DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 20 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the “network device” of this claim does not comprise any processor.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly 
Regarding claim 1, line 5 recites in part “receiving a maximum burst time for performing a data burst”. It is unclear as to what is meant by “performing a data burst”. Is the network device receiving a data burst or observing a data burst from the data traffic?
Last line recites in part “…..channels based the maximum burst size”. It is unclear as to what is meant by the underlined portion. Does it mean “channels based on the maximum burst size”?
Regarding claims  2-14 and 16-17, these claims depend on claim 1 and thus are rejected on the same basis as mentioned above for claim 1. Furthermore, some of the dependent claims have their own indefiniteness issues and are additionally rejected as discussed below.
Regarding claim 4, line 1 recites in part “….said detecting an updated maximum data rate….”. Shouldn’t the above be “detecting the updated maximum data rate”?
Regarding claim 5, line 2 recites in part “….maximum burst time is a first maximum burst size”. It is unclear as to what is meant here. The unit of time is different from the unit of burst size. Does the above mean “maximum burst time is a first maximum burst time”?
Regarding claim 6, line 1 recites in part “…..comprises the first maximum burst time…..”. There is insufficient antecedent basis for underlined “the” above.
Regarding claim 12, line 1 recites in part “….the predefined rate…”. There is insufficient antecedent basis for underlined “the” above.
Regarding claim 15, line 1 recites in part “….the traffic type…”. There is insufficient antecedent basis for underlined “the” above.
Regarding claim 18, line 1 recites in part “…..the network processors comprising…”. Shouldn’t the above be “the one or more network processors comprising”?
Line 5 recites in part “…..ports based a maximum burst size”. It is unclear as to what is meant by the underlined portion. Does it mean “ports based on a maximum burst size”?
Last line recites in part “maximum burst time for performing a data burst”. It is unclear as to what is meant by “performing a data burst”. Is the network device receiving a data burst or observing a data burst from the data traffic?
Regarding claim 19, line 4 recites in part “non-transitory……”. Shouldn’t there be an “a” added before non-transitory, so that the above recites “a non-transitory……”?
Line 9 recites in part “ ….for performing a data burst”. It is unclear as to what is meant by “performing a data burst”. Is the network device receiving a data burst or observing a data burst from the data traffic?
Last line recites in part “…..channels based the maximum burst size”. It is unclear as to what is meant by the underlined portion. Does it mean “channels based on the maximum burst size”?
Regarding claim 20, line 4 recites in part “…limit the flow of network….”. There is insufficient antecedent basis for underlined “the” above.
Line 8 recites in part “ ….control plane comprises means for determining…”. It is unclear as to what is meant by “means for determining”. A suggestion is to change it to “control plane determines”.
Last line recites in part “…..channels based the maximum burst size”. It is unclear as to what is meant by the underlined portion. Does it mean “channels based on the maximum burst size”?

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1, 2-5, 9-12 and 16-18 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Noguchi et. al. (US 20190065425 A1, Noguchi hereinafter).
Noguchi discloses the following:

