DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
This is a reply to the application filed on 05/06/2020, in which, claim(s) 1-7 are pending. Claim(s) 1 and 6 are independent.

Priority
Acknowledgment is made of applicant's claim for foreign priority under 35 U.S.C. 119(a)-(d). Receipt is acknowledged of papers submitted under 35 U.S.C. 119(a)-(d), which papers have been placed of record in the file.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 05/06/2020, has been reviewed. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the information disclosure statement.

Drawings
The drawings filed on 05/06/2020 is/are objected to because drawings contain blank boxes and numbers. Applicant must supply a suitable legend. A proposed drawing correction or corrected drawings are required in reply to the Office action to avoid abandonment of the application. The objection to the drawings will not be held in abeyance. 


(n)      Symbols. Graphical drawing symbols may be used for conventional elements when appropriate. The elements for which such symbols and   labeled representations are used must be adequately identified in the specification. Known devices should be illustrated by symbols which have a universally recognized conventional meaning and are generally accepted in the art. Other symbols which are not universally recognized may be used, subject to approval by the Office, if they are not likely to be confused with existing conventional symbols, and if they are readily identifiable.

(o)      Legends. Suitable descriptive legends may be used subject to approval by the Office, or may be required by the examiner where necessary for understanding of the drawing. They should contain as few words as possible.


Specification
Applicant is reminded of the proper language and format for an abstract of the disclosure.
The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details.
The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure 
The abstract of the disclosure is objected to because it contains legal phraseology (i.e., “the method comprising”) and it is more than 150 words (i.e. 174 words). See MPEP § 608.01(b).
Appropriate correction is required.

Claim Objections
Claims 1 and 6 are objected to because of the following informalities:  
Claim 1 and claim 6 recite acronyms “TCP”, “ACK” and “RST” without indication of what do they stand for. 
Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 6-7 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. Claim 6 recites “A router” in the preamble and "a first port”, “a second port”, “a memory unit” and “a first processor”, in the claim body. As recited in the body of the claim, the claimed device lacks a structural component because the port, memory and processor could be implemented as Claim 6 is directed to non-statutory subject matter for lack of a hardware component. The Examiner respectfully suggests that the claim be further amended to positively recite at least one hardware element within the body of the claim to make the claim statutory subject matter under 35 U.S.C. 101 such as “a hardware processor” or “a hardware memory”.
Claim 7 does not cure the deficiency of claim 6 and are rejected under 35 U.S.C. 101 for their dependency upon claim 6.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1 and 3-6 are rejected under 35 U.S.C. 102 (a)(1) as being anticipated by Kelson et al. (US 2014/0337614 A1, cited by the applicant in the 05/06/2020 IDS).
Regarding Claim 1, Kelson discloses A method of monitoring traffic, the method being carried out by a router acting as a gateway between a first and second network ([0036], “a security gateway configured as a transparent bridge or router”), the method comprising:  
after establishment of a TCP connection between a first device on the first network and a second device on the second network ([0033], “HTTP clients are often executed on client end stations that are located outside of the LAN of the security gateway and web application servers”, [0036], “a security gateway configured as a transparent bridge or router, such that the security gateway is not an end point of the encryption layer connections and thus does not terminate the encryption layer connections or the underlying transport layer (e.g., Transmission Control Protocol (TCP)) connections”): 
receiving a plurality of data packets sent from the first device over the TCP connection ([0063], “receipt of the packets, allowing the HTTP client 110A to continue sending additional packets”); 
sending a TCP ACK packet to the first device in response to each data packet of the plurality of data packets ([0063], “send one or more acknowledgements 303 (e.g., an ACK packet used in TCP) to acknowledge receipt of the packets”); 
storing said data packets without sending them to the second device ([0071], “unmodified messages transmitted by the HTTP client 110A and stored by the security gateway 140 in a first hash storage location”); 
examining at least part of the plurality of the stored data packets in order to determine whether to block or allow the TCP connection ([0063], “for the security gateway 140 to examine additional packets of the connection to make a determination”); 
in the event that it is determined to allow the TCP connection: sending each of the stored data packets to the second device ([0103], “if the plaintext record is allowable (i.e., accepted at 922), processing will continue 924 based upon the connection mode 924 of the encryption layer connection”); 
in the event that it is determined to block the TCP connection: sending a TCP RST message to each of the first and second devices in order to close the TCP connection ([0103], “if the decision modules have determined that the plaintext record should not be sent, the encryption layer connection is to be blocked 918 and the security gateway 140 will transmit reset messages to both the HTTP client 110A at 920A and to the WAS 130A at 920B”).  

