DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Terminal Disclaimer
The terminal disclaimer filed on 02/17/2022 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of the full statutory term of prior (patent number US 10,826,774) has been reviewed and is accepted.  The terminal disclaimer has been approved on 02/17/2022.

Response to Amendment

This communication is considered fully responsive to the amendment filed on 02/17/2022.
Claims 1, 6, 10 and 16 have been amended.
Claim 5 has been canceled.

Response to Arguments

Applicant’s arguments with respect to the amended independent claims filed on 02/17/2022 have been considered but are moot because the Applicant’s arguments were drawn to a second alternative in claim 5 that hasn’t been examined in the previous Office Action, and the second alternative amended to the independent claims is 

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1-4 and 6-19 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-10 of U.S. Patent No. 10,250,442 (or Patent Application No. 14/830189, hereinafter Pat-442). Although the claims at issue are not identical, they are not patentably distinct from each other.

Regarding claim 1, as shown in the following table, claims 1 and 2 of Pat-442 recites all the claimed limitations of the claim 1.
Claims / App Language 
Pat-442 Language
1. A method for custom-defined network routing, the method comprising: 

receiving, at a primary network, authentication information; 



receiving, at a controller of the primary network, one or more forwarding modifications specific to traffic transceived with the customer network, the one or more forwarding modifications custom defining a set of rules for forwarding network traffic transceived with the customer network; and 






distributing the custom defined set of rules from the controller to at least one edge router of the primary network for storing in a forwarding table specific to the customer network on the at least one edge router, 

wherein at least a first rule of the custom defined set of rules defines a priority for application of the first rule in case the first rule conflicts with another rule of the custom defined set of rules to the network traffic at the at least one edge router, 













wherein the custom defined set of rules are custom specified to apply to a type of data packet.


receiving, at a primary network, authentication information; 



receiving, at a controller of the primary network, one or more forwarding modifications specific to traffic transceived with the customer network, the one or more forwarding modifications custom defining a set of rules for forwarding network traffic transceived with the customer network; 

verifying the forwarding modifications are operable within a telecommunications network including the primary network and the customer network; 

distributing the custom defined set of rules from the controller to at least one edge router of the primary network for storing in a forwarding table specific to the customer network on the at least one edge router, 

wherein at least a first rule of the custom defined set of rules defines a priority for application of the first rule in case the first rule conflicts with another rule of the custom defined set of rules to the network traffic at the at least one edge router;

receiving a packet of data at the at least one edge router, the packet of data having a header; 
attributing the packet of data to the customer network using at least one of a source address or a destination address specified in the header; and 


2. The method of claim 1, 
wherein the custom defined set of rules are custom specified to apply to at least one of: a range of Internet Protocol addresses or a type of data packet.


Regarding claim 2, claim 1 of Pat-442 recites all the claimed limitations of the claim 2.
Regarding claim 3, claim 1 of Pat-442 recites all the claimed limitations of the claim 3.
Regarding claim 4, claim 1 of Pat-442 recites all the claimed limitations of the claim 4.
Regarding claim 6, claim 3 of Pat-442 recites all the claimed limitations of the claim 6.
Regarding claim 7, claim 4 of Pat-442 recites all the claimed limitations of the claim 7.
Regarding claim 8, claim 5 of Pat-442 recites all the claimed limitations of the claim 8.
Regarding claim 9, claim 6 of Pat-442 recites all the claimed limitations of the claim 9.
Regarding claim 10, as shown in the following table, claims 7 and 2 of Pat-442 recites all the claimed limitations of the claim 10.
Claims / App Language 
Pat-442 Language


receiving, at a primary network, authentication information; 

identifying, based on the authentication information, a customer network, the customer network distinct from, and in communication with, the primary network; 

receiving a set of custom defined network flow rules at an edge router of the primary network, the set of custom defined network flow rules specific to network traffic transceived with the customer network, 

wherein at least a first rule of the set of custom defined network flow rules defines a priority for application of the first rule in case the first rule conflicts with another rule of the custom defined set of rules to the network traffic; 






storing the set of custom defined network flow rules in a forwarding table specific to the customer network on the edge router; 

receiving a packet of data at the edge router; 







applying the set of custom defined network flow rules to the packet of data using the forwarding table,

wherein the customer defined set of rules are custom specified to apply to a type of data packet.


