DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Remarks
This communication is in response to the amendment filed 11/05/2021. 

Status of Claims
Claims 1, 4-15 are pending; of which claims 1, 4-15 are allowed.

REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance:
In reaching a conclusion of obviousness, it must be recognized that any judgement on obviousness is in a sense necessarily a reconstruction based upon hindsight. So long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper. However, Examiner acknowledges that in this case, such a conclusion of obviousness would be unreasonable, as the relied upon prior art merely teaches individual elements of the claims. While arguments can be made for the combination of references individually, as a whole, it would be unlikely for a person of ordinary skill in the art to combine all the references into a single invention. For at least this reason, claim 1, as well as corresponding claims 14 and 15, is allowable.
Moyer (PGPUB 2017/0048312) teaches a system for performing software defined network (SDN) based mirroring of traffic flows for network analytics (abstract), comprising storing flow states of data flows (paragraph 32-34), sharing the flow states across the system (paragraph 32-34), determining whether a received data flow already has a flow state (paragraph 35), performing mirroring of the data flow (paragraph 21, 29-30) based on a flow state of the received data flow (paragraph 21, 29-30).
Shishioda (PGPUB 2017/0006082) teaches classifying whether a received data flow is malicious or allowed (abstract, paragraph 37), altering a flow state of the received data flow according to a classification result indicating whether the received data flow is malicious or allowed (paragraph 36-37), in response to the received data flow having a stored flow state, forwarding packets of the flow based on the flow state being “ALLOW” (paragraph 36-37), and blocking packets of the flow based on the flow state being “BLOCK” (paragraph 36-37).
Ling et al (PGPUB 2015/0334090) teaches determining whether a received data flow already has a flow state stored (paragraph 19-20), if there is no stored flow state, comparing the received data flow with a predetermined pattern of allowed traffic, a predetermined pattern of malicious traffic, and a predetermined pattern of suspected traffic (paragraph 19-21), replicating packets of the received data flow based on the flow state of the received data flow being “SUSPECT” (paragraph 19-20), in response to the received data flow not having a stored flow state, forwarding/blocking/replicating packets of the received data flow based on matching the predetermined pattern of allowed/malicious/suspected traffic respectively (paragraph 20-21), forwarding the suspected packets to at least one inspection processor for classifying (paragraph 19-20), and stalling the packets until at least one inspection processor completes classifying (paragraph 27), and blocking or forwarding the packets based on the classification result (paragraph 27).
McGrew et al (US 10,296,744) teaches a method for performing inspection of flows within a SDN (abstract), including allowing/blocking packets of the received data flow to/from a protected zone or service of the SDN (col 7 line 55-col 8 line 7).
While each of the above references teaches individual elements of Applicant’s claimed invention, it is the Examiner’s opinion that a person of ordinary skill in the art would not apply all of the references in combination to achieve the same invention.  Therefore, claims 1, 14, and 15, and their corresponding dependent claims, are allowable.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                                        

/LINGLAN E EDWARDS/Primary Examiner, Art Unit 2491