Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1 – 8 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
	Regarding claim 1, said claim initially recites, on line 8, “a terminal in the second network”. Claim 1 subsequently recites, on line 11, “the second terminal”. There is no antecedent basis for “the second terminal”. For the sake of performing a complete examination, it is assumed that “the second terminal” is intended to reference the “terminal in the second network”.	Claims 2 – 7 depend on claim 1 and fail to clarify the issue noted above.	Further regarding claim 6, said claim recites “reverse DSN lookup” on line 3. It is unclear what a “reverse DSN lookup”. For the sake of performing a complete examination, it is assumed that a “reverse DNS lookup” was intended to be referenced.Regarding claim 8, said claim recites “a terminal in the second network” on line 6. Claim 2 subsequently again recites “a terminal in the second network” on line 10. However, claim 8 next recites on lines 12-13, line 16, and line 19 “the second terminal”. It is unclear which of the “a terminal in the second network” the “the second terminal” recitations are intended to further limit, and if each “a terminal in the second network” recitation is referring to the same terminal or two distinct terminals. For the sake of performing a complete examination, it is assumed that there a single terminal in the second network is being repeatedly referenced.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1 – 4 and 7 – 8 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Ricoh (Reference Number 200602224, 2008-78822, provided by Applicant in their 10/14/2020 IDS, all citations are made to the English section which begins on pg. 30 of the document).
Regarding claim 1, Ricoh shows a management system, comprising: 	gateway circuitry that filters and transfers a packet between a first network and a second network ([2] discussing communication between a “private” network and a “global network” and [12] discussing a “network device having a port filtering function”) ; and	management circuitry that manages the gateway circuitry ([12] discussing a “management terminal”), the gateway circuitry including: 		a memory storage unit that stores therein a first filtering rule and a second filtering rule for filtering packets which are transmitted from a terminal in the first network as a transmission source to a terminal in the second network as a destination ([1,12,14], discussing “port filtering function” performed at a “network device” where port filtering options are applied to traffic based on source and destination information; multiple exemplary rules are illustrated in Fig. 6 and discussed in [47-48); also, particular filtering rules are applied for particular HTTP traffic, as discussed in [34]);		acquisition circuitry that acquires, on the basis of a packet transmitted from a second terminal in the second network, identification information for identifying the second terminal ([35], discussing identifying an attempted login operation); 		
	notification circuitry  that notifies the management circuitry of the identification information on the second terminal acquired by the acquisition circuitry ([36], where a login prompt is responsively displayed); and 		setting circuitry that sets the first filtering rule for the second terminal on the basis of an instruction from the management circuitry ([40] where the requesting user is set as 
	generation circuitry that generates, on the basis of the identification information on the second terminal notified from the notification circuitry, a management screen for managing the first filtering rule for the second terminal ([41] showing where the process proceeds due to a successful authorization), and transmitting the generated management screen to a predetermined display device ([42]); and 		instruction circuitry that instructs the gateway circuitry to set the first filtering rule for the second terminal on the basis of input to the management screen through the display device ([47,52] where authenticated users can enable particular filtering rules to be applied to traffic that matches the rule’s parameters; multiple examples of displaying of data during the login and rule generation process are provided in, e.g., [36, 45, 49]).
	Regarding claim 2, Ricoh further shows wherein the notification circuitry  further notifies the management circuitry  of the second filtering rule for the second terminal, and the generation circuitry displays information on the second filtering rule notified from the notification circuitry on the management screen ([45,49]).
	Regarding claim 3, Ricoh further shows wherein: 	the memory further stores therein a conversion rule for converting a destination of a packet transmitted to the second network to a destination that enables specification of a terminal in the second network ([53-56], where outbound, e.g., fax packets, are to have their destination port set to the destinations choice for receiving inbound packets of that type (fax), this is set using the process in [45-57,69]); 
	Regarding claim 4, Ricoh further shows wherein the setting circuitry adds the second filtering rule for allowing, on the basis of a packet transmitted from a terminal in the second network, a packet having a particular protocol and a particular destination port number to be transferred to the terminal (e.g., fax protocol data set to port 59521, see [56-57]), and further adds the conversion rule for converting a destination address and a destination port number of a predetermined packet ([57], a “fax data packet”) transmitted to the second network to an address and the particular destination port number of the terminal (convert port 59521 to port 10000; see [57]).
	Regarding claim 7, Ricoh further shows wherein the instruction circuitry instructs the gateway circuitry to set the first filtering rule for the second terminal on the basis of input through instant message service ([62]).
Regarding claim 8, Ricoh shows a management method to be executed by a management system that includes gateway circuitry  for filtering and transferring a packet between a first network and a second network ([2] discussing communication between a “private” network and a “global network” and [12] discussing a “network device having a port filtering function”), the gateway circuitry  including a memory that stores therein a first filtering rule and a second filtering rule for filtering packets which are transmitted from a terminal in the first network as a transmission source to a terminal in the second network as a destination .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Ricoh in view of Fujitsu (Reference Number 0852961, 2010-98706, provided by Applicant in their 10/14/2020 IDS, all citations are made to the English section which begins on pg. 17 of the document), further in view of Malcom (US-20040003290-A1).
	Regarding claim 5, Ricoh shows wherein: the acquisition circuitry acquires, on the basis of a packet that is not allowed to be transferred to a terminal in the second network in accordance with the second filtering rule, identification information on a terminal as a  the notification circuitry notifies the management circuitry  of the identification information acquired by the acquisition circuitry and a transmission source address of the packet, and the generation circuitry displays, on the management screen, the transmission source address notified by the notification circuitry ([33]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the port monitoring and packet analysis software of Ricoh with the packet rejection steps of Fujitsu in order to ensure undesired traffic is kept off the network and that administrators are aware of the undesired activity.	Ricoh in view of Fujitsu do not show a button for instructing addition of the first filtering rule for allowing transfer of a packet transmitted from the transmission source address.	Malcom shows a button ([29]) for instructing addition of the first filtering rule for allowing transfer of a packet transmitted from the transmission source address (Fig. 3, [12])
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the port monitoring and packet analysis software of Ricoh in view of Fujitsu with the rule creation interface of Malcom in order to provide an easily understood mechanism for system administrators to ensure their network is kept in the desired state and to easily predict the processing that their rules will have on network traffic.

Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Ricoh in view of Erbacher (Erbacher, Robert F., and Menashe Garber. "Real-Time Interactive Visual Port Monitoring and Analysis." Security and Management.  (Year: 2005)).
	Regarding claim 6, Ricoh shows claim 1.	Ricoh does not show wherein the generation circuitry displays, on the management screen, reverse DNS lookup information or WHOIS information on a transmission source address for which the first filtering rule is managed.	Erbacher shows wherein the generation circuitry displays, on the management screen, reverse DNS lookup information or WHOIS information on a transmission source address for which the first filtering rule is managed (Figs. 4 and 5).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the port monitoring software of Ricoh with the display functionality and address analysis functionality provided by Erbacher in order to enable a better understanding of the traffic on their network and how said traffic should be treated and responded to (Erbacher, Section 5, above Fig. 5, discussing “to determine if the activity is acceptable or malicious and the extent of needed response).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Such prior art includes:	Lord (US-20050240758-A1), 	Bemoth (US-20060174337-A1), and	Sales (Sales, Thiago, et al. "A UPnP extension for enabling user authentication and authorization in pervasive systems." Journal of the Brazilian Computer Society 16.4: 261-277. (Year: 2010)).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN M MACILWINEN whose telephone number is (571)272-9686. The examiner can normally be reached Monday - Friday, 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, WILLIAM TROST can be reached on (571)272-7872. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available 

JOHN MACILWINEN
Primary Examiner
Art Unit 2442



/JOHN M MACILWINEN/Primary Examiner, Art Unit 2442