Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
	This communication office action is in response to the filing of Patent Application 17155312 on 1/22/2021.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-5, 8-13, 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thubert (U.S. Patent App Pub 2014/0192808) in view of Friedman (U.S. Patent App Pub 2013/0117847).
As per claim 1, Thubert teaches a method/apparatus of collecting security, flow, and/or routing information associated with an
(Apparatus having a network interface, the apparatus comprising para [0024], (0075], (0078), the method comprising:
in a network. receiving, at an ingress network node, a packet to selectively apply, according to one or more policies enforced at the ingress network node, an encrypted encapsulation to generate an encrypted-encapsulated packet (e.g. ingress endpoint of the tunnel encapsulates the data traffic in the tunnel headers. Based on the tunnel header information, the tunnel traffic is transmitted directly or indirectly to the endpoint of the tunnel. For secure tunnels, the encapsulated information is encrypted for transmission, para [0060]; para [0043]-[0044]);
generating, at the ingress network node, the encrypted-encapsulated packet by (i) encrypting the packet having included a packet header and a packet payload to form an encrypted payload of the encrypted-encapsulated packet (e.g. payload of tunnel packets are encrypted by the ingress device of the tunnel, para (0030); e.g. data traffic 50 with a network header and corresponding data payload. The network header is from the original protocol data unit (POU) that is to be encapsulated in the tunnel, para [0043)-(0044), [0058)-(0060) and (ii) inserting an encapsulation header to the encrypted-encapsulated packet, wherein the encapsulation header comprises one or more metadata information derived, or retrieved, from the header or the payload of the received packet (e.g. tunnel header includes various fields for defining the tunnel.the tunnel header is added to the data traffic. The encapsulated data traffic may then be transmitted between the endpoints of the tunnel, para (00861); 
(para [0086) teaches encapsulated menta data; and transmitting, at the ingress network node, over a tunnel, the encrypted encapsulated packet to an egress network node located in the network (para (0030), [0060) teaches a tunnel used to transmit data through the tunnel). 
Thubert fails to teach wherein the one or more metadata information is subsequently collected, by an intermediary node located between, or able to observe traffic between, the ingress network node and egress network node, to be subsequently analyzed individually or in combination with other collected metadata information, wherein the intermediary node collects the one or more metadata information by interrogating the string in the one or more pre-defined fields of the encapsulation header.
However, Friedman, in an analogous art. teaches wherein the one or more metadata information is subsequently collected, by an intermediary node located between, or able to observe traffic between, the ingress network node and egress network node, to be subsequently analyzed individually or in combination with other collected metadata information (para [0013)-(0015], [0059), Friedman teaches an intelligence intermediary  system that collects data. ), wherein the intermediary node collects the one or more metadata information by interrogating the string in the one or more pre-defined fields of the encapsulation header (para (0013)-(0014), (0088)-(0089), (0188), Friedman teaches storing the information from the intermediary node ).
(Friedman, para [0031).

As per claim 2, Friedman further teaches further comprising: forwarding, at the intermediary node, the one or more metadata information to a collector for subsequent analysis (para (0013)-(0014), (0088)-(0089), (0188), Friedman teaches storing the information from the intermediary node ).See motivation to claim 1.

As per claim 3, Friedman further teaches wherein the collector is configured to store the one or more metadata information and other metadata information(para (0013)-(0014), (0088)-(0089), (0188), Friedman teaches storing the information from the intermediary node ).
 (para (0013)-(0014), (0088)-(0089), (0188), Friedman teaches storing the encrypted packets). See motivation to claim 1.

As per claim 4, Thubert and Friedman further teaches wherein the collector is further configured to store IP traffic data collected from the network (para (0063), (0081)(0086] Thubert teaches store IP traffic). 
Thubert further teaches the collector is further configured to store IP traffic data collected from the network (para [0006], [0062)-( 0064], Thubert teaches storing IP traffic). 

As per claim 5, Thubert and Friedman teaches further comprising: receiving, at the egress network node, the encrypted-encapsulated packet (para (0030], [0060], Thubert teaches ); and generating, at the egress network node, the packet, wherein the packet having included the packet header and packet payload is generated by decrypting the encrypted payload {para [0030], (0060], Thubert teaches netflow in and outflow packets). 