Regarding Claim 3, Kelson teaches
in the event that it is determined to block the TCP connection, sending a substitute response to the first device via the TCP connection prior to sending the TCP RST message, the substitute response containing one or more data packets using the same application layer protocol as the stored data packets ([0079], “If the values do not match, the security gateway 140 may cause the handshake and encrypted connection to be aborted by, in various embodiments, transmitting reset packets or by computing a purposefully incorrect hash value (515B) to 

Regarding Claim 4, Kelson teaches
in the event that it is determined to block the TCP connection, discarding the stored data packets ([0103], “if the decision modules have determined that the plaintext record should not be sent, the encryption layer connection is to be blocked”, therefore discard the stored data packets).

Regarding Claim 5, Kelson teaches
following sending of the TCP 35RST message, preventing forwarding of any further data packets between the first and second device ([0103], “if the decision modules have determined that the plaintext record should not be sent, the encryption layer connection is to be blocked 918 and the security gateway 140 will transmit reset messages to both the HTTP client 110A at 920A and to the WAS 130A at 920B” to prevent forwarding of any further data packets).

Regarding Claim 6, Kelson teaches A router comprising: 
a first port configured to connection to a first network; a second port configured to connect to a second network ([0035], “port”, Fig. 3, 1st port to client, 2nd port to Web server); 
a memory unit for storing data ([0030], “memory”);  
a first processor ([0030], “one or more processors”) configured to: 
after establishment of a TCP connection between a first device on the first network and a second device on the second network ([0033], “HTTP clients are often executed on client end stations that are located outside of the LAN of the security gateway and web application servers”, [0036], “a security gateway configured as a transparent bridge or router, such that the security gateway is not an end point of the encryption layer connections and thus does not terminate the encryption layer connections or the underlying transport layer (e.g., Transmission Control Protocol (TCP)) connections”): 
receive a plurality of data packets sent from the first device over the TCP connection ([0063], “receipt of the packets, allowing the HTTP client 110A to continue sending additional packets”);  
send a TCP ACK packet to the first device in response to each data packet of the plurality of data packets ([0063], “send one or more acknowledgements 303 (e.g., an ACK packet used in TCP) to acknowledge receipt of the packets”); 
store said data packets in the memory unit without sending them to the second device ([0071], “unmodified messages transmitted by the HTTP client 110A and stored by the security gateway 140 in a first hash storage location”); 
examine the stored data packets in order to determine whether to block or allow the TCP connection ([0063], “for the security gateway 140 to examine additional packets of the connection to make a determination”); 
in the event that it is determined to allow the TCP connection: send each of the stored data packets to the second device ([0103], “if the plaintext record is allowable (i.e., accepted at 922), processing will continue 924 based upon the connection mode 924 of the encryption layer connection”); 
in the event that it is determined to block the TCP connection: send a TCP RST message to each of the first and second devices in order to close the TCP connection ([0103], “if the decision modules have determined that the plaintext record should not be sent, the encryption layer connection is to be blocked 918 and the security gateway 140 will transmit reset messages to both the HTTP client 110A at 920A and to the WAS 130A at 920B”).    

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 2 and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Kelson et al. (US 2014/0337614 A1, cited by the applicant in the 05/06/2020 IDS) in view of Dukes et al. (US 9,252,972 B2, cited by the applicant in the 05/06/2020 IDS).
Regarding Claim 2, Kelson teaches
wherein the router has a first processor and a second processor, and wherein the steps of claim 1 are performed on the first processor ([0030], “one or more processors”, [0033], [0036], [0063]),
Kelson does not explicitly teach but Dukes teaches
in the event that it is determined to allow the TCP connection, handling subsequent data packets of the TCP connection via the second processor (Col 9 Lines 57-62, “flow control unit 57 receives an inbound packet 78 and selectively directs the packet along fast path 91 to forwarding ASICs 70 for immediate forwarding”);
Kelson and Dukes are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Dukes with the disclosure of Kelson. The motivation/suggestion would have been to dynamically direct subsequent packets of the packet flow upon determining that the packet flow does not pose a threat (Dukes, Col 10 Lines 1-10).

Regarding Claim 7, Kelson teaches
a second processor configured to forward data packets between the first and second port ([0030], “one or more processors”, [0035], “port”, Fig. 3, 1st port to client, 2nd port to Web server),
Kelson does not explicitly teach but Dukes teaches
wherein the router is configured to handle data packets using the second processor for a TCP connection following a determination at the first processor to allow that TCP connection (Col 9 Lines 57-62, “flow control unit 57 receives an inbound packet 78 and selectively directs the packet along fast path 91 to forwarding ASICs 70 for immediate forwarding”);
Kelson and Dukes are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Dukes with the disclosure of Kelson. The motivation/suggestion would have been to dynamically direct subsequent packets of the packet flow upon determining that the packet flow does not pose a threat (Dukes, Col 10 Lines 1-10).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is 





/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497