receiving, at a primary network, authentication information; 

identifying, based on the authentication information, a customer network, the customer network distinct from, and in communication with, the primary network; 

receiving a set of custom defined network flow rules at an edge router of the primary network, the set of custom defined network flow rules specific to network traffic transceived with the customer network, 

wherein at least a first rule of the set of custom defined network flow rules defines a priority for application of the first rule in case the first rule conflicts with another rule of the custom defined set of rules to the network traffic; 

verifying the forwarding modifications are operable within a telecommunications network including the primary network and the customer network; 

storing the set of custom defined network flow rules in a forwarding table specific to the customer network on the edge router; 

receiving a packet of data at the edge router, 
wherein the packet of data includes a header; 



applying the set of custom defined network flow rules to the packet of data using the forwarding table.

2. The method of claim 1, wherein the custom defined set of rules are custom specified to apply to at least one of: a range of Internet Protocol addresses or a type of data packet.


Regarding claim 11, claim 8 of Pat-442 recites all the claimed limitations of the claims 11.
Regarding claims 12 and 13, claim 7 of Pat-442 recites all the claimed limitations of the claims 12 and 13.
Regarding claims 14, claim 9 of Pat-442 recites all the claimed limitations of the claims 14.
Regarding claims 15, claim 10 of Pat-442 recites all the claimed limitations of the claims 15. 
Regarding claims 16-19, as shown in the following table, claim 1 of Pat-442 recites all the claimed limitations of the claims 16-19.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


Claims 1-4, 6-7, 9-16 and 18-19 rejected under 35 U.S.C. 103 as being unpatentable over Adams et al. (US 8693344, “Adams”) in view of Sonoda et al. (US 2014/0079070, “Sonoda”) and further in view of Baphna et al. (US 2015/0064677, “Baphna”).
Examiner’s note: in what follows, references are drawn to Adams unless otherwise mentioned.
Adams’ invention comprises the following features:
With respect to the independent claims:
Regarding claim 1, a method for custom-defined network routing, the method comprising: 
receiving, at a primary network, authentication information (Note that Adams does not specifically describe about authentication received at a network. This will be discussed in view of Sonoda.); 
identifying, based on the authentication information, a customer network (Note that Adams does not specifically describe about identifying a network based on the authentication. This will be also discussed in view of Sonoda.), the customer network distinct from, and in communication with, the primary network (Fig. 8 depicts two networks, 10E, are connected to a network, 10C depicted in the middle. One of the two networks 10E is considered to be equivalent to the recited customer network and the network depicted in the middle, 10C, is considered to be equivalent to 
receiving, at a controller of the primary network (Fig. 10; 18 “Controller Server” and Fig. 8; 10C), one or more forwarding modifications specific to traffic transceived with the customer network ([Col. 12; lines 9-11] “A network administrator may use controller server 18 to implement network policies that control the flow of network packets through network 10.”, [Col. 12; lines 20-22] “Network policies may include regular expressions that define which network packets are controlled by the network policies.”, and [Col. 20; lines 28-29 and Fig. 19A; Step 512] “In step 152, controller server 18 may receive network policy information from a network administrator.”), the one or more forwarding modifications custom defining a set of rules for forwarding network traffic transceived with the customer network ([Col. 12; lines 11-14] “The table of FIG. 12 shows illustrative network policies X, Y, Z, W, and V that may be implemented using controller server 18 to control network traffic through network 10 of FIG. 10.”); and 
distributing the custom defined set of rules from the controller to at least one edge router of the primary network ([Col. 12; lines 3-7] “controller server 18 can distribute flow table entries such as flow table entry E1' to edge switches such as switch E1 but not to switches nearer the network core such as switch SW C1 and can distribute flow table entries such as flow table entry C1' to core switches or switches near the core such as switch SW C1” Core switches 14C are part of the core network 10C depicted in Fig. 8 which is equivalent to the  for storing in a forwarding table specific to the customer network on the at least one edge router (Note that Adams does not specifically describe about storing the rules at another network entity besides the controller. This will be discussed in view of Sonoda.), 
wherein at least a first rule of the custom defined set of rules defines a priority ([Col. 12; lines 36-38] “Each network policy may be assigned a corresponding priority value (priority) that determines which network policy controls each given network packet.”) for application of the first rule in case the first rule conflicts with another rule of the custom defined set of rules to the network traffic at the at least one edge router ([Col. 2; lines 17-19] “To ensure that the network switches process packets accurately, priorities may be assigned to each policy to resolve conflicts”. An example is described in [Col. 12; lines 38-42] “Network policies X, Y, Z, W, and V may be assigned respective priority values 100, 101, 102, 103, and 104. Network policies that have higher priorities may take precedence over network policies with lower priorities. For example, network policy X with priority 100 may block end host EHA from transmitting to end host EHB, but network policy Y with priority 101 may allow end host EHA to transmit to end host EHB using the TCP protocol.” In the same paragraph, an example to avoid conflicts between network policies X and Y is described.),
wherein the custom defined set of rules are custom specified to apply to a type of data packet (This will be discussed in view of Baphna.). 
It is noted that while disclosing receiving policies at a controller of a primary network, Adams does not specifically teach about receiving an authentication, identifying a network based on the authentication and storing rules at a network entity. 
receiving at a primary network, authentication information ([Sonoda, 0085 and Fig. 7] “The policy management device 300 makes reference to the communication policy information and the resource information, determines a communication policy of a user who has received authentication by the authentication device 330, and notifies the control device 400.”);
identifying based on the authentication information, a customer network ([Sonoda, 0085 and Fig. 7] “based on a role ID included in authentication information received from the authentication device 330, the policy management device 300 identifies content of a resource group ID” As Fig. 7 depicts the resource group ID is at another network different from the user side, thus it is considered as a customer network.);
for storing in a forwarding table specific to the customer network on the at least one edge router ([Sonoda, 0015] “a communication unit that receives a processing rule specifying a method of processing the packet, which is determined by the control device, from the control device; a storage unit that stores the received processing rule”)
It, therefore, would have been obvious to one of ordinary skill in the art before the effective filing date of instant application to add the authentication and an identifying operation of where the authentication is originated from prior to receiving rules and packets in Adams as taught by Sonoda. One would have been motivated to have such authentication step for identifying a network (or a 
It is noted that while disclosing receiving policies at a controller of a primary network, Adams does not specifically teach about apply the customer defined rules to a type of data packet. It, however, had been known before the effective filing date of the instant application as shown by Baphna as follows; 
the custom defined set of rules are custom specified to apply to a type of data packet ([Baphna, 0044] “computes custom rules for the data sets which are build based on a type of data”).
It, therefore, would have been obvious to one of ordinary skill in the art before the effective filing date of the instant application to modify Adams by using the features of Baphna in order to reduce overhead, latency and achieve effective transmission such that “The processor implemented method may further includes (i) computing, by a rule engine module, custom rules for the data sets which are build based on a type of data” [Baphna, 0007]. 

