DETAILED ACTION
Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  This Action is made non-FINAL. 
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant’s submission filed on 2/28/2022, for application 15/215,023 has been entered.
This Office Action is in response to the amendment filed 2/28/2022 for application 15/215,023.
As per instant Amendment, Claims 1, 2, 9, 13, 14, and 17-19 have been amended. Claims 1, 13, and 17 are independent claims.  Claims 1-20 have been examined and are pending. 
Response to Arguments
In the interest of compact prosecution, Examiner called Applicant’s representative, Matthew R. Frontz, on March 9 and March 11 2022 to discuss possible amendments to move the case forward.  However, Applicant’s representative and Examiner have not come to an agreement at the present time.
Applicants’ arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 2/28/2022, with respect to the rejections of claims 1-20 have been fully considered but are not persuasive.
Applicant asserts as follows:  1. Claim Amendments.  Although Applicant does not necessarily agree with the arguments set forth in the Office Action, the instant claims have nevertheless been amended in an effort to expedite prosecution of the instant application. For example, independent claim 1 has been amended to now recite, in relevant part: determining an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network;  determining which of the plurality of ports on the network device is connected to the unauthorized wireless device by: determining one or more predetermined traffic patterns to be transmitted by the network device via one or more of the plurality of ports; determining one or more traffic patterns transmitted by the unauthorized wireless device, wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device.  The remaining independent claims 13 and 17 each recite substantially similar limitations to independent claim 1 and have each been likewise amended. Additionally, Applicant notes that dependent claims 2, 9, 14, 18 and 19 have been amended to now recite an “unauthorized wireless device” consistent with the amendments to the independent claims. No new matter has been added.
Examiner respectfully notes that the combination of Atreya, Venable, Bratspiess, and Nagasu properly the independent claims.  Regarding claim 1, Atreya discloses, in paragraph 0029, a method comprising; in paragraph 0032 and 0008, unauthorized wireless device by; in paragraphs 0030 and 0008, determining one or more predetermined traffic patterns to be transmitted by the network device via one or more of the plurality of ports; in paragraph 0014, wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device; in paragraph 0030, determining one or more traffic patterns transmitted by the unauthorized wireless device; in paragraph 0031 and 0032, determining the one or more traffic patterns transmitted by the wireless device has a threshold degree of similarity to a matching traffic pattern from the one or more predetermined traffic patterns, to yield a traffic pattern match, the threshold degree of similarity including matching traffic patterns and similar traffic patterns;  in paragraph 0033, and 0008, based on the traffic pattern match, determining a port from the plurality of ports is associated with the matching traffic pattern is connected to the unauthorized wireless device, to yield an identified port.  Bratspiess, in paragraphs 0118, 0132, 0137, and 0145, discloses selecting a port policy to be applied to the identified port.  Venable, in paragraph 0001, discloses the similar traffic patterns including variable degrees of similarity and variable confidence levels based on the variable degrees of similarity.  Newly applied reference, Nagasu, discloses determining an unauthorized wireless device has connected to an unknown port
Applicant argues as follows:  At best, Atreya describes a technique for periodically conducting a blind search for any rogue devices that may be present in a network. For example, Atreya describes a rogue access point (AP) detection process in which a signature frame is injected into a network and monitoring is performed to see if any APs subsequently retransmit the signature frame. The signature frame contains a pattern of data that is known to all authorized APs in the network — when an authorized AP sees this pattern of data, the authorized AP knows not to retransmit the signature frame; therefore, rogue APs are detected because they are the only devices that will re-broadcast the signature frame (see, e.g., Atreya [0030]-[0032], as relied upon by the Office Action at p. 7).  Notably, none of the actions described by Atreya and relied upon by the Office Action are performed subsequent to the detection of a rogue access point — this is because Atreya is directed only to detecting the rogue APs and treats subsequent matters such as the identification of a rogue AP’s port as a trivial step, as would be appreciated by one of ordinary skill in the art.  By contrast, the amendments to the instant claims clarify that the presence of an unauthorized or rogue device is an already known fact prior to the subsequent claimed steps for “determining which of the plurality of ports on the network device is connected to the unauthorized wireless device.” As explained in paragraph [0013] of the originally filed specification: The approaches set forth herein can enable accurate and efficient identification and validation of a wired port that has been connected to a rogue device, such as a rogue access point. It is typically extremely difficult to identify with any certainty which port specifically a rogue device has plugged into. Advantageously, the approaches herein can not only detect when a rogue device is connected to the network but also which specific port the rogue device has connected to. Once the controller 102 determines, based on the signal 158, that a rogue device 152 has connected to a wired port on the switch 112, it can select one or more of the ports 164-178 on the switch 112 to test...” (emphasis added).  Accordingly, Applicant respectfully submits that Atreya fails to disclose or otherwise suggest “determining which of the plurality of ports on the network device is connected to the unauthorized wireless device by: [...]” for at least the reason that Atreya is limited to rogue AP detection and describes a process that terminates with the detection of a rogue AP, as would be appreciated by one of ordinary skill in the art.  For at least this reason, Applicant respectfully submits that the rejection of the amended claims is improper and should be withdrawn.
