).
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the combination to incorporate the teaching of Gallatin. This would be convenient in a system and method for allowing improved networking monitoring in a network that has packet switches. The system and method should be compatible with existing packet switches and easily adapted to a network environment and should be cost effective (Parag. [0046]). 
 
Claims 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over  Brebner (Patent No. US 8,775,685), in view of Allen et al. (Pub. No. US 2020/0403905), hereinafter Allen, in view of Sharma et al. (Pub. No. US 2003/0067876), hereinafter Sharma, and in view of Gibbons (Patent. No. US 9,825,953). 

Claim 8. 	Brebner discloses a deep packet inspection architecture, said deep packet inspection architecture for providing data diversion path for limiting bandwidth consumption by the deep packet inspection architecture, said diversion paths formed from a plurality of data conduits  (i.e., pipelines), said plurality of conduits comprising a first data packet inspection conduit and a second data packet inspection conduit, said deep packet inspection architecture for diverting data packets in a data stream into one of the plurality of data conduits (Col. 3 lines 7-10; (The art relate to communication protocols, and more particularly to packet processors for manipulating data packets. The art teaches a hardware-efficient parallel architecture for a packet processing circuit. The packet processing circuit includes a plurality of processing pipelines for processing received packets in parallel)), the deep packet inspection architecture comprising: 
a data packet size determination module, said data packet size determination module for determining a data packet size of a data packet in the data stream (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets are determined and each packet is assigned to a respective one of a plurality of processing pipelines for processing));  
-3-a data packet conduit selection module, the data packet conduit selection module for selecting, for data packet inspection, a conduit from among the plurality of conduits, said selecting the conduit that depends on a data packet size of the data packet (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets are determined and each packet is assigned to a respective one of a plurality of processing pipelines for processing. Assignment of packets is performed as a function of the respective packet size of the packet and a processing size of the processing pipelines. The processing size associated with one of the processing pipelines being different from the processing size associated with at least one other of the processing pipelines. The respective packet size of the packet being less than or equal to the processing size associated with the assigned one of the processing pipelines));  
wherein the first data conduit is configured to receive and inspect data packets that include a data packet size that is greater than a predetermined data packet size (Col. 2 lines 38-Col. 4 lines 1-8; (The art teaches that each processing pipeline is configured and arranged to process packets having a size greater than or equal to the associated processing size. The scheduling circuit is coupled to the K processing pipelines and is configured and arranged to determine respective packet sizes of one or more packets input in parallel from a bus and assign each packet of the one or more packets for processing by one of the K processing pipelines as a ;  
the second data conduit is configured to receive and inspect data packets that include a data packet size that is less than or equal to the predetermined data packet size (Col. 2 lines 38-Col. 4 lines 1-8; (The art teaches that each processing pipeline is configured and arranged to process packets having a size greater than or equal to the associated processing size. The scheduling circuit is coupled to the K processing pipelines and is configured and arranged to determine respective packet sizes of one or more packets input in parallel from a bus and assign each packet of the one or more packets for processing by one of the K processing pipelines as a function of the respective packet size of the packet and the processing sizes associated the processing pipelines. The respective packet size of each packet is less than or equal to the processing size associated with the assigned one of the K processing pipelines. The art teaches that in an example five different parallel packet processing pipelines with different processing sizes may be implemented. The different processing sizes are 256-byte (i.e., first pipeline), 128-byte (i.e., second pipeline for data packet size that is less than or equal to the predetermined data packet size of the first pipeline), 80-byte, 64-byte, and 48-byte)),
Brebner doesn’t explicitly discloses that the said data stream that transfers data packets at a first transfer rate per unit time; first data conduit that is further configured to receive, inspect and output data packets at a second transfer rate per unit time, said second transfer rate per unit time that is less than said first transfer rate per unit time; second data conduit that is further configured to receive, inspect and output data packets at a third transfer rate per unit time, said third transfer rate per unit time that is less than the first transfer rate per unit time and greater than the second transfer rate per unit time; wherein the selected data packets are compared against data records stored in an Authorized Data Source to validate the data; wherein the selected data that does not conform to the ADS is corrected to conform to the ADS; and the corrected data is marked as validated, wherein: each of the first and second data conduits is operable to review and analyze data packets; each of the first and second data conduits is operable to review and analyze the data at a different security level from the other data conduit; and said review and analysis of the data packets is based on flow characteristics of the data packets in a data stream, said flow characteristics that indicate a likelihood of intrusion detection and/or lack thereof.  
However, Allen discloses wherein: 