Regarding claim 10, a method for custom-defined network routing, the method comprising: 
receiving, at a primary network, authentication information (Note that Adams does not specifically describe about authentication received at a network. This will be discussed in view of Sonoda.); 

receiving a set of custom defined network flow rules at an edge router of the primary network ([Col. 12; lines 3-7] “controller server 18 can distribute flow table entries such as flow table entry E1' to edge switches such as switch E1 but not to switches nearer the network core such as switch SW C1 and can distribute flow table entries such as flow table entry C1' to core switches or switches near the core such as switch SW C1” Core switches 14C are part of the core network 10C depicted in Fig. 8 which is equivalent to the recited primary network.), the set of custom defined network flow rules specific to network traffic transceived with the customer network ([Col. 12; lines 9-11] “A network administrator may use controller server 18 to implement network policies that control the flow of network packets through network 10.”, [Col. 12; lines 20-22] “Network policies may include regular expressions that define which network packets are controlled by the network policies.”, and [Col. 20; lines 28-29 and Fig. 19A; Step 512] “In 
wherein at least a first rule of the set of custom defined network flow rules defines a priority ([Col. 12; lines 36-38] “Each network policy may be assigned a corresponding priority value (priority) that determines which network policy controls each given network packet.”) for application of the first rule in case the first rule conflicts with another rule of the custom defined set of rules to the network traffic ([Col. 2; lines 17-19] “To ensure that the network switches process packets accurately, priorities may be assigned to each policy to resolve conflicts”. An example is described in [Col. 12; lines 38-42] “Network policies X, Y, Z, W, and V may be assigned respective priority values 100, 101, 102, 103, and 104. Network policies that have higher priorities may take precedence over network policies with lower priorities. For example, network policy X with priority 100 may block end host EHA from transmitting to end host EHB, but network policy Y with priority 101 may allow end host EHA to transmit to end host EHB using the TCP protocol.” In the same paragraph, an example to avoid conflicts between network policies X and Y is described.), 
storing the set of custom defined network flow rules in a forwarding table specific to the customer network on the edge router (Note that Adams does not specifically describe about storing the rules at another network entity besides the controller. This will be discussed in view of Sonoda.); 
receiving a packet of data at the edge router ([Col. 9; lines 27-28 and Fig. 7] “At step 78, switch 14 receives a packet on one of its ports (e.g., one of input-output ports 34 of FIG. 1).”); 