As per claim 8, Thubert and Friedman teaches the method of claim 1. 
Friedman further teaches wherein the one or more metadata information are specified in the one or more policies, wherein the one or more policies are editable i) by a controller located in the network and/or ii) by a network administrator through a  (para (0300], [0323], Friedman teaches one or more polices are changeable) See motivation to combine for claim 1.

As per claim 9, Thubert and Friedman teaches the method of claim 1, wherein the one or more metadata information includes an identifier selected from the group consisting of:a source IP address associated with the packet; a destination IP address associated with the packet; a security group tag (SGT) associated with the packet; a VXLAN network identifier (VNI) associated with the packet; a user identifier associated with the packet; a user-group identifier associated with the packet; a subnet address associated with the packet; a subnet group address associated with the packet; an application identifier associated with an application executing on a computing device that is origin to the packet; a virtualized instance identifier of a computing device in the network that is origin to the packet; and a combination thereof.(para 44-46, Thubert teaches at least source and destination ip addresses)

As per claim 10, Thubert and Friedman teaches the method of claim 1, wherein the one or more metadata information are inserted as one or more unencrypted strings into one or more pre-defined fields in the encapsulation header. (para 59 91, Thubert teaches an unencrypted payload)

As per claim 11, Thubert and Friedman teaches the method of claim 1, wherein the one or more metadata information is inserted as one or more encrypted strings into  (para 58, 60, 89, Thubert teaches encrypted data strings)

As per claim 12, Thubert teaches a system (para [0024]) comprising:
a network interface having instructions stored thereon, wherein execution of the instructions by a processor causes the interface to (para [0075], [0078], Thubert teaches a network interface):
upon receipt of a packet, generate an encrypted-encapsulated packet by (i) encrypting the packet having included a packet header and packet payload to form an encrypted payload of the encrypted-encapsulated packet (e.g. ingress endpoint of the tunnel encapsulates the data traffic in the tunnel headers. Based on the tunnel header information, the tunnel traffic is transmitted directly or indirectly to the endpoint of the tunnel. For secure tunnels, the encapsulated information is encrypted for transmission, para [0060]; para [0043)-(0044]);and 
(ii) inserting an encapsulation header to the encrypted encapsulated packet, wherein the encapsulation header comprises one or more metadata information derived, or retrieved, from the header or payload of the received packet, wherein the one or more metadata information is inserted into one or more pre-defined fields of the encapsulation header (e.g. tunnel header includes various fields for defining the tunnel.the tunnel header is added to the data traffic. The encapsulated data traffic may then be transmitted between the endpoints of the tunnel, para [00861); and
transmit, over a tunnel, the encrypted-encapsulated packet to an egress network node located in the network (para [0030], [0060]).

interrogating the string in the one or more pre-defined fields of the encapsulation header.
However, Friedman, in an analogous art, teaches wherein the one or more metadata information is subsequently collected, by an intermediary node located between, or able to observe traffic between, the ingress network node and egress network node, to be subsequently analyzed individually or in combination with other collected metadata information (para [0013)-(0015], [0059), Friedman teaches an intelligence intermediary  system that collects data. ),, wherein the intermediary node collects the one or more metadata information by interrogating the string in the one or more pre-defined fields of the encapsulation header (para [0013)-(0015), [0088)-(0094], (0183], [0280], Friedman teaches intermediary collects data.).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert by including wherein the one or more metadata information is subsequently collected, by an intermediary node located between, or able to observe traffic between, the ingress network node and egress network node, to be subsequently analyzed individually or in combination with other collected metadata information, wherein the intermediary node collects the one or more metadata information by interrogating the string in the one or more pre-defined fields of the encapsulation header (Friedman, para (0031).

As per claim 13, Thubert and Friedman teaches wherein a collector is configured to store the one or more metadata information and other metadata information collected from other encrypted encapsulated packets (para (0058), (0086], Thubert teaches encrypted strings collected). 
Thubert further teaches a collector is configured to store the one or more metadata information and other metadata information collected from other encrypted encapsulated packets (para (0006], (0061), (0066] Thubert teaches encrypted strings collected). 