Examiner respectfully notes that the combination of Atreya, Venable, Bratspiess, and Nagasu properly the independent claims.  The combination of Atreya, Venable, Bratspiess, and Nagasu reads on the claims. Regarding claim 1, Atreya discloses, in paragraph 0029, a method comprising; in paragraph 0032 and 0008, determining a wireless device has connected to one of a plurality of ports on a network device associated with a network; in paragraphs 0030 and 0008, determining which of the plurality of ports on the network device is connected to the unauthorized wireless device by; in paragraphs 0030 and 0008, determining one or more predetermined traffic patterns to be transmitted by the network device via one or more of the plurality of ports; in paragraph 0014, wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device; in paragraph 0030, determining one or more traffic patterns transmitted by the unauthorized wireless device; in paragraph 0031 and 0032, determining the one or more traffic patterns transmitted by the wireless device has a threshold degree of similarity to a matching traffic pattern from the one or more predetermined traffic patterns, to yield a traffic pattern match, the threshold degree of similarity including matching traffic patterns and similar traffic patterns;  in paragraph 0033, and 0008, based on the traffic pattern match, determining a port from the plurality of ports is associated with the matching traffic pattern is connected to the unauthorized wireless device, to yield an identified port.  Bratspiess, in paragraphs 0118, 0132, 0137, and 0145, discloses selecting a port policy to be applied to the identified port.  Venable, in paragraph 0001, discloses the similar traffic patterns including variable degrees of similarity and variable confidence levels based on the variable degrees of similarity.  Newly applied reference, Nagasu, discloses determining an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network.
Applicant argues as follows:  Additionally, Applicant notes that the independent claims have also been amended herein to further recite: determining one or more traffic patterns transmitted by the unauthorized wireless device, wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device;
Examiner respectfully notes discloses, in paragraphs 0030 and 0008, determining one or more predetermined traffic patterns to be transmitted by the network wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device as Atreya discloses detecting as well as classifying rogue access points.
Applicant argues as follows:  As would be appreciated by one of ordinary skill in the art, Atreya, whether taken alone or in combination with any other cited references, fails to disclose or otherwise suggest determining one or more traffic patterns transmitted by an unauthorized wireless device based at least in part on a previously determined identity information of the unauthorized wireless device.  While Atreya simply performs a binary check in which any AP that retransmits the signature frame is determined to be a rogue AP, the amendments to the instant claims specify that the process of determining which of the plurality of ports on the network device is connected to the unauthorized wireless device depends on a previous detection or identification of the rogue device.  As explained in paragraphs [0038]-[0042], identity information of an unauthorized wireless device can be obtained or detected in various ways, e.g., by “extract[ing] information from the rogue device 152, such as its network address (e.g., IP address), its MAC address, the device name, its serial number, its model, its settings, its behavior, etc.” (see originally filed specification para. [0039]).  As would be appreciated by one of ordinary skill in the art, Atreya does not teach or suggest this amended claim language because at the time a signature frame is transmitted, the network in Atreya has entirely zero knowledge of any rogue devices, let alone specific identity information (e.g., MAC address) of a known rogue device. Accordingly, for at least this reason as well, Applicant respectfully submits 
Examiner respectfully notes that the combination of Atreya, Venable, Bratspiess, and Nagasu properly the independent claims.  Regarding claim 1, Atreya discloses, in paragraph 0029, a method comprising; in paragraph 0032 and 0008, determining a wireless device has connected to one of a plurality of ports on a network device associated with a network; in paragraphs 0030 and 0008, determining which of the plurality of ports on the network device is connected to the unauthorized wireless device by; in paragraphs 0030 and 0008, determining one or more predetermined traffic patterns to be transmitted by the network device via one or more of the plurality of ports; in paragraph 0014, wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device; in paragraph 0030, determining one or more traffic patterns transmitted by the unauthorized wireless device; in paragraph 0031 and 0032, determining the one or more traffic patterns transmitted by the wireless device has a threshold degree of similarity to a matching traffic pattern from the one or more predetermined traffic patterns, to yield a traffic pattern match, the threshold degree of similarity including matching traffic patterns and similar traffic patterns;  in paragraph 0033, and 0008, based on the traffic pattern match, determining a port from the plurality of ports is associated with the matching traffic pattern is connected to the unauthorized wireless device, to yield an identified port.  Bratspiess, in paragraphs 0118, 0132, 0137, an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 272 5368 to schedule an interview.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. 
Claim 1, 10-13, 16-18, and 20 are rejected under 35 U.S.C. 103 under 35 U.S.C. 103 as being unpatentable over Atreya (US20140334317), filed on May 9, 2013, in view of Bratspiess (US20160173511), filed on January 14, 2016 (PCT filed July 15, 2014), Venable (US20110271319), published on November 3, 2011, and Nagasu (JP2006148255), published June 8, 2006.
Regarding claim 1, Atreya discloses a method comprising (Atreya, paragraph 0029, “FIG. 3 is a flow chart of an example method 300 for rogue AP detection.  Processing begins at 302, where a rogue AP detection process is initiated (e.g., at the wireless controller 202).  The process can be initiated automatically and/or manually.  Processing continues to 304.”):
determining a wireless device has connected to one of a plurality of ports on a network device associated with a network (Atreya, paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.”; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”);
determining which of the plurality of ports on the network device is connected to the unauthorized wireless device by (Atreya, paragraph 0030, “the Mobility Agent can include the switch, port, and VLAN identifiers in the signature frame that is sent out. This helps the WC to isolate and shutdown the port(s) to which rogue APs are connected.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”):
determining one or more predetermined traffic patterns to be transmitted by the network device via one or more of the plurality of ports (Atreya, paragraph 0030, “At 304, a signature frame is transmitted.  For example, a signature frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”),
wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device (Atreya, paragraph 0014, RF spectrum monitored to detect and classify rogue access points);
unauthorized wireless device (Atreya, paragraph 0030, “At 304, a signature frame is transmitted.  For example, a signature frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch.  The signature frame contains a pattern of data that is known to the authorized APs, which are configured to not bridge the signature frame to the air (e.g., transmit the signature frame via a wireless interface).  For example, the Mobility Agent can include the switch, port and VLAN identifiers in the signature frame that is sent out.  This helps the WC to isolate and shutdown the port(s) to which rogue APs are connected.  Processing continues to 306.”);
determining the one or more traffic patterns transmitted by the wireless device has a threshold degree of similarity to a matching traffic pattern from the one or more predetermined traffic patterns, to yield a traffic pattern match, the threshold degree of similarity including matching traffic patterns and similar traffic patterns (Atreya, paragraph 0031, “At 306, the signature frame is bridged to the air by the rogue AP (e.g., 214).  Because the rogue AP has not been configured to recognize the signature frame, the rogue AP will not prevent the signature frame from being transmitted wirelessly.  Processing continues to 308.”; paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.”); 
based on the traffic pattern match, determining a port from the plurality of ports is associated with the matching traffic pattern is connected to the unauthorized wireless device, to yield an identified port (Atreya, paragraph 0033, “At 310, the authorized APs report detecting the signature frame to the wireless controller.  Processing continues to 312.”; paragraph 0034, “At 312, the wireless controller can send a command to disable (or shut down) the port associated with the rogue AP.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”).