each of the first and second data conduits (i.e., pipelines) is operable to review and analyze data packets; each of the first and second data conduits is operable to review and analyze the data at a different security level from the other data conduit (Parag. [0028], Parag. [0066-0068], Parag. [0074], and Fig. 7-8; (The art teaches a packet processing application vendor may design a complex packet processing pipeline that is able to detect attempted network attacks very rapidly (e.g., using sophisticated pattern matching or machine learning algorithms), and use the server-less packet processing service SPPS to implement virtual appliances that are able to implement such pipelines. By design, the SPPS may be tightly integrated with the IVN infrastructure in at least some embodiments—e.g., packet processing operations for implementing and enforcing IVN configuration requirements (e.g., security rules selected by the clients on whose behalf the IVNs have been set up, routing rules of the IVNs, and the like) may be implemented transparently, together with vendor-supplied packet processing pipelines that implement the appliance logic. The art teaches in Fig. 7 that packet processing pipelines comprising multiple stages (i.e., different levels), according to at least some embodiments. Two types of pipelines are shown, where each of the pipelines 705 and 715 may have one or more stages represented by respective nodes in a directed acyclic graph (DAG), one or more entry points and one or more exit points in the depicted embodiment. An exit point may comprise a networking construct (such as a virtual network interface) that can be used to direct traffic to, or transfer traffic from, the nodes at which the pipeline logic is implemented. FIG. 8 illustrates example mappings of packet processing pipeline stages to nodes of a packet processing service, according to at least some embodiments. Depending on the logic of the packet processing application being implemented, a given pipeline may be implemented entirely within an FPPN, or the work of different groups of one or more stages may be performed at respective FPPNs. For example, an FPPN 812A may be used to perform operations corresponding to each of the stages (810A, 810B, 810C, 810D 810K, etc.) of one pipeline 815A (i.e., first pipeline). In contrast, for ; and 
said review and analysis of the data packets is based on flow characteristics of the data packets in a data stream, said flow characteristics that indicate a likelihood of intrusion detection and/or lack thereof (Parag. [0039]; (The art teaches that a wide variety of packet processing applications may be supported at an SPPS via the pipeline-based approach. Such applications may include transferring data securely to or from a virtual private network, intrusion detection, per-user or per-group bandwidth usage tracking, load balancing, secure transmission of data between a provider network data center and a premise external to the provider network)).   
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner to incorporate the teaching of Allen. This would be convenient for achieving various advantages and practical applications/benefits such as enabling very high volumes of message traffic to be processed efficiently in accordance with customizable packet processing application pipelines, using automatically scaled fleets of packet processing nodes, and enhancing the security of packet processing applications (Parag. [0029]).
Sharma discloses said data stream that transfers data packets at a first transfer rate per unit time; first data conduit that is further configured to receive, inspect and output data packets at a second transfer rate per unit time, said second transfer rate per unit time that is less than said first transfer rate per unit time; and said second data conduit that is further configured to receive, inspect and output data packets at a third transfer rate per unit time, said third transfer rate per unit time that is less than the first transfer rate per unit time and greater than the second transfer rate per unit time (Parag. [0002], Parag. [0009], Parag. [0056], and Fig. 3; (The art teaches "splitting" the incoming high-speed (i.e., first transfer rate) stream S into several lower-speed streams s.sub.1-s.sub.N the average rate of which is substantially equal to R/N, (where N is the number of lower stream into which the high speed stream S is split). According to Fig. 3, different pipes (i.e., first and second pipes) are . 
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner in view of Allen to incorporate the teaching of Sharma. This would be convenient for maintaining service levels at a relatively low cost for network service providers (Parag. [0002]). 
		Gibbons discloses wherein the selected data packets are compared against data records stored in an Authorized Data Source to validate the data (Col. 14 lines 15-46 and Claim 1; (The art teaches comparing the one or more fields associated with the received data with the one or more fields associated with the data categorized under the same domain and/or domain type. A mismatch is due to dropped packet instances, A reconciliation process includes determining whether the one or more data fields associated with the data received by the authorized data source is consistent with the data received by the system from the one or more systems of record for mapping)); wherein the selected data that does not conform to the ADS is corrected to conform to the ADS (Col. 7 lines 45-67, Col. 8 lines 1-10, Col. 14 lines 15-46, and Claim 1; (The art teaches determining that the data fields do not match further comprises determining that the data is at least incomplete, inaccurate, or inconsistent. In this regard, the system is configured to initiate a reconciliation process with one or more systems of record associated with the data. The reconciliation process includes determining whether the one or more data fields associated with the data received by the authorized data source is consistent with the data received by the system from the one or more systems of record for mapping. A mismatch is due to dropped packet instances. The art teaches categorizing the data into at least one of the one or more domains and the one or more data types, wherein categorizing the data further comprises reconciling the data and remove data redundancies. In some embodiments, the data received from the one or more systems of record may be normalized, whereby the data is reduced to a set of relations while ensuring data integrity and eliminating data redundancy. In this regard, the system may be configured to determine whether all of the data received from the one or more systems of record are consistent, and satisfy all the integrity constraints before being stored as an authorized data source (i.e., making sure that the data conforms to the ADS))); and the corrected data is marked as validated (Col. 7 lines 45-67 and Col. 8 lines 4-26; (The art consistent, and satisfy all the integrity constraints (i.e., validate) before being stored as an authorized data source; and in response to categorizing the data, the process flow includes storing the categorized data as an authorized data source (i.e., marked as an authorized data source) capable of being accessed by one or more target systems (i.e., the data is stored to indicate that it is a valid authorized data source))).  
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner in view of Allen and Sharma to incorporate the teaching of Gibbons. This would be convenient to enable an organization to precisely define, easily integrate, and effectively retrieve data for both internal and external communication (Col. 1 lines 6-10).  