As per claim 18, Thubert and Friedman teaches the system of claim 12, wherein the one or more metadata information includes an identifier selected from the group consisting of:a source IP address associated with the packet; a destination IP address associated with the packet; a security group tag associated with the packet; a VXLAN network identifier (VNI) associated with the packet; a user identifier associated with the packet; a user-group identifier associated with the packet; a subnet address associated with the packet; a subnet group address associated with the packet; a source application executing on a computing device that is origin to the packet; a virtualized instance of a computing device in the network that is origin to the packet; and a  (para 44-46, Thurbert teaches at least source and destination ip addresses )

Claim 6, 7, 14, 15, 16, 17, 19, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thubert (U.S. Patent App Pub 2014/0192808) in view of Friedman (U.S. Patent App Pub 2013/0117847) further in view of US 2017/0033924 to Jain, Inc. (hereinafter Jain).

As per claim 6, neither Thubert nor Friedman teach wherein the encapsulation header comprises a VXLAN-GPE header, and wherein the VXLAN-GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of: at least 16 bits, at least 32 bits, and at least 48 bits.
However, Jain, in an analogous art, teaches the encapsulation header comprises a VXLANGPE header, and wherein the VXLAN-GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of: at least 16 bits, at least 32 bits, and at least 48 bits (para (0051), (0070), (0075), Jain teaches a few bytes which is 24 bits).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert and Friedman by including the encapsulation header comprises a VXLANGPE header, and wherein the VXLAN-GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from 

As per claim 7, neither Thubert nor Friedman teach wherein the encapsulation header comprises a metadata GPE header, and wherein the metadata GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of at least 24 bits and at least 56 bits (e.g., one or more bits located between bit location 0 and bit location 23 and/or between bit location 32 and bit location 63 of the header)least 48 bits.
However, Jain, in an analogous art, teaches wherein the encapsulation header comprises a metadata GPE header, and wherein the metadata GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of at least 24 bits and at least 56 bits (e.g., one or more bits located between bit location 0 and bit location 23 and/or between bit location 32 and bit location 63 of the header)least 48 bits (para (0051), (0070), (0075), Jain teaches a few bytes which is 24 bits).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert and Friedman by including wherein the encapsulation header comprises a metadata GPE header, and wherein the metadata GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of at least 24 bits and at least 56 bits (e.g., one or more bits located between bit location 0 and bit location 23 and/or between bit location 

As per claim 14, neither Thubert nor Friedman teach wherein the encapsulation header comprises a VXLANGPE header, and wherein the VXLAN-GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of: at least 16 bits, at least 32 bits, and at least 48 bits.
However, Jain, in an analogous art, teaches the encapsulation header comprises a VXLANGPE header, and wherein the VXLAN-GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of: at least 16 bits, at least 32 bits, and at least 48 bits (para (0051), (0070), (0075), Jain teaches a few bytes which is 24 bits).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert and Friedman by including the encapsulation header comprises a VXLANGPE header, and wherein the VXLAN-GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of: at least 16 bits, at least 32 bits. and at least 48 bits as taught by Jain because the modification provides higher level of security.

As per claim 15, Thubert teaches the system of claim 12,wherein the encapsulation header comprises a metadata GPE header, and wherein the metadata GPE header comprises a number of allocate-able bits for inclusion of the one or more 
However, Jain, in an analogous art, teaches wherein the encapsulation header comprises a metadata GPE header, and wherein the metadata GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of at least 24 bits and at least 56 bits (para (0051), (0070), (0075), Jain teaches a few bytes which is 24 bits).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert and Friedman by including wherein the encapsulation header comprises a metadata GPE header, and wherein the metadata GPE header comprises a number of allocate-able bits for inclusion of the one or more metadata information selected from the group consisting of at least 24 bits and at least 56 bits as taught by Jain because the modification provides higher level of security.

As per claims 16, Thubert teaches a system of claim 12, wherein the encapsulation header comprises a VXLAN DTLS header or a metadata DTLS header.
However, Jain, in an analogous art, teaches wherein the encapsulation header comprises a VXLAN DTLS header or a metadata DTLS header. (para (0029), (0059),  Jain teaches DTLS header).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert and Friedman by wherein the encapsulation header comprises a VXLAN DTLS header or a metadata DTLS header. as taught by Jain because the modification provides higher level of security.