With respect to Independent claims:
Regarding claim 1,  A method of processing data in a network device (e.g. Fig. 2, “The switch 1 is an example of an “information processing device”. The “information processing device” is not limited to the layer 2 switch and may be a layer 3 switch, a router, or the like“ [0054], which information processing device is considered as the network device) comprising:
receiving a policer rate (e.g. “In the policing by each of the policers 20, the following process is executed, for example. For example, if tokens exist in a token bucket (not illustrated), arriving frames are output. For example, if a token does not exist in the token bucket, a process of discarding arriving frames is executed. In the policing, tokens in an amount corresponding to the output frames are deleted from the token bucket. In the policing, a predetermined amount of tokens are added to the token bucket in each of predetermined time cycles” [0059], which predetermined amount of tokens added to the token bucket in predetermined time cycles is associated with the policer rate. Note that the network device must be receiving the policer rate since aforesaid decision to forward or discard arriving frames by the policer of the network device depends on the policer rate).
receiving a maximum data rate corresponding to one or more communications channels (e.g. "Each of the policers 20 includes a burst size setting section 21, a peak information rate (PIR) setting section 22, and a token monitoring section 23. The burst size setting section 21 sets the burst size of the policer 20 or a token upper limit ……... The PIR setting section 22 sets the maximum information rate of a target flow” [0060], which maximum information rate is considered as the maximum data rate and aforesaid setting of the maximum information rate must be preceded by receiving the maximum information rate. Moreover, “If the switch 1 is the chassis switch, the switch 1 includes multiple interface cards having multiple ports, a switch card for relaying between the multiple interface cards, and a control card for executing control (the cards are not illustrated). If the switch 1 is the pizza box switch, the switch 1 includes multiple ports, a switch section for relaying between the ports, and a controller for executing control (the ports, the switch section, and the controller are not illustrated)” [0053], which ports are associated with one or more communication channels);
receiving a maximum burst time for performing a data burst (e.g. “A burst time period within a predetermined time period may be calculated using the number of times that a frame has been discarded in each token addition cycle. For example, a burst time period within a time period of 1 second is obtained by multiplying a token addition cycle by the number of times that a frame has been discarded for a time period of 1 second. If the burst time period within the predetermined time period exceeds a threshold, the token monitoring section 23 may determine that the target flow is to be subjected to the burst size control” [0085], which burst time period with a threshold is considered as the maximum burst time and must be received by the network device before determining whether a target flow is to be subjected to burst size control because burst size depends on maximum burst time);
determining a maximum burst size based on the policer rate, the maximum data rate, and the maximum burst time (e.g. “FIGS. 4, 5, and 6 are diagrams illustrating examples of traffic of flows to be subjected to the burst size control. Each of graphs illustrated on upper sides of FIGS. 4 to 6 indicates an example of a change in the rate of inputting a flow to be subjected to the burst size control. Each of graphs illustrated on lower sides of FIGS. 4 to 6 indicates an example of a change in the amount of tokens accumulated in a token bucket in the case where traffic of a flow indicated by each of the graphs illustrated on the upper sides is input to a policer 20” [0090]. Moreover, “A policer is a function of executing policing to control the amount of traffic …... .A burst size of the policer is the maximum amount of traffic allowable by the policer. In the policing, frames in an amount corresponding to tokens accumulated in a token bucket may be output according to a token bucket scheme. In the policing, if a token is not accumulated in the token bucket, a frame is discarded, for example. A predetermined amount of tokens are added to the token bucket in each of predetermined cycles. An upper limit of the amount of tokens capable of being accumulated in the token bucket is set in the token bucket. The amount of tokens held in the token bucket does not exceed the upper limit. The upper limit of the amount of tokens capable of being accumulated in the token bucket is hereinafter referred to as token upper limit. If the token bucket is full of tokens, the policer may output traffic for the token upper limit. Thus, the burst size of the policer is synonymous with the token upper limit. The burst size of the policer and the token upper limit are examples of the “maximum value of tokens capable of being accumulated” [0035]-[0038], which burst size is considered as the maximum burst size. Thus, the maximum burst size is based on the policer rate, the maximum data rate and the maximum burst time); and
configuring the network device to police traffic received over the one or more communication channels based the maximum burst size (e.g. Fig. 2, “Each of the policers 20 includes a burst size setting section 21, a peak information rate (PIR) setting section 22, and a token monitoring section 23. The burst size setting section 21 sets the burst size of the policer 20…….. The PIR setting section 22 sets the maximum information rate of a target flow. The burst size setting section 21 is an example of a “controller” [0060], which setting the burst size is associated with configuring the network device to police traffic over the one or more communication channels based on maximum burst size).