applying the set of custom defined network flow rules to the packet of data using the forwarding table ([Col. 9; lines 45-55] describes two cases, a matching case and a non-matching case, and Fig. 7 depicts the two cases, 82 “Take appropriate action for matching flow and update statistics when matching. 84 “Send packet to controller over link” when not matching.),
wherein the custom defined set of rules are custom specified to apply to a type of data packet (This will be discussed in view of Baphna.). 
It is noted that while disclosing receiving policies at a controller of a primary network, Adams does not specifically teach about receiving an authentication, identifying a network based on the authentication and storing rules at a network entity. It, however, had been known in the art before the effective filing date of the instant application as shown by Sonoda as follows; 
receiving, at a primary network, authentication information ([Sonoda, 0085 and Fig. 7] “The policy management device 300 makes reference to the communication policy information and the resource information, determines a communication policy of a user who has received authentication by the authentication device 330, and notifies the control device 400.”);
identifying, based on the authentication information, a customer network ([Sonoda, 0085 and Fig. 7] “based on a role ID included in authentication 
storing the set of custom defined network flow rules in a forwarding table specific to the customer network on the edge router ([Sonoda, 0015] “a communication unit that receives a processing rule specifying a method of processing the packet, which is determined by the control device, from the control device; a storage unit that stores the received processing rule”).
It, therefore, would have been obvious to one of ordinary skill in the art before the effective filing date of the instant application to add the authentication and an identifying operation of where the authentication is originated from prior to receiving rules and packets in Adams as taught by Sonoda. One would have been motivated to have such authentication step for identifying a network (or a user) in order for the controller to assign proper policies to the network as described in [Sonoda, 0070] “the control device 400 determines a path between the terminal 100 of the user for whom authentication has succeeded, and a network resource 500”.
It is noted that while disclosing receiving policies at a controller of a primary network, Adams does not specifically teach about apply the customer defined rules to a type of data packet. It, however, had been known before the effective filing date of the instant application as shown by Baphna as follows; 

It, therefore, would have been obvious to one of ordinary skill in the art before the effective filing date of the instant application to modify Adams by using the features of Baphna in order to reduce overhead, latency and achieve effective transmission such that “The processor implemented method may further includes (i) computing, by a rule engine module, custom rules for the data sets which are build based on a type of data” [Baphna, 0007].

Regarding claim 16, a system for custom-defined network routing (Fig. 8 depicts two networks, 10E, are connected to a network, 10C depicted in the middle. One of the two networks 10E is considered to be equivalent to the recited customer network and the network depicted in the middle, 10C, is considered to be equivalent to the recited primary network. A brief description for Fig. 8 is described in Col. 9; lines 63 – Col. 10; lines 16.), the system comprising: 
a controller of a primary network (Fig. 10; 18 “Controller Server” and Fig. 8; 10C) in communication with a customer network (Fig. 8; one of two 10E networks), the controller generating a custom defined set of rules for network traffic ([Col. 12; lines 9-11] “A network administrator may use controller server 18 to implement network policies that control the flow of network packets through network 10.”, [Col. 12; lines 20-22] “Network policies may include regular expressions that define which network packets are controlled by the network 
at least one edge router of the primary network (Fig. 8; 14C and Fig. 10; 14C) in communication with the controller ([Col. 12; lines 3-7] “controller server 18 can distribute flow table entries such as flow table entry E1' to edge switches such as switch E1 but not to switches nearer the network core such as switch SW C1 and can distribute flow table entries such as flow table entry C1' to core switches or switches near the core such as switch SW C1”), the at least one edge router receiving the custom defined set of rules from the controller ([Col. 12; lines 3-7] “controller server 18 can distribute flow table entries such as flow table entry E1' to edge switches such as switch E1 but not to switches nearer the network core such as switch SW C1 and can distribute flow table entries such as flow table entry C1' to core switches”); and 
a forwarding table on the at least one edge router storing the custom defined set of rules (Note that Adams does not specifically describe about storing the rules at another network entity besides the controller. This will be discussed in view of Sonoda.)
wherein the custom defined set of rules are custom specified to apply to a type of data packet (This will be discussed in view of Baphna.).
It is noted that while disclosing receiving policies at a controller of a primary network, Adams does not specifically teach about storing rules at a network entity. It, 
a forwarding table on the at least one edge router storing the custom defined set of rules ([Sonoda, 0015] “a communication unit that receives a processing rule specifying a method of processing the packet, which is determined by the control device, from the control device; a storage unit that stores the received processing rule”).
It, therefore, would have been obvious to one of ordinary skill in the art before the effective filing date of the instant application to include the feature of storing rules at a network entity receiving the rules in Adams as taught by Sonoda. One would have been motivated to have such storing feature in order for the network entity to minimize its resource usage in communication with the controller.
It is noted that while disclosing receiving policies at a controller of a primary network, Adams does not specifically teach about apply the customer defined rules to a type of data packet. It, however, had been known before the effective filing date of the instant application as shown by Baphna as follows; 
the custom defined set of rules are custom specified to apply to a type of data packet ([Baphna, 0044] “computes custom rules for the data sets which are build based on a type of data”).
It, therefore, would have been obvious to one of ordinary skill in the art before the effective filing date of the instant application to modify Adams by using the features of Baphna in order to reduce overhead, latency and achieve 