Claim 15. 	Brebner discloses a method for providing deep packet inspection the method comprising:  
providing data diversion paths, said diversion paths formed from a plurality of data conduits (i.e., pipelines), for limiting bandwidth consumption by the deep packet inspection architecture, diverting data packets in a data stream into a selected one of the plurality of data conduits (Col. 3 lines 7-10; (The art relate to communication protocols, and more particularly to packet processors for manipulating data packets. The art teaches a hardware-efficient parallel architecture for a packet processing circuit. The packet processing circuit includes a plurality of processing pipelines for processing received packets in parallel));  
determining a data packet size of a data packet in the data stream (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets are determined and each packet is assigned to a respective one of a plurality of processing pipelines for processing));   
selecting, for data packet inspection, a conduit from among the conduits, said selecting the conduit that depends on a data packet size of the data packet (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets ; 
wherein the first data conduit is configured to receive and inspect data packets that include a data packet size that is greater than a predetermined data packet size (Col. 2 lines 38-Col. 4 lines 1-8; (The art teaches that each processing pipeline is configured and arranged to process packets having a size greater than or equal to the associated processing size. The scheduling circuit is coupled to the K processing pipelines and is configured and arranged to determine respective packet sizes of one or more packets input in parallel from a bus and assign each packet of the one or more packets for processing by one of the K processing pipelines as a function of the respective packet size of the packet and the processing sizes associated the processing pipelines. The respective packet size of each packet is less than or equal to the processing size associated with the assigned one of the K processing pipelines. The art teaches that in an example five different parallel packet processing pipelines with different processing sizes may be implemented. The different processing sizes are 256-byte (i.e., first pipeline), 128-byte, 80-byte, 64-byte, and 48-byte)), 
the second data conduit is configured to receive and inspect data packets that include a data packet size that is less than or equal to the predetermined data packet size (Col. 2 lines 38-Col. 4 lines 1-8; (The art teaches that each processing pipeline is configured and arranged to process packets having a size greater than or equal to the associated processing size. The scheduling circuit is coupled to the K processing pipelines and is configured and arranged to determine respective packet sizes of one or more packets input in parallel from a bus and assign each packet of the one or more packets for processing by one of the K processing pipelines as a function of the respective packet size of the packet and the processing sizes associated the processing pipelines. The respective packet size of each packet is less than or equal to the processing size associated with the assigned one of the K processing pipelines. The art teaches that in an example five different parallel packet processing pipelines with different processing . 
Brebner doesn’t explicitly disclose that the said data stream that transfers data packets at a first transfer rate per unit time; said first data conduit that is further configured to receive, inspect and output data packets at a second transfer rate per unit time, said second transfer rate per unit time that is less than said first transfer rate per unit time; said second data conduit that is further configured to receive, inspect and output data packets at a third transfer rate per unit time, said third transfer rate per unit time that is less than the first transfer rate per unit time and greater than the second transfer rate per unit time; and -5-wherein the diverted data packets are compared against data records stored in an Authorized Data Source to validate the data; correcting the diverted data packets that do not match the data records stored in the Authorized Data Source to conform to the ADS; and marking the data as validated, wherein: each of the first and second data conduits is operable to review and analyze data packets; each of the first and second data conduits is operable to review and analyze the data at a different security level from the other data conduit; and said review and analysis of the data packets is based on flow characteristics of the data packets in a data stream, said flow characteristics that indicate a likelihood of intrusion detection and/or lack thereof.  
However, Allen discloses wherein: 
each of the first and second data conduits (i.e., pipelines) is operable to review and analyze data packets; each of the first and second data conduits is operable to review and analyze the data at a different security level from the other data conduit (Parag. [0028], Parag. [0066-0068], Parag. [0074], and Fig. 7-8; (The art teaches a packet processing application vendor may design a complex packet processing pipeline that is able to detect attempted network attacks very rapidly (e.g., using sophisticated pattern matching or machine learning algorithms), and use the server-less packet processing service SPPS to implement virtual appliances that are able to implement such pipelines. By design, the SPPS may be tightly integrated with the IVN infrastructure in at least some embodiments—e.g., packet processing operations for implementing and enforcing IVN configuration requirements (e.g., security rules selected by the clients on whose behalf the IVNs have been set up, routing rules of the IVNs, and the like) may ; and 