Regarding claim 18, A network device including one or more network processors (e.g. “The program that achieves any of the functions may be executed by a central processing unit (CPU). The CPU is also referred to as microprocessor (MPU) or processor. The CPU is not limited to a single processor and may have a multiprocessor configuration. The single CPU may be connected to a single socket and have a multicore configuration. One or more of the processes of the aforementioned sections may be executed by a processor other than the CPU or by a dedicated processor such as a DSP or a network processing unit (NPU)” [0237], which processor is associated with one or more network processors), the network processors comprising: 
a plurality of ingress ports (e.g. “If the switch 1 is the chassis switch, the switch 1 includes multiple interface cards having multiple ports, a switch card for relaying between the multiple interface cards, and a control card for executing control (the cards are not illustrated). If the switch 1 is the pizza box switch, the switch 1 includes multiple ports, a switch section for relaying between the ports, and a controller for executing control (the ports, the switch section, and the controller are not illustrated)” [0053], which ports comprise a plurality of ingress ports); and 
a network data processing pipeline comprising a policer (e.g. “The switch 1 includes an input Quality-of-Service (QoS) section 2 and an output QoS section 3 as functional constituent elements. The input QoS section 2 executes a QoS process for the input side of the switch 1. The output QoS section 3 executes a QoS process for the output side of the switch 1. Each of the input QoS section 2 and the output QoS section 3 is a field-programmable gate array (FPGA), an application specific integrated circuit (ASIC), or a programmable logic device (PLD), for example. Alternatively, each of the input QoS section 2 and the output QoS section 3 may be a function achieved by causing a network processor to execute a predetermined program, for example……… The input QoS section 2 includes the same number of policers 20 as the number of flows that are input to the interface cards or the switch 1. However, FIG. 2 illustrates only a single policer 20 for convenience sake. Each of the policers 20 executes policing on a target flow” [0056]-[0058], wherein the input QoS and the output QoS are associated with the network data processing pipeline), the policer limiting traffic received at one or more of the plurality of ingress ports based a maximum burst size (e.g. Fig. 2, “Each of the policers 20 includes a burst size setting section 21, a peak information rate (PIR) setting section 22, and a token monitoring section 23. The burst size setting section 21 sets the burst size of the policer 20…….. The PIR setting section 22 sets the maximum information rate of a target flow. The burst size setting section 21 is an example of a “controller” [0060], which setting the burst size is associated with limiting traffic received at one or more of the plurality of ingress ports based on maximum burst size); 
wherein the maximum burst size is automatically determined based on a policer rate, a maximum data rate associated with at least a portion of the plurality of ingress ports, and a specified maximum burst time for performing a data burst (e.g. Note that the remainder of this claim is similar to claim 1 except that claim 1 is a method claim and this is an Apparatus claim. Thus, the same reasoning as applied to claim 1 applies here as well).

With respect to dependent claims:

Regarding claim 2, The method of claim 1, wherein said determining the maximum burst size comprises calculating a product of the maximum burst time and a difference of the maximum data rate and the policer rate (e.g. Fig. 5 shows an example of traffic of a flow subjected to the burst size control. Note that the top diagram of Fig 5 shows “Rate” vs “Time”. The solid line in the top diagram corresponds to maximum data rate and the dotted line is associated with the policer rate with which tokens are added to the token bucket. Thus, the difference between the maximum data rate and the policer rate provides the rate for the maximum burst at an instant of time, which rate must be multiplied by maximum burst time to get the size of the maximum burst since the product of rate and time provides the size). 

Regarding claim 3, The method of claim 1, further comprising:
detecting an updated maximum data rate (e.g. “In the policing, frames in an amount corresponding to tokens accumulated in a token bucket may be output according to a token bucket scheme. In the policing, if a token is not accumulated in the token bucket, a frame is discarded, for example. A predetermined amount of tokens are added to the token bucket in each of predetermined cycles” [0036]-[0037], which cycle is associated with updated maximum data rate wherein maximum data rate differ among different cycles depending on number of active connections, updated traffic requirements, status of ingress links/ports etc.);
automatically, in response to said detecting the updated maximum data rate, determining an updated maximum burst size based on the policer rate, the updated maximum data rate, and the maximum burst time (e.g. Note that this is similar to claim 1, except that this claim considers a different cycle of time and thus the same reasoning as applied to claim 1 applies here as well); and
automatically reconfiguring the network device to police traffic received over the one or more communication channels based the updated maximum burst size (e.g. Note that this is similar to claim 1, except that this claim considers a different cycle of time and thus the same reasoning as applied to claim 1 applies here as well).