	With respect to dependent claims:
Regarding claim 2, the method as recited in claim 1, further comprising: verifying the forwarding modifications are operable within a telecommunications network including the primary network and the customer network ([Col. 5; lines 15-25] “Controller server 18 of FIG. 1 may gather information about the topology of network 10. For example, controller server 18 may send Link Layer Discovery Protocol (LLDP) probe packets through the network to discover the topology of network 10. Controller server 18 may use information on network topology and information on the capabilities of network equipment to determine appropriate paths for packets flowing through the network. Once appropriate paths have been identified, controller server 18 may send corresponding settings data to the hardware in network 10 to ensure that packets flow through the network as desired.", and [Col. 5; lines 31-33] “Controller server 18 may be used to implement network configuration rules 20. Rules 20 may specify which services are available to various network entities.”).  

Regarding claim 3, the method as recited in claim 1, further comprising: 
receiving a packet of data at the at least one edge router ([Col. 9; lines 27-28 and Fig. 7] “At step 78, switch 14 receives a packet on one of its ports (e.g., one of input-
attributing the packet of data to the customer network using the header ([Col. 9; lines 29-31] “At step 80, switch 14 compares the fields of the received packet to the fields of the flow table entries in the flow table 28 of that switch to determine whether there is a match”); and 
applying the custom defined set of rules to the packet of data from the forwarding table of the at least one edge router ([Col. 9; lines 45-55] describes two cases, a matching case and a non-matching case, and Fig. 7 depicts the two cases, 82 “Take appropriate action for matching flow and update statistics when matching. 84 “Send packet to controller over link” when not matching.).

 	Regarding claims 4 and 13, the method as recited in claim 3 and the method as recited in claim 12, respectively, wherein the packet of data is attributed to the customer network using at least one of: a source address or a destination address specified in the header ([Col. 1; lines 58-62] “Fields in the packet header, such as source address, network address, protocol, and protocol port and other information associated with a given packet are packet attributes that may be compared to the matching criteria.”).  

Regarding claim 6, the method as recited in claim 1, wherein the type of data packet includes at least one of voice or web ([Sonoda, 0140] “The control device 400 sets a processing rule specifying redirection to a destination of a prescribed website”).  

Regarding claims 7 and 14, the method as recited in claim 1 and the method as recited in claim 10, respectively, wherein the custom defined set of rules includes one or more of: drop ([Col. 8; lines 19-22] “Each flow table entry (flow entry) is associated with zero or more actions that dictate how the switch handles matching packets. If no forward actions are present, the packet is preferably dropped.”), demarcation (This limitation is an alternative and not examined.), rate limit (This limitation is an alternative and not examined.), queue selection ([Col. 8; lines 35-37] “Additional actions that may be taken by switch 14 include: an enqueue action to forward a packet through a queue attached to a port”), and path selection ([Col. 9; lines 4-6] “In a network with numerous switches 14, each switch can be provided with appropriate flow table entries to form a path through the network.”).  