said review and analysis of the data packets is based on flow characteristics of the data packets in a data stream, said flow characteristics that indicate a likelihood of intrusion detection and/or lack thereof (Parag. [0039]; (The art teaches that a wide variety of packet processing applications may be supported at an SPPS via the pipeline-based approach. Such applications may include transferring data securely to or from a virtual private network, intrusion detection, per-user or per-group bandwidth usage tracking, load balancing, secure transmission of data between a provider network data center and a premise external to the provider network)).   
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner to incorporate the teaching of Allen. This would be convenient for achieving various advantages and practical applications/benefits such as .  
Sharma discloses said data stream that transfers data packets at a first transfer rate per unit time; said first data conduit that is further configured to receive, inspect and output data packets at a second transfer rate per unit time, said second transfer rate per unit time that is less than said first transfer rate per unit time; said second data conduit that is further configured to receive, inspect and output data packets at a third transfer rate per unit time, said third transfer rate per unit time that is less than the first transfer rate per unit time and greater than the second transfer rate per unit time (Parag. [0002], Parag. [0009], Parag. [0056], and Fig. 3; (The art teaches "splitting" the incoming high-speed (i.e., first transfer rate) stream S into several lower-speed streams s.sub.1-s.sub.N the average rate of which is substantially equal to R/N, (where N is the number of lower stream into which the high speed stream S is split). According to Fig. 3, different pipes (i.e., first and second pipes) are associated with different pipe rates (e.g. the rate (i.e., third rate) of Pipe 3 (i.e., second pipeline) has a magnitude that is greater than the rate of Pipe 2 (i.e., first pipeline with a second rate), and both rates are less than the first stream rate). The rate is per second)). 
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner in view of Allen to incorporate the teaching of Sharma. This would be convenient for maintaining service levels at a relatively low cost for network service providers (Parag. [0002]). 
		Gibbons discloses  -5-wherein the diverted data packets are compared against data records stored in an Authorized Data Source to validate the data (Col. 14 lines 15-46 and Claim 1; (The art teaches comparing the one or more fields associated with the received data with the one or more fields associated with the data categorized under the same domain and/or domain type. A mismatch is due to dropped packet instances, A reconciliation process includes determining whether the one or more data fields associated with the data received by the authorized data source is consistent with the data received by the system from the one or more systems of record for mapping)); correcting the diverted data packets that do not match the data records stored in the Authorized Data Source to conform to the ADS (Col. 7 lines 45-67, Col. 8 lines 1-10, Col. 14 lines 15-46, and Claim 1; (The art teaches determining that the data reconciling the data and remove data redundancies. In some embodiments, the data received from the one or more systems of record may be normalized, whereby the data is reduced to a set of relations while ensuring data integrity and eliminating data redundancy. In this regard, the system may be configured to determine whether all of the data received from the one or more systems of record are consistent, and satisfy all the integrity constraints before being stored as an authorized data source (i.e., making sure that the data conforms to the ADS))); and marking the data as validated (Col. 7 lines 45-67 and Col. 8 lines 4-26; (The art teaches that categorizing the data comprises reconciling the data and remove data redundancies; the system may be configured to determine whether all of the data received from the one or more systems of record are consistent, and satisfy all the integrity constraints (i.e., validate) before being stored as an authorized data source; and in response to categorizing the data, the process flow includes storing the categorized data as an authorized data source (i.e., marked as an authorized data source) capable of being accessed by one or more target systems (i.e., the data is stored to indicate that it is a valid authorized data source))).  
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner in view of Allen and Sharma to incorporate the teaching of Gibbons. This would be convenient to enable an organization to precisely define, easily integrate, and effectively retrieve data for both internal and external communication (Col. 1 lines 6-10).