As per claims 17, Thubert teaches a system of claim 12, wherein the one or more metadata information is specified in one or more policies, wherein the one or more policies are editable i) by a controller located in the network or ii) by a network administrator through a computing terminal having access to the network, the system further comprising:a memory having instructions stored thereon, wherein execution of the instructions by one or more processors of the system, cause the processor to: receive the one or more policies from a computing device external to the system; and apply the one or more policies to incoming traffic received at the network interface.
However, Jain, in an analogous art, teaches wherein the one or more metadata information is specified in one or more policies, wherein the one or more policies are editable i) by a controller located in the network or ii) by a network administrator through a computing terminal having access to the network, the system further comprising:a memory having instructions stored thereon, wherein execution of the instructions by one or more processors of the system, cause the processor to: receive the one or more policies from a computing device external to the system; and apply the one or more policies to incoming traffic received at the network interface., (0045), 0046, 0055)., Jain )
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert and Friedman by including wherein the one or more metadata information is specified in one or more policies, wherein the one or more policies are editable i) by a controller located in the network or ii) by a network administrator through a computing terminal having access to the network, the system further comprising:a 

As per claims 19. Thubert teaches a system comprising para [0024), [0075],
[0078) ,Thubert)  comprising: a network interface having instructions stored thereon, wherein execution of the instructions, cause the interface to (para [0075), [0078], Thubert):
upon receipt of an encrypted encapsulated packet having an encrypted-encapsulation header and an encrypted payload, generate an unencrypted packet having included a packet header and a packet payload from the encrypted payload (e.g. ingress endpoint of the tunnel encapsulates the data traffic in the tunnel headers. Based on the tunnel header information, the tunnel traffic is transmitted directly or indirectly to the endpoint of the tunnel. For secure tunnels, the encapsulated information is encrypted for transmission, para [0060); para (0043)-(0044], Thubert teaches tunnels); and
wherein the encrypted-encapsulated packet was generated by (i) encrypting the packet having included the packet header and the packet payload to form the encrypted payload (e.g. payload of tunnel packets are encrypted by the ingress device of the tunnel, para [0030]; e.g. data traffic 50 with a network header and corresponding data payload. The network header is from the original protocol data unit (POU) that is to be encapsulated in the tunnel, para (0043]-[0044], [0058]-[0060])(e.g. payload of tunnel packets are encrypted by the ingress device of the tunnel, para [0030]; e.g. data traffic 50 with a network header and corresponding data payload. The network header is from the original protocol data unit (POU) that is to be encapsulated in the tunnel, para [0043]-[0044], [0058]-[0060]) and (ii) inserting the encapsulation header to the encrypted-encapsulated packet, wherein the encapsulation header comprises one or more metadata information derived, or retrieved, from the packet header or the packet payload (e.g. tunnel header includes various fields for defining the tunnel.the tunnel header is added to the data traffic. The encapsulated data traffic may then be transmitted between the endpoints of the tunnel, para [0086]), wherein the one or more metadata information is inserted into one or more pre-defined fields of the encapsulation header (para [0086] Thubert reaches encapulation)
Thubert fails to teach transmit the unencrypted packet to a next hop in the network based on routing information identified in the unencrypted packet; wherein the one or more metadata information is collectable, by an intermediary node located between, or able to observe traffic between, the ingress network node and egress network node, to be analyzed individually or in combination with other collected metadata information, wherein the intermediary node collects the one or more metadata information by interrogating in the one or more pre-defined fields of the encapsulation header.
However, Friedman, teaches wherein the one or more metadata information is collectable, by an intermediary node located between, or able to observe traffic (para [0013)-(0015], [0059), Friedman teaches an intelligence intermediary  system that collects data. ),, wherein the intermediary node collects the one or more metadata information by interrogating in the one or more pre-defined fields of the encapsulation header, (para (0013)-(0014), (0088)-(0089), (0188), Friedman teaches storing the information from the intermediary node ).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert by including the one or more metadata information is collectable, by an intermediary node located between, or able to observe traffic between, the ingress network node and egress network node, to be analyzed individually or in combination with other collected metadata information, wherein the intermediary node collects the one or more metadata information by interrogating in the one or more pre-defined fields of the encapsulation header as taught by Friedman because the modification would process network metadata obtained through network monitoring activities and a subsequent processing of the metadata, which may efficiently result in useful information being reported in a timely manner to a consumer of the metadata (Friedman, para [0031).
Neither Thubert nor Friedman teach transmit the unencrypted packet to a next hop in the network based on routing information identified in the unencrypted packet.
However, Jain, in an analogous art, teaches transmit the unencrypted packet to a next hop in the network based on routing information identified in the unencrypted  (para (0055)-(0068], (0075)-(0076), Jain teaches sending an unecypted packet to the next hope ). 
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert and Friedman by including transmit the unencrypted packet to a next hop in the network based on routing information identified in the unencrypted packet as taught by Jain because the modification determines whether the destination IP address need to be resolved (Jain, para [0054]).