Atreya does not explicitly disclose selecting a port policy to be applied to the identified port.
However, in an analogous art, Bratspiess discloses selecting a port policy to be applied to the identified port (Bratspiess, paragraph 0118, 0132, 0137, 0145, security policy per port).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bratspiess with the method of Atreya, to include, selecting a port policy to be applied to the identified port, to provide users with the benefits of protecting a network (Bratspiess: paragraph 0010-0011).
Atreya and Bratspiess do not explicitly disclose the similar traffic patterns including variable degrees of similarity and variable confidence levels based on the variable degrees of similarity.
However, in an analogous art, Venable discloses the similar traffic patterns including variable degrees of similarity and variable confidence levels based on the variable degrees of similarity (Venable, paragraph 0001, “traffic fingerprinting analysis is used to identify clientless or unmanaged assets (e.g., endpoint devices) in a network with varying degrees of confidence and estimation”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Venable with the method of Atreya and Bratspiess, to include, selecting a port policy to be applied to the identified port, to provide users with the benefits of improved network location awareness (Venable: title).
Atreya, Bratspiess, and Venable disclose determining a wireless device has connected to one of a plurality of ports on a network device associated with a network, but do not explicitly disclose determining an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network.
However, in an analogous art, Nagasu discloses determining an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network (Nagasu, 8th page, lines 20-22, MAC address is rewritten from the unauthorized device, the port is unknown but the unauthorized device is connected).  
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nagasu with the system/method of Atreya, Bratspiess, and Venable to include determining an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network.
 (Nagasu, first page, abstract, problem to be solved).

Regarding claim 10, Atreya, Bratspiess, Venable, and Nagasu disclose the method of claim 1.  Atreya discloses wherein at least two of the respective traffic patterns are different (Atreya, paragraph 0016. wherein at least two of the respective traffic patterns are different encompasses One way to detect rogue APs is to inject a "signature frame" into the wired network and watch for it to appear in the wireless network.)
Regarding claim 11, Atreya, Bratspiess, Venable, and Nagasu disclose the method of claim 10.  Atreya discloses wherein a difference between the at least two of the respective traffic patterns is based on at least one of a respective duty cycle associated with each of the at least two of the respective traffic patterns and a length of a respective time interval associated with each of the at least two of the respective traffic patterns (Atreya, paragraph 0025, difference in duty cycle and length of time interval associated with a traffic pattern encompasses  “a wireless controller can instruct a mobility agent residing in the WSP to inject a signature frame” because injection of a signature frame will make a longer message).
Regarding claim 12, Atreya, Bratspiess, Venable, and Nagasu disclose the method of claim 1.  Bratspiess discloses further comprising selecting the port policy for the identified port comprises applying the port policy to the identified port, wherein the port policy is configured to limit throughput of the identified port, move traffic of the identified port to an isolated virtual local area network, add one or more firewall (Bratspiess (US20160173511), paragraph 0117, “A security policy with regard to detected forbidden network appliances may be defined per port, optionally by a user.  The security policies may dictate the course of action is such cases which may include: logging of the irregular event, isolation of the threat by disabling the port and/or counter attack with scenarios such as Address Resolution Protocol (ARP) poisoning.”).  The motivation is the same as that of the claim from which this claim depends.
Regarding claim 13, Atreya discloses a system comprising one or more processors; and at least one non-transitory computer-readable storage medium having stored therein instructions which, when executed by the one or more processors, cause the one or more processors to perform operations comprising (Atreya, paragraph 0047, “embodiments of the disclosed method, system, and computer readable media (or computer program product) can be implemented in software executed on a programmed general purpose computer, a special purpose computer, a microprocessor, a network server or switch, or the like”):
detecting that a wireless device has connected to one of a plurality of ports on a network device associated with a network (Atreya, paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”);
unauthorized wireless device by (Atreya, paragraph 0030, “the Mobility Agent can include the switch, port, and VLAN identifiers in the signature frame that is sent out. This helps the WC to isolate and shutdown the port(s) to which rogue APs are connected.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”);
generating one or more predetermined traffic patterns for output by the one or more of the plurality of ports (Atreya, paragraph 0030, “At 304, a signature frame is transmitted.  For example, a signature frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”);
wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device (Atreya, paragraph 0014, RF spectrum monitored to detect and classify rogue access points);
determining one or more wireless traffic patterns transmitted by the wireless device (Atreya, paragraph 0030, “At 304, a signature frame is transmitted.  For example, a signature frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch.  The signature frame contains a pattern of data that is known to the authorized APs, which are configured to not bridge the signature frame to the air (e.g., transmit the signature frame via a wireless interface).  For example, the Mobility Agent can include the switch, port and VLAN identifiers in the signature frame that is sent out.  This helps the WC to isolate and shutdown the port(s) to which rogue APs are connected.  Processing continues to 306.”);
matching, based on a threshold degree of similarity, the one or more wireless traffic patterns to at least one of the one or more predetermined traffic patterns to yield a match, the threshold degree of similarity including matching traffic patterns and similar traffic patterns (Atreya, paragraph 0031, “At 306, the signature frame is bridged to the air by the rogue AP (e.g., 214).  Because the rogue AP has not been configured to recognize the signature frame, the rogue AP will not prevent the signature frame from being transmitted wirelessly.  Processing continues to 308.”; paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.”); 
based on the match, determining a particular port from the plurality of ports that is associated with the at least one of the one or more predetermined traffic patterns is connected to the unauthorized wireless device (Atreya, paragraph 0033, “At 310, the authorized APs report detecting the signature frame to the wireless controller.  Processing continues to 312.”; paragraph 0034, “At 312, the wireless controller can send a command to disable (or shut down) the port associated with the rogue AP.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”).