Regarding claim 9, the method as recited in claim 1, wherein the at least one edge router is custom specified by the one or more forwarding modifications ([Col. 6; lines 4-8] “With one suitable arrangement, flow table data from controller server 18 may be stored in a flow table such as flow table 28. The entries of flow table 28 may be used in configuring switch 14 (e.g., the functions of packet processing circuitry 32 and/or packet processing software 26).”). 

Regarding claim 11, the method as recited in claim 10, wherein the set of custom defined network flow rules is distributed to the edge network by a controller of the primary network ([Col. 6; lines 4-8 and Fig. 1] “flow table data from controller server 

Regarding claim 12, the method as recited in claim 10, wherein the packet of data includes a header ([Col. 1; lines 57-58] “A network packet contains a packet header.”) and the packet of data is attributed to the customer network using the header ([Col. 7; lines 65-67] “The action in each flow table entry indicates what action switch 14 is to perform on the packet when a match is detected between the fields in the packet”).  

Regarding claim 15, the method as recited in claim 10, wherein each of the set of custom defined network flow rules defines for application to the network traffic ([Col. 5; lines 31-33] “Controller server 18 may be used to implement network configuration rules 20. Rules 20 may specify which services are available to various network entities.”).  

Regarding claim 18, the system as recited in claim 16, wherein the at least one edge router attributes a packet of data to the customer network and applies the custom defined set of rules to the packet of data ([Col. 7; lines 55-60] “The fields in a packet that has been received by switch 14 can be compared to the fields in the flow table. Each flow table entry may have associated actions. When there is a match between the fields in a packet and the fields in a flow table entry, the corresponding action for that flow table entry may be taken.”).  

Regarding claim 19, the system as recited in claim 18, wherein the at least one edge router attributes the packet of data to the customer network using a header of the packet of data ([Col. 1; lines 58-62] “Fields in the packet header, such as source address, network address, protocol, and protocol port and other information associated with a given packet are packet attributes that may be compared to the matching criteria.”).

Claim 8 rejected under 35 U.S.C. 103 as being unpatentable over Adams et al. (US 8693344, “Adams”) in view of Sonoda et al. (US 2014/0079070, “Sonoda”) and Baphna et al. (US 2015/0064677, “Baphna”), and further in view of Raleigh (US 8,799,451).
Examiner’s note: in what follows, references are drawn to Adams unless otherwise mentioned.
Regarding claim 8, it is noted that while disclosing receiving policies at a controller of a primary network, Adams does not specifically teach about defining a duration in the rules. It, however, had been known in the art before the effective filing date of the instant application as shown by Raleigh as follows; 
the method as recited in claim 1, wherein each of the custom defined set of rules defines a duration for application to the network traffic at the at least one edge router ([Raleigh, Claim 19] “the first service policy or the second service policy is based on a time of day or a time period.”). 
.

Claim 17 rejected under 35 U.S.C. 103 as being unpatentable over Adams et al. (US 8693344, “Adams”) in view of Sonoda et al. (US 2014/0079070, “Sonoda”) and Baphna et al. (US 2015/0064677, “Baphna”), and further in view of Ren et al. (US 2015/0382197, “Ren”).
Examiner’s note: in what follows, references are drawn to Adams unless otherwise mentioned.
Regarding claim 17, it is noted that while disclosing receiving policies at a controller of a primary network, Adams does not specifically teach about a portal server. It, however, had been known in the art before the effective filing date of the instant application as shown by Ren as follows; 
the system as recited in claim 16, further comprising: a server running a portal in communication with the controller, wherein the one or more forwarding 
It, therefore, would have been obvious to one of ordinary skill in the art before the effective filing date of the instant application to include such feature of enforcing communication restriction policies, for example, of a portal server which contains sensitive personal or financial information in Adams as taught by Ren. One would have been motivated to include such feature of enforcing policies in the portal server in order for the controller to protect such sensitive information in communication as described in [Ren, 0017] “the network device may be a mobility management entity (MME) or policy and charging rules function (PCRF) that communicates with the enterprise portal server to determine the particular communication restriction policies to employ and/or to determine a set of mobile devices that are to have communications restricted at any particular time.”

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Harry Kim whose telephone number is (571) 272-5009 and email address is harry.kim2@uspto.gov.  The examiner can normally be reached on Monday to Friday, 9AM to 6PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Derrick Ferris can be reached at (571) 272-3123. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HARRY H KIM/           Primary Examiner, Art Unit 2411