Regarding claim 4, The method of claim 3, wherein said detecting an updated maximum data rate is in response to one or more ingress ports becoming non-operational (e.g. Note that aforesaid switch has a plurality of ingress ports coupled to a plurality of traffic sources, each of the plurality of ingress ports having an incoming maximum data rate for incoming traffic. The maximum data rate at the switch comprises the combined data rate from the plurality of ingress ports. Thus, when one or more ingress ports becomes non-operational due to fault at the port or buffer congestion at the port, the maximum data rate input to the switch changes).

Regarding claim 5, The method of claim 1, wherein the policer rate is a first policer rate, the maximum data rate is a first maximum data rate, and the maximum burst time is a first maximum burst size, the method further comprising:
receiving a plurality of additional policer rates (e.g. “The input QoS section 2 includes the same number of policers 20 as the number of flows that are input to the interface cards or the switch 1. However, FIG. 2 illustrates only a single policer 20 for convenience sake. Each of the policers 20 executes policing on a target flow in the policing by each of the policers 20, the following process is executed, for example. For example, if tokens exist in a token bucket (not illustrated), arriving frames are output. For example, if a token does not exist in the token bucket, a process of discarding arriving frames is executed. In the policing, tokens in an amount corresponding to the output frames are deleted from the token bucket. In the policing, a predetermined amount of tokens are added to the token bucket in each of predetermined time cycles. Each of the policers 20 includes a burst size setting section 21, a peak information rate (PIR) setting section 22, and a token monitoring section 23. The burst size setting section 21 sets the burst size of the policer 20 or a token upper limit in accordance with an instruction from a buffer monitoring section 31 described later. The PIR setting section 22 sets the maximum information rate of a target flow” [0058]-[0060]. Note that the number of policers as the number of flows are associated with additional policers and the network device receiving additional policer rates);
determining a plurality of additional maximum burst sizes based on the plurality of additional policer rates, one or more maximum data rates, and one or more maximum burst times; and
configuring a plurality of policers in the network device to police traffic based on the plurality of additional maximum burst sizes (e.g. Note that the remainder of this claim is similar to claim 1 except that claim 1 considers a single policer whereas this claim considers a plurality of policers and since the functionality of each of the plurality of policers is same, the same reasoning as applied to claim 1 applies here as well).

Regarding claim 9, The method of claim 1, wherein said configuring the network device further comprises:
setting a maximum value of a token value to the maximum burst size (e.g. aforesaid “the burst size of the policer is synonymous with the token upper limit”, which token upper limit is considered as the maximum value of the token value and each unit of traffic is considered as a token);
wherein the token value is incremented at a predefined rate (e.g. “a predetermined amount of tokens are added to the token bucket in each of predetermined time cycles”), and wherein the token value is decremented according to units of traffic that are forwarded (e.g. aforesaid “tokens in an amount corresponding to the output frames are deleted from the token bucket”, which frames are associated with units of traffic).

Regarding claim 10, The method of claim 9, wherein said policing comprises:
forwarding incoming traffic when the token value is greater than a number of tokens corresponding to the incoming traffic; and
dropping incoming traffic when the token value is less than the number of tokens corresponding to the incoming traffic (e.g. aforesaid “For example, if tokens exist in a token bucket (not illustrated), arriving frames are output. For example, if a token does not exist in the token bucket, a process of discarding arriving frames is executed. In the policing, tokens in an amount corresponding to the output frames are deleted from the token bucket”. Note that tokens existing in the token bucket implies that the token value is greater than the number of tokens corresponding to arriving frames or incoming traffic  and token not existing in the token bucket implies that the token value is less than the number of tokens corresponding to arriving frames or incoming traffic).