However, in an analogous art, Bratspiess discloses selecting a port policy for the particular port (Bratspiess, paragraph 0118, 0132, 0137, 0145, security policy per port).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bratspiess with the system of Atreya, to include, selecting a port policy to be applied to the identified port, to provide users with the benefits of protecting a network (Bratspiess: paragraph 0010-0011).
Atreya and Bratspiess do not explicitly disclose the similar traffic patterns including variable degrees of similarity and variable confidence levels based on the variable degrees of similarity.
However, in an analogous art, Venable discloses the similar traffic patterns including variable degrees of similarity and variable confidence levels based on the variable degrees of similarity (Venable, paragraph 0001, “traffic fingerprinting analysis is used to identify clientless or unmanaged assets (e.g., endpoint devices) in a network with varying degrees of confidence and estimation”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Venable with the system of Atreya and Bratspiess, to include, selecting a port policy to be applied to the identified port, to provide users with the benefits of improved network location awareness (Venable: title).
an unauthorized wireless device has connected to [[one]] an unknown port of a plurality of ports on a network device associated with a network.
However, in an analogous art, Nagasu discloses detecting [[a]] an unauthorized wireless device has connected to [[one]] an unknown port of a plurality of ports on a network device associated with a network (Nagasu, 8th page, lines 20-22, MAC address is rewritten from the unauthorized device, the port is unknown but the unauthorized device is connected).  
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nagasu with the system/method of Atreya, Bratspiess, and Venable to include detecting [[a]] an unauthorized wireless device has connected to [[one]] an unknown port of a plurality of ports on a network device associated with a network.
One would have been motivated to provide users with the benefits of specifying a network apparatus to which an illegitimate apparatus is connected and its connected port (Nagasu, first page, abstract, problem to be solved).
Regarding claim 16, Atreya, Bratspiess, Venable, and Nagasu disclose the system of claim 13.  Bratspiess discloses wherein the port policy is configured to (the following is a Markush group) limit throughput of the particular port, move traffic of the particular port to an isolated virtual local area network, add one or more firewall or security (Bratspiess (US20160173511), paragraph 0117, “A security policy with regard to detected forbidden network appliances may be defined per port, optionally by a user.  The security policies may dictate the course of action is such cases which may include: logging of the irregular event, isolation of the threat by disabling the port and/or counter attack with scenarios such as Address Resolution Protocol (ARP) poisoning.”). The motivation is the same as that of the claim from which this claim depends.
Regarding claim 17, Atreya discloses a non-transitory computer-readable storage medium having stored therein instructions which, when executed by a processor, cause the processor to perform operations comprising (Atreya, paragraph 0047, “embodiments of the disclosed method, system, and computer readable media (or computer program product) can be implemented in software executed on a programmed general purpose computer, a special purpose computer, a microprocessor, a network server or switch, or the like”):
determining a wireless device has connected to one of a plurality of ports on a network device associated with a network (Atreya, paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”);
unauthorized wireless device has connected to, the determining comprising (Atreya, paragraph 0030, “the Mobility Agent can include the switch, port, and VLAN identifiers in the signature frame that is sent out. This helps the WC to isolate and shutdown the port(s) to which rogue APs are connected.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”);
determining one or more predetermined traffic patterns for the one or more of the plurality of ports (Atreya, paragraph 0030, “At 304, a signature frame is transmitted.  For example, a signature frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”);
determining one or more wireless traffic patterns transmitted by the wireless device (Atreya, paragraph 0030, “At 304, a signature frame is transmitted.  For example, a signature frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch.  The signature frame contains a pattern of data that is known to the authorized APs, which are configured to not bridge the signature frame to the air (e.g., transmit the signature frame via a wireless interface).  For example, the Mobility Agent can include the switch, port and VLAN identifiers in the signature frame that is sent out.  This helps the WC to isolate and shutdown the port(s) to which rogue APs are connected.  Processing continues to 306.”);
wherein the one or more traffic patterns transmitted by the unauthorized wireless device are determined based at least in part on a previously determined identity information of the unauthorized wireless device (Atreya, paragraph 0014, RF spectrum monitored to detect and classify rogue access points);
determining a degree of similarity between the one or more wireless traffic patterns and a traffic pattern from the one or more predetermined traffic patterns, to yield a match, the degree of similarity including matching traffic patterns and similar traffic patterns (Atreya, paragraph 0031, “At 306, the signature frame is bridged to the air by the rogue AP (e.g., 214).  Because the rogue AP has not been configured to recognize the signature frame, the rogue AP will not prevent the signature frame from being transmitted wirelessly.  Processing continues to 308.”; paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.”); and
based on the match, determining a particular port from the plurality of ports is associated with the traffic pattern is connected to the unauthorized wireless device (Atreya, paragraph 0033, “At 310, the authorized APs report detecting the signature frame to the wireless controller.  Processing continues to 312.”; paragraph 0034, “At 312, the wireless controller can send a command to disable (or shut down) the port associated with the rogue AP.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”).