As per claim 20, 
Thubert teaches  wherein the one or more metadata information includes an identifier selected from the group consisting of: a source IP address associated with the packet; a destination IP address associated with the packet; a security group tag associated with the packet; a VXLAN network identifier (VNI) associated with the packet; a source IP address associated with the packet; a destination IP address associated with the packet; a security group tag associated with the packet; a VXLAN network identifier (VNI) associated with the packet; a user identifier associated with the packet; a user-group identifier associated with the packet; a subnet address associated with the packet; and a subnet group address associated with the packet; a source application executing on a computing device that is origin to the packet; a virtualized instance of a computing device in the network that is origin to the packet; a combination thereof. (para 44-46, Thubert teaches at least source and destination ip addresses)
Friedman further teaches wherein the network interface is configurable via instructions to forward the one or more metadata information to a collector located in the (para (0013)-(0014), (0088)-(0089), (0188), Friedman teaches storing the information from the intermediary node ).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert by including wherein the one or more metadata information is subsequently collected, by an intermediary node located between, or able to observe traffic between. the ingress network node and egress network node, to be subsequently analyzed individually or in combination with other collected metadata information, wherein the intermediary node collects the one or more metadata information by interrogating the string in the one or more pre-defined fields of the encapsulation header as taught by Friedman because the modification would process network metadata obtained through network monitoring activities and a subsequent processing of the metadata, which may efficiently result in useful information being reported in a timely manner to a consumer of the metadata (Friedman, para [0031).
Neither Thubert nor Friedman teach wherein the encapsulation header comprises a VXLAN DTLS header or a GPE DTLS header.
However, Jain, in an analogous art, teaches the encapsulation header comprises a VXLAN DTLS header or a GPE DTLS header, (para (0029), (0059),  Jain teaches DTLS header).
It would have been obvious to one of ordinary skill in the art to have modified the system of Thubert and Friedman by including the encapsulation header comprises a .

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
	Claims 1-20 are rejected under the judicially created doctrine of obviousness-type double patenting as being unpatentable over claims 1-15 of United States Patent 10938685.  Although the conflicting claims are not identical, they are not patentably distinct from each other because the patent claims contain every element of the instant application and as such is encompassed by the claims of this instant application. Claims 1-20 of the instant application therefore is/are not patently distinct from the earlier patent claim(s) and as such is/are unpatentable over obvious-type double patenting.  A later patent/application claim is not patentably distinct from an earlier claim if the later claim is anticipated by the earlier claim.  “A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. (In re Longi, 759 F.2d at 896,225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure and located in the PTO-892 form. 
1. Singh U.S. Patent App Pub 20130297768 teaches a method includes generating at a network device comprising a virtual switch, a tenant record comprising tenant information for a context defined within the virtual switch, exporting the tenant record to a collector, monitoring network flow at the virtual switch, and exporting network flow data in a data record to the collector. The data record includes an identifier associating the data record with the context.
2. Pukhraj U.S. Patent App Pub 20170346731 teaches a switch includes a storage device, a rule management module, an inner packet module, and a packet processor. During operation, the rule management module obtains a rule associated with a data flow within tunnel encapsulation of a tunnel. This rule indicates how the flow is to be processed at the switch. The rule management module then applies an initial rule to a respective line card of the switch. The initial rule is derived from a virtual network identifier, which is associated with the tunnel, of the obtained rule. The inner 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NINOS DONABED whose telephone number is (571)272-8757.  The examiner can normally be reached on Monday - Friday 8:00pm - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John FOLLANSBEE can be reached on (571)272-3964.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 






/NINOS DONABED/Primary Examiner, Art Unit 2444