Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The instant application having Application No. 16/642,485 is presented for examination by the examiner.




Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 12 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  Claim 12 comprises computer readable medium.  Computer readable medium include signals.  Signals are not a statutory class of invention.  In order to overcome this interpretation, the claim should be amended to only include “non-transitory” computer readable-medium.  There is support for this amendment because the original disclosure does not preclude the non-transitory types of computer readable medium.
 
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

Claims 1-12 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. 

As per claim 1, the claim is full of antecedent bases problems and many terms reintroduced.  Examiner has attempted to sort them out when interpreting the claim but Applicant is advised to carefully review the claims, especially the dependent claims because the issue likely came from translating the original foreign application.  
For example:
Claim 1:
The phrase “a packet about” is confusing
An SSL is both unclear and defined multiple times
A TCP session is defined twice
The phrase: “transmitting a packet transmitted and received between the virtual client and the virtual server when setting up the TCP session to a security device” is problematic because a packet was already defined and there is no prior mention of “when” a TCP 
	Claim 2 and other dependents use referencing language to parent claims where the entire phrase does not quite point to one previous step or function.  Also as in the case of claim 2, the decryption is performed again by the way the claim is written even though that step was already performed in claim 1 by the decryption device.  
	The other dependent have similar problems that need attention and correction so that the claims are definitive and clear.  Appropriate correction is required.
	As per claim 11, it is unclear how all of the devices have the same IP address.


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.





Claims 1-12 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by USP Application Publication 2018/0288062 to Goyal et al., hereinafter Goyal.
Examiner has applied the references to claims as interpreted despite the numerous examples mentioned above that obscure the exact scope of the claimed invention.

As per claim 1, Goyal teaches a secure sockets layer (SSL) decryption method in an SSL decryption device, the method comprising: 
after a transmission control protocol (TCP) session between a client and a server is set up (0049), detecting a packet about an SSL handshake for establishing an SSL connection between the client and the server (0039); 
configuring an SSL between the client and the SSL decryption device [501/102; 501 is inside 102 per 0039] and configuring an SSL between the SSL decryption device and the server [404] (0039); 
setting up a TCP session between a virtual client [client’s virtual interface] corresponding to the client and a virtual server [aware tunnel 610 can be the virtual tunnel adapter; 0045] corresponding to the server and 
transmitting a packet transmitted and received between the virtual client and the virtual server when setting up the TCP session to a security device; and when receiving a first SSL packet transmitted from the client to the SSL decryption device, decrypting and transmitting the first SSL packet to the security device and re-encrypting and transmitting the decrypted first SSL packet to the server [510/102 intercept SSL packets and are able to inspect the encrypted data before sending it on to the server; 0039, 0040, and 0047;  Goyal clearly suggests the data is decrypted at 510/102 because the 
As per claim 2, Goyal teaches when receiving the first SSL packet transmitted from the client to the SSL decryption device, decrypting the first SSL packet [already performed in claim 1; 0040 and 0047]; 
generating a first TCP packet including a payload of the decrypted first SSL packet transmitted from the virtual client to the virtual server (0048); 
transmitting the first TCP packet to the security device (0048); 
generating a second SSL packet including a payload of the decrypted first SSL packet; and transmitting the second SSL packet to the server [messages are sent from client to server and vice versa with the same ability to inspect; the original data is eventually sent to the server encrypted under the SSL key established in 0038; see also 0040].
As per claim 3, Goyal teaches receiving a third SSL packet transmitted from the server to the SSL decryption device, decrypting and transmitting the third SSL packet to the security device and re-encrypting and transmitting the decrypted third SSL packet to the client (0040 and 0048).  Traffic is intercepted client to server and server to client (0039). 
As per claim 4, Goyal teaches when receiving the third SSL packet transmitted from the server to the SSL decryption device, decrypting the third SSL packet (0040); generating a second TCP packet including a payload of the decrypted third SSL packet transmitted from the virtual server to the virtual client (0048); transmitting the second TCP packet to the security device (0048); generating a fourth SSL packet including a 

As per claim 5, Goyal teaches when it is detected that the TCP session between the client and the server is ended (0047), ending the TCP session between the virtual client and the virtual server and transmitting a packet transmitted and received between the virtual client and the virtual server when ending the TCP session to the security device (0048).
As per claim 6, Goyal teaches when receiving a request to transmit a message to the client from the security device, generating and transmitting a fifth SSL packet including the message to the client [unclear what this message refers to, different from the packet?; 0040].
As per claim 7, Goyal teaches a request to transmit the message to the client from the security device when receiving a FIN packet including the message transmitted to the client from the security device and when receiving an RST packet transmitted to the server from the security device (all TCP messages between client and server flow through the same tunnel until the session ends; 0038 and 0049).
As per claim 8, Goyal teaches when receiving a request to disconnect the connection between the client and the server from the security device, disconnecting the connection between the client and the server; and ending the TCP session between the virtual client and the virtual server and transmitting a packet transmitted and received between the virtual client and the virtual server when ending the TCP session 
As per claim 9, Goyal teaches request to disconnect the connection between the client and the server from the security device is determined as a request to disconnect the connection between the client and the server when receiving an RST packet transmitted to each of the client and the server from the security device [handled through the use of TCP and its well known signals; 0049 and 0064] .
As per claim 10, Goyal teaches matching and storing five tuples of the virtual client, corresponding to five tuples of the client, and matching and storing five tuples of the virtual server, corresponding to five tuples of the server (0049).
As per claim 11, Goyal teaches client IPs, server IPs, and server ports have the same value as each other [Table 1] and client ports have different values from each other (0044), when comparing information of the TCP session which is set up between the client and the server with information of the TCP session which is set up between the virtual client and the virtual server (0044).
As per claim 12, it is rejected for the same reason as claim 1.







Conclusion
	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is listed on the enclosed PTO-892 form.
Cited prior art shows inline SSL inspection where the data is decrypted and then re-encrypted before transmission to its final destination.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is (571)270-7316.  The examiner can normally be reached on Monday - Thursday, 7:30am - 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/MICHAEL R VAUGHAN/
Primary Examiner, Art Unit 2431