However, in an analogous art, Bratspiess discloses  selecting a port policy associated with the particular port (Bratspiess, paragraph 0118, 0132, 0137, 0145, security policy per port).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bratspiess with the non-transitory computer-readable storage medium of Atreya, to include, selecting a port policy to be applied to the identified port, to provide users with the benefits of protecting a network (Bratspiess: paragraph 0010-0011).
Atreya and Bratspiess do not explicitly disclose the similar traffic patterns including variable degrees of similarity and variable confidence levels based on the variable degrees of similarity.
However, in an analogous art, Venable discloses the similar traffic patterns including variable degrees of similarity and variable confidence levels based on the variable degrees of similarity (Venable, paragraph 0001, “traffic fingerprinting analysis is used to identify clientless or unmanaged assets (e.g., endpoint devices) in a network with varying degrees of confidence and estimation”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Venable with the non-transitory computer-readable storage medium of Atreya and Bratspiess, to include, (Venable: title).
Atreya, Bratspiess, and Venable disclose determining a wireless device has connected to one of a plurality of ports on a network device associated with a network, but do not explicitly disclose determining an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network.
However, in an analogous art, Nagasu discloses determining an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network (Nagasu, 8th page, lines 20-22, MAC address is rewritten from the unauthorized device, the port is unknown but the unauthorized device is connected).  
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nagasu with the system/method of Atreya, Bratspiess, and Venable to include determining an unauthorized wireless device has connected to an unknown port of a plurality of ports on a network device associated with a network.
One would have been motivated to provide users with the benefits of specifying a network apparatus to which an illegitimate apparatus is connected and its connected port (Nagasu, first page, abstract, problem to be solved).
Regarding claim 18, Atreya, Bratspiess, Venable, and Nagasu discloses the non-transitory computer-readable storage medium of claim 17.  Atreya discloses wherein determining the one or more wireless traffic patterns transmitted by the wireless device (Atreya, paragraph 0029, “FIG. 3 is a flow chart of an example method 300 for rogue AP detection.  Processing begins at 302, where a rogue AP detection process is initiated (e.g., at the wireless controller 202).  The process can be initiated automatically and/or manually.”), 
the one or more signals comprising at least one of a message reporting the one or more wireless traffic patterns and traffic from the wireless device detected by the second wireless device (Atreya, paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller. Processing continues to 310.”), 
the traffic from the wireless device detected by the second wireless device being associated with the one or more wireless traffic patterns (Atreya, paragraph 0030, “At 304, a signature frame is transmitted. For example, a signature frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch. The signature frame contains a pattern of data that is known to the authorized APs, which are configured to not bridge the signature frame  to the air (e.g., transmit the signature frame via a wireless interface). For example, the Mobility Agent can include the switch, port and VLAN identifiers in the signature frame that is sent out. This helps the WC to isolate and shutdown the port(s) to which rogue APs are connected. Processing continues to 306.”).
Regarding claim 20, Atreya, Bratspiess, Venable, and Nagasu discloses the non-transitory computer-readable storage medium of claim 17.  Bratspiess discloses (Markush group follows): limit throughput of the particular port; move traffic associated with the particular port to an isolated virtual local area network; apply one or more firewall or security rules to traffic associated with the particular port; reduce power to the particular port; or disable the particular port (Bratspiess (US20160173511), paragraph 0117, “A security policy with regard to detected forbidden network appliances may be defined per port, optionally by a user.  The security policies may dictate the course of action is such cases which may include: logging of the irregular event, isolation of the threat by disabling the port and/or counter attack with scenarios such as Address Resolution Protocol (ARP) poisoning.”).  The motivation is the same as that of the claim from which this claim depends.
Claims 2, 3, 9, 14, 15, and 19 are rejected under 35 U.S.C. 103 under 35 U.S.C. 103 as being unpatentable over Atreya (US20140334317), filed on May 9, 2013, in view of Bratspiess (US20160173511), filed on January 14, 2016 (PCT filed July 15, 2014), Venable (US20110271319), published on November 3, 2011, and Nagasu (JP2006148255), published June 8, 2006, and further in view of Beskrovny (US8645984) filed February 5, 2013.
Regarding claim 2, Atreya, Bratspiess, Venable, and Nagasu discloses the method of claim 1.  Atreya discloses further comprising verifying the identified port is connected to the unauthorized wireless device by:
configured to cause a first traffic pattern to be transmitted by any device connected to the identified port (Atreya, paragraphs 0030 and 0031, rogue access point transmits traffic with a signature frame, it is implied that authorized access points transmit traffic without the signature frame);
detecting a second traffic pattern transmitted by the unauthorized wireless device (Atreya, paragraph 0032, authorized access points detected traffic and detected the signature frame in the traffic); 
determining a degree of similarity between the first traffic pattern and the second traffic pattern (Atreya, paragraph 0032, authorized access points determine degree of similarity between authorized traffic and rogue access point traffic because only the rogue access point transmits the signature frame; paragraph 0030, “The signature frame contains a pattern of data that is known to the authorized APs, which are configured to not bridge the signature frame to the air (e.g., transmit the signature frame via a wireless interface).”);
verifying the identified port is connected to the unauthorized wireless device (Atreya, paragraph 0033, “At 310, the authorized APs report detecting the signature frame to the wireless controller.  Processing continues to 312.”; paragraph 0034, “At 312, the wireless controller can send a command to disable (or shut down) the port associated with the rogue AP.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”);
when the confidence level exceeds a threshold (Atreya, paragraph 0033, “At 310, the authorized APs report detecting the signature frame to the wireless controller.  Processing continues to 312.”; paragraph 0034, “At 312, the wireless controller can send a command to disable (or shut down) the port associated with the rogue AP.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”).