Claims 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over  Brebner (Patent No. US 8,775,685), in view of Allen et al. (Pub. No. US 2020/0403905), hereinafter Allen, in view of Sharma et al. (Pub. No. US 2003/0067876), hereinafter Sharma, in view of Gibbons (Patent. No. US 9,825,953), and in view of Shanbhag et al. (Pub. No. US 2019/0306034), hereinafter Shanbhag. 

Claim 12. 	Brebner in view of Allen, Sharma, and Gibbons discloses the architecture of claim 8,  
Brebner further discloses wherein each complementary pair of data conduits is coupled in parallel to the other of the complementary pair of data conduits within the packet inspection architecture (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets are determined and each packet is assigned to a respective one of a plurality of processing pipelines for processing. Assignment of packets is performed as a function of the respective packet size of the packet and a processing size of the processing pipelines. The processing size associated with one of the processing pipelines being different from the processing size associated with at least one other of the processing pipelines. The respective packet size of the packet being less than or equal to the processing size associated with the assigned one of the processing pipelines)).    
Brebner doesn’t explicitly disclose that the packet inspection architecture is a deep packet inspection architecture.
However, Shanbhag discloses that the packet inspection architecture is a deep packet inspection architecture (Parag. [0008]; (The art teaches programmable policy engine at each of a sniffing access points serving as intrusion detection sensors to sniff traffic at various locations on the Wi-Fi network are reprogrammed dynamically. The adjustments reprogram a sniffing pipeline at each of the intrusion detection sensors including adjusting an endpoint device for sending sniffed traffic and dropping more traffic during deep packet inspection)). 
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner to incorporate the teaching of Shanbhag. This would be convenient for achieving many advantages such as detailed inspection, analyze .   