Bratspiess discloses implementing a verification policy on the identified port, the verification policy (Bratspiess, paragraph 0117, “A security policy with regard to detected forbidden network appliances may be defined per port”).  The motivation is the same as that of the claim from which this claim depends.
Atreya, Bratspiess, and Venable do not explicitly disclose determining a confidence level based on the degree of similarity.
However, in an analogous art, Beskrovny discloses determining a confidence level based on the degree of similarity (Beskrovny, col. 4, lines 7-17, “Correlator 20 performs a frame by frame correlation between the Internet mode stream 18 of a channel as received in port 11 and the traditional mode stream 19 of a channel as received in port 12.  As a selection is made by the viewer to watch a same channel, the synchronized streams are expected to be the same, besides some minor differences, therefore a resulted similarity below some predefined threshold level, when found, is considered as a sign for a false (i.e., non-authentic) channel.  The threshold level may be defined, based on the desired sensitivity of the system, and on an expected rate of dissimilarity.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Beskrovny with the method of Atreya and Bratspiess, to include, determining a confidence level based on the degree of similarity, to provide users with the benefits of verification of authenticity of (Beskrovny: column 1, lines 6-11).
Regarding claim 3, Atreya, Bratspiess, Venable, Nagasu, and Beskrovny disclose the method of claim 2.  Atreya discloses wherein implementing the verification policy comprises instructing the identified port to transmit the first traffic pattern to the any device connected to the identified port (Atreya, paragraphs 0030 and 0031, rogue access point transmits traffic with a signature frame, it is implied that authorized access points transmit traffic without the signature frame).
Regarding claim 9, Atreya, Bratspiess, Venable, and Nagasu discloses the method of claim 1.  Atreya discloses further comprising: verifying the identified port is connected to the unauthorized wireless device by: 
detecting a first traffic pattern transmitted by the unauthorized wireless device (Atreya, paragraph 0030, “At 304, a signature frame is transmitted.  For example, a signature frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch.  The signature frame contains a pattern of data that is known to the authorized APs, which are configured to not bridge the signature frame to the air (e.g., transmit the signature frame via a wireless interface).  For example, the Mobility Agent can include the switch, port and VLAN identifiers in the signature frame that is sent out.  This helps the WC to isolate and shutdown the port(s) to which rogue APs are connected.  Processing continues to 306.”); 
determining a respective degree of similarity between the first traffic pattern and each of the respective traffic patterns (Atreya, paragraph 0031, “At 306, the signature frame is bridged to the air by the rogue AP (e.g., 214).  Because the rogue AP has not been configured to recognize the signature frame, the rogue AP will not prevent the signature frame from being transmitted wirelessly.  Processing continues to 308.”; paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.”); 
verifying the identified port is connected to the unauthorized wireless device when a respective confidence level associated with the identified port exceeds a threshold (Atreya, paragraph 0033, “At 310, the authorized APs report detecting the signature frame to the wireless controller.  Processing continues to 312.”; paragraph 0034, “At 312, the wireless controller can send a command to disable (or shut down) the port associated with the rogue AP.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”).
Bratspiess discloses applying respective policies to multiple ports on the network device, the multiple ports comprising the identified port, wherein the respective policies are configured to cause respective traffic patterns to be transmitted by respective devices connected to the multiple ports (Bratspiess, paragraph 0118, “The security device may monitor the traffic in the selected ports and upon detection of a forbidden network appliance it may enforce the security policy rule per the specific port, for example by disabling the port.”).  The motivation is the same as that of the claim from which this claim depends.

However, in an analogous art, Beskrovny discloses determining, based on the respective degree of similarity, respective confidence levels for each of the multiple ports (Beskrovny, col. 4, lines 7-17, “Correlator 20 performs a frame by frame correlation between the Internet mode stream 18 of a channel as received in port 11 and the traditional mode stream 19 of a channel as received in port 12.  As a selection is made by the viewer to watch a same channel, the synchronized streams are expected to be the same, besides some minor differences, therefore a resulted similarity below some predefined threshold level, when found, is considered as a sign for a false (i.e., non-authentic) channel.  The threshold level may be defined, based on the desired sensitivity of the system, and on an expected rate of dissimilarity.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Beskrovny with the method of Atreya, Bratspiess, Venable, and Nagasu to include, determining, based on the respective degree of similarity, respective confidence levels for each of the multiple ports, to provide users with the benefits of verification of authenticity of content which is provided through the Internet port of a smart TV (Beskrovny: column 1, lines 6-11).
Regarding claim 14, Atreya, Bratspiess, Venable, Nagasu, and Beskrovny disclose the system of claim 13.  Atreya discloses the at least one non-transitory computer-readable storage medium having stored therein additional instructions which, when executed by the one or more processors, cause the one or more processors to perform 
providing to one or more of the plurality of ports a respective signal configured to cause one or more respective traffic patterns to be provided to a respective device connected to the one or more of the plurality of ports, wherein the one or more of the plurality of ports comprises the particular port (Atreya, paragraph 0030, “a signature  frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch”);
determining a wireless traffic pattern transmitted by the unauthorized wireless device (Atreya, paragraph 0031, “At 306, the signature frame is bridged to the air by the rogue AP (e.g., 214).  Because the rogue AP has not been configured to recognize the signature frame, the rogue AP will not prevent the signature frame from being transmitted wirelessly.”); 
determining a degree of similarity between the wireless traffic pattern transmitted by the unauthorized wireless device and a traffic pattern from the respective traffic patterns, the traffic pattern being associated with the particular port (Atreya, paragraph 0031, “At 306, the signature frame is bridged to the air by the rogue AP (e.g., 214).  Because the rogue AP has not been configured to recognize the signature frame, the rogue AP will not prevent the signature frame from being transmitted wirelessly.  Processing continues to 308.”; paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.”).

However, in an analogous art, Beskrovny discloses determining a confidence level associated with the determining the particular port is connected to the unauthorized wireless device, the determining of the confidence level comprising (Beskrovny, col. 4, lines 7-17, “Correlator 20 performs a frame by frame correlation between the Internet mode stream 18 of a channel as received in port 11 and the traditional mode stream 19 of a channel as received in port 12.  As a selection is made by the viewer to watch a same channel, the synchronized streams are expected to be the same, besides some minor differences, therefore a resulted similarity below some predefined threshold level, when found, is considered as a sign for a false (i.e., non-authentic) channel.  The threshold level may be defined, based on the desired sensitivity of the system, and on an expected rate of dissimilarity.”);
determining the confidence level based on the degree of similarity (Beskrovny, col. 4, lines 7-17, “Correlator 20 performs a frame by frame correlation between the Internet mode stream 18 of a channel as received in port 11 and the traditional mode stream 19 of a channel as received in port 12.  As a selection is made by the viewer to watch a same channel, the synchronized streams are expected to be the same, besides some minor differences, therefore a resulted similarity below some predefined threshold level, when found, is considered as a sign for a false (i.e., non-authentic) channel.  The threshold level may be defined, based on the desired sensitivity of the system, and on an expected rate of dissimilarity.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Beskrovny with the system of Atreya, Bratspiess, and Venable, to include, determining a confidence level associated with the determining the particular port is connected to the wireless device, the determining of the confidence level comprising; determining the confidence level based on the degree of similarity, to provide users with the benefits of verification of authenticity of content which is provided through the Internet port of a smart TV (Beskrovny: column 1, lines 6-11).
Regarding claim 15, Atreya, Bratspiess, Venable, Nagasu, and Beskrovny disclose the system of claim 14.  Atreya discloses wherein each of the one or more respective traffic patterns comprises at least one of (Markush group follows): a modified throughput; one or more predetermined sequences of packets (Atreya, paragraph 0030, “a signature  frame can be transmitted from a mobility agent in a wireless switch (e.g., 204 and/or 206) to the APs associated with each switch”); and one or more duty cycles, the one or more duty cycles generated by stopping or limiting traffic transmitted during a particular portion of a predetermined time interval.
Regarding claim 19, Atreya, Bratspiess, Venable, and Nagasu disclose the non-transitory computer-readable storage medium of claim 17.
Atreya discloses storing additional instructions which, when executed by the processor, cause the processor to perform operations comprising:

determining a wireless traffic pattern transmitted by the unauthorized wireless device (Atreya, paragraph 0031, “At 306, the signature frame is bridged to the air by the rogue AP (e.g., 214).  Because the rogue AP has not been configured to recognize the signature frame, the rogue AP will not prevent the signature frame from being transmitted wirelessly.”); and
determining the confidence level based on a respective degree of similarity between the one or more respective traffic patterns and the wireless traffic pattern (Atreya, paragraph 0031, “At 306, the signature frame is bridged to the air by the rogue AP (e.g., 214).  Because the rogue AP has not been configured to recognize the signature frame, the rogue AP will not prevent the signature frame from being transmitted wirelessly.  Processing continues to 308.”; paragraph 0032, “At 308, one or more authorized APs (e.g., 210 and/or 212) may receive the signature frame that has been transmitted wirelessly by the rogue AP and report the detection of the signature frame to the wireless controller.  Processing continues to 310.”), 
verifying the particular port is connected to the unauthorized wireless device when the confidence level exceeds a threshold (Atreya, paragraph 0033, “At 310, the authorized APs report detecting the signature frame to the wireless controller.  Processing continues to 312.”; paragraph 0034, “At 312, the wireless controller can send a command to disable (or shut down) the port associated with the rogue AP.” ; paragraph 0008, “A wireless intrusion detection component of the wireless controller can be adapted to gather information regarding connected devices on different physical ports of the wireless switch”).
Atreya, Bratspiess, Venable, and Nagasu do not explicitly disclose determining a confidence level associated with the determining the particular port is connected to the unauthorized wireless device, the determining the confidence level comprising; wherein the higher the respective degree of similarity the higher the confidence level determined for the particular port.
However, in an analogous art, Beskrovny discloses determining a confidence level associated with the determining the particular port is connected to the unauthorized wireless device, the determining the confidence level comprising (Beskrovny, col. 4, lines 7-17, “Correlator 20 performs a frame by frame correlation between the Internet mode stream 18 of a channel as received in port 11 and the traditional mode stream 19 of a channel as received in port 12.  As a selection is made by the viewer to watch a same channel, the synchronized streams are expected to be the same, besides some minor differences, therefore a resulted similarity below some predefined threshold level, when found, is considered as a sign for a false (i.e., non-authentic) channel.  The threshold level may be defined, based on the desired sensitivity of the system, and on an expected rate of dissimilarity.”);
wherein the higher the respective degree of similarity the higher the confidence level determined for the particular port (Beskrovny, col. 4, lines 7-17, “Correlator 20 performs a frame by frame correlation between the Internet mode stream 18 of a channel as received in port 11 and the traditional mode stream 19 of a channel as received in port 12.  As a selection is made by the viewer to watch a same channel, the synchronized streams are expected to be the same, besides some minor differences, therefore a resulted similarity below some predefined threshold level, when found, is considered as a sign for a false (i.e., non-authentic) channel.  The threshold level may be defined, based on the desired sensitivity of the system, and on an expected rate of dissimilarity.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Beskrovny with the non-transitory computer-readable storage medium of Atreya, Bratspiess, Venable, and Nagasu, to include, determining a confidence level associated with the determining the particular port is connected to the unauthorized wireless device, the determining of the confidence level comprising; determining the confidence level based on the degree of similarity, to provide users with the benefits of verification of authenticity of content which is provided through the Internet port of a smart TV (Beskrovny: column 1, lines 6-11).