Claim 19. 	Brebner in view of Allen, Sharma, and Gibbons discloses the method of claim 15 
Brebner further discloses wherein each of the complementary pairs of data conduits is coupled in parallel to the other of the complementary pairs of data conduits within the packet inspection architecture (Col. 2 line 9-22 and Col. 7 lines 54-67; (The art teaches a method of processing packets is provided. One or more packets are received in parallel from a bus. Respective packet sizes of the one or more packets are determined and each packet is assigned to a respective one of a plurality of processing pipelines for processing. Assignment of packets is performed as a function of the respective packet size of the packet and a processing size of the processing pipelines. The processing size associated with one of the processing pipelines being different from the processing size associated with at least one other of the processing pipelines. The respective packet size of the packet being less than or equal to the processing size associated with the assigned one of the processing pipelines)).    
Brebner doesn’t explicitly disclose that the packet inspection architecture is a deep packet inspection architecture.
However, Shanbhag discloses that the packet inspection architecture is a deep packet inspection architecture (Parag. [0008]; (The art teaches programmable policy engine at each of a sniffing access points serving as intrusion detection sensors to sniff traffic at various locations on the Wi-Fi network are reprogrammed dynamically. The adjustments reprogram a sniffing pipeline at each of the intrusion detection sensors including adjusting an endpoint device for sending sniffed traffic and dropping more traffic during deep packet inspection)). 
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify Brebner to incorporate the teaching of Shanbhag. This would be convenient for achieving many advantages such as detailed inspection, analyze network usage, troubleshoot network performance, ensure that data is in the correct format, and check for malicious code.

Claims 14 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over  Brebner (Patent No. US 8,775,685), in view of Allen et al. (Pub. No. US 2020/0403905), hereinafter Allen, in view of Sharma et al. (Pub. No. US 2003/0067876), hereinafter Sharma, in view of Gibbons (Patent. No. US 9,825,953), and in view of Gallatin et al. (Pub. No. US 2005/0254490), hereinafter Gallatin.

Claim 14. 	Brebner in view of Allen, Sharma, and Gibbons discloses the architecture of claim 8,   
The combination doesn’t explicitly disclose wherein said diverting data packets into plurality of data conduits comprises diverting packets using port mirroring or using an optical splitter. 
However, Gallatin discloses wherein said diverting data packets into plurality of data conduits comprises diverting packets using port mirroring or using an optical splitter (Parag. [0039-0040] and Claim 14; (The art teaches that the movement of packets between the ports is implemented by port mirroring and redirecting packets from an ingress port to an egress port)).
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the combination to incorporate the teaching of Gallatin. This would be convenient in a system and method for allowing improved networking monitoring in a network that has packet switches. The system and method should be compatible with existing packet switches and easily adapted to a network environment and should be cost effective (Parag. [0046]).    

Claim 21. 	Brebner in view of Allen, Sharma, and Gibbons discloses the method of claim 15, 
The combination doesn’t explicitly disclose wherein said diverting data packets into plurality of data conduits further comprises diverting packets using port mirroring or using an optical splitter. 
However, Gallatin discloses wherein said diverting data packets into plurality of data conduits further comprises diverting packets using port mirroring or using an optical splitter (Parag. [0039-0040] and Claim 14; (The art teaches that the movement of packets .
It would be obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the combination to incorporate the teaching of Gallatin. This would be convenient in a system and method for allowing improved networking monitoring in a network that has packet switches. The system and method should be compatible with existing packet switches and easily adapted to a network environment and should be cost effective (Parag. [0046]).

Conclusion
		The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Nair et al. (US 2018/0048520) – Related art in the area computer networks and digital processing systems for multi-computer data transferring, (Parag. [0043], the computing platform rule repository includes a data store that stores the set 122 of computing platform rules 124. A computing platform rule 124 may be associated with a particular stage of the orchestration pipeline (e.g., the testing stage, the scanning stage, and the enforcement stage). A computing platform rule 124 may, for example, specify criteria that must be satisfied for a stage of the orchestration pipeline to start or complete successfully). 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABDELBASST TALIOUA whose telephone number is (571)272-4061.  The examiner can normally be reached on Monday-Thursday 7:30 am - 5:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Trost can be reached on 571-272-7872.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/A.T./Examiner, Art Unit 2442

/WILLIAM G TROST IV/Supervisory Patent Examiner, Art Unit 2442