Claims 4-8 are rejected under 35 U.S.C. 103 under 35 U.S.C. 103 as being unpatentable over Atreya (US20140334317), filed on May 9, 2013, in view of Bratspiess (US20160173511), filed on January 14, 2016 (PCT filed July 15, 2014), Venable (US20110271319), published on November 3, 2011, Nagasu (JP2006148255), published June 8, 2006, and Beskrovny (US8645984) filed February 5, 2013, and further in view of Conner (US20090249096), published on October 1, 2009.
Regarding claim 4, Atreya, Bratspiess, Venable, Nagasu, and Beskrovny disclose 
Atreya, Bratspiess, Venable, Nagasu, and Beskrovny do not explicitly disclose wherein the first traffic pattern is generated by limiting or stopping traffic transmitted by the identified port to the device connected to the identified port during a predetermined portion of a time interval.
However, in an analogous art, Conner discloses wherein the first traffic pattern is generated by limiting or stopping traffic transmitted by the identified port to the device connected to the identified port during a predetermined portion of a time interval (Conner, paragraph 0026, transmission duty cycle may be adjusted as needed; paragraph 0046, adjustment in data throughput and adjustment in duty cycle).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Conner with the method of Atreya, Bratspiess, Venable, Nagasu, and Beskrovny, to include, wherein the first traffic pattern is generated by limiting or stopping traffic transmitted by the identified port to the device connected to the identified port during a predetermined portion of a time interval, to provide users with the benefits of data communications at energy efficient rates (Conner: paragraph 0001).
Regarding claim 5, Atreya, Bratspiess, Venable, Nagasu, and Beskrovny disclose the method of claim 2.
Atreya, Bratspiess, Venable, Nagasu, and Beskrovny do not explicitly disclose wherein the first traffic pattern comprises a duty cycle produced by stopping traffic transmitted via the identified port for a particular subinterval of time within a 
However, in an analogous art, Conner discloses wherein the first traffic pattern comprises a duty cycle produced by stopping traffic transmitted via the identified port for a particular subinterval of time within a predetermined interval of time, wherein the predetermined interval of time comprises a first sub-interval of time, a second sub-interval of time that is sequentially after the first sub-interval of time, and a third sub-interval of time that is sequentially after the second sub-interval of time, wherein the particular sub-interval of time is the second sub-interval of time (Conner, paragraph 0026, transmission duty cycle may be adjusted as needed; paragraph 0046, adjustment in data throughput and adjustment in duty cycle).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Conner with the method of Atreya, Bratspiess, Venable, Nagasu, and Beskrovny, to include, wherein the first traffic pattern is generated by limiting or stopping traffic transmitted by the identified port to the device connected to the identified port during a predetermined portion of a time interval, to provide users with the benefits of data communications at energy efficient rates (Conner: paragraph 0001).

Regarding claim 6, Atreya, Bratspiess, Venable, Nagasu, and Beskrovny disclose the method of claim 2.

However, in an analogous art, Conner discloses wherein the first traffic pattern comprises a duty cycle produced by stopping traffic transmitted via the identified port for a particular subinterval of time within a predetermined interval of time (Conner, paragraph 0026, transmission duty cycle may be adjusted as needed; paragraph 0046, adjustment in data throughput and adjustment in duty cycle).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Conner with the method of Atreya, Bratspiess, Venable, Nagasu, and Beskrovny, to include, wherein the first traffic pattern comprises a duty cycle produced by stopping traffic transmitted via the identified port for a particular subinterval of time within a predetermined interval of time, to provide users with the benefits of data communications at energy efficient rates (Conner: paragraph 0001).
Regarding claim 7, Atreya, Bratspiess, Venable, Nagasu, Beskrovny, and Conner disclose the method of claim 6.
Conner discloses wherein the predetermined interval of time comprises a first sub-interval of time and one or more second sub-intervals of time that are sequentially after the first sub-interval of time, wherein the particular sub-interval of time is the first sub-interval of time (Conner, paragraph 0026, transmission duty cycle may be adjusted as needed; paragraph 0046, adjustment in data throughput and adjustment in duty cycle). The motivation is the same as that for the claim from which this claim depends.
Regarding claim 8, Atreya, Bratspiess, Venable, Nagasu, Beskrovny, and Conner disclose the method of claim 6.
Conner discloses wherein the predetermined interval of time comprises one or more first sub-intervals of time and a second sub-interval of time that is sequentially after the one or more first sub-intervals of time, wherein the particular sub-interval of time is the second sub-interval of time (Conner, paragraph 0026, transmission duty cycle may be adjusted as needed; paragraph 0046, adjustment in data throughput and adjustment in duty cycle).  The motivation is the same as that for the claim from which this claim depends.

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to WALTER J MALINOWSKI whose telephone number is (571)272-5368. The examiner can normally be reached 8-6:30 MTWH.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/W.J.M/Examiner, Art Unit 2439      


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439