Regarding claim 11, The method of claim 9, further comprising:
receiving a packet at the network device (e.g. “A flow indicates a flow of multiple frames having common flow identification information, for example” [0051], which frame is considered as a packet) ;
determining a number of tokens associated with the packet (e.g. Note that each packet has a size in bytes, wherein each unit of packet, that is byte, is considered as a token. Thus the packet size in bytes is considered as the number of tokens associated with the packet);
forwarding the packet if the number of tokens associated with the packet is less than the token value (e.g. Note that when a packet with size s bytes arrives and the token value is t, that is, there are t number of tokens, wherein t is greater than s, s tokens are removed from the bucket and the packet is forwarded and when t is less than s, the packet is dropped) ; and
dropping the packet if the number of tokens associated with the packet is greater than the token value (e.g. Note that “traffic” comprises “data blocks” which “data blocks” can be packets, datagrams, frames etc. Note further that this claim is similar to claim 10 except that claim 10 uses the terminology “traffic” whereas this claim uses the terminology “packet”. Since packet is associated with traffic, the same reasoning as applied to claim 10 applies here also).

Regarding claim 12, The method of claim 1, wherein the predefined rate is the policer rate (e.g. aforesaid predetermined amount of tokens added to the token bucket in predetermined time cycles is associated with the policer rate).

Regarding claim 16, The method of claim 1, wherein the policer rate, the maximum data rate, and the maximum burst time are received from a data structure (e.g. Note that a data structure comprises a set of data elements that are grouped together and stored in the network device. Thus, each maximum burst size may be implemented as a data element along with associated data elements such as policer rate, the maximum data rate and the maximum burst time in a data structure), and wherein the determined maximum burst size is stored in the data structure in association with the policer rate, the maximum data rate, and the maximum burst time for a particular policer.

Regarding claim 17,  The method of claim 1, further comprising: 
forwarding traffic that is below the maximum burst size (e.g. Figs. 5 and 6, aforesaid maximum burst size is synonymous with the token upper limit and thus forwarding traffic when there are tokens in the bucket); and 
dropping traffic that is above the maximum burst size (e.g. aforesaid dropping traffic when there are no accumulated tokens in the token bucket).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Noguchi as applied to claim 5 above, and further in view of Joseph (US 9100214 B1).

Noguchi further discloses the following:
Regarding claim 7, The method of claim 5, wherein the first policer rate and the additional policer rates are associated with a plurality of policers of the network device (e.g. aforesaid plurality of policers).

It is noted that while disclosing plurality of policers, Noguchi is silent about plurality of policers in a data plane of the network device, which however had been known in the art before the effective filing date of the claimed invention as shown by Joseph in a disclosure “Performing Customer Bandwidth Profiling In Computer Networks” (Title), wherein “The method of claim 1, further comprising: configuring one or more of a policer unit and a shaper unit located in a data plane of the intermediately positioned network device” (claim 2).
Therefore, it would have been obvious to one of ordinary skill in the art to combine the policer in a data plane of the network device of Joseph with the policer of Noguchi so that it enables “service providers to achieve the cost benefits associated with a centralized deployment of customer connection management devices while also potentially providing for the more accurate customer bandwidth profiling (and thereby policing and enforcement of the service profile) of de-centralized or distributed deployments of customer connection management devices” col. 2, lines 30-35.

Claim 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Noguchi as applied to claim 1 above, and further in view of Hastwell et. al. (US 8958318 B1, Hastwell hereinafter) and Joseph (US 9100214 B1).

Noguchi further discloses the following:
Regarding 8. The method of claim 1, wherein the maximum burst size is determined and configured in a policer of the network device to police traffic (e.g. aforesaid maximum burst size).

It is noted that while disclosing the maximum burst size, Noguchi is silent about the maximum burst size is determined in a control plane, which however had been known in the art before the effective filing date of the claimed invention as shown by Hastwell in a disclosure “Event-based Capture Of Packets From A Network Flow”” (Title), wherein “Control-plane policing allows the size of captured bursts (i.e., contiguous groups of packets) to be configured ahead of time. After the predetermined number of packets is captured, remaining packets will be dropped in the hardware” col. 8 lines 4-6.
Therefore, it would have been obvious to one of ordinary skill in the art to combine Hastwell’s method of determining the burst size in the control plane with the method of determining the burst size of Noguchi so that “techniques described herein allow for the collection of bursts of traffic to provide the analysis server with full batches of packets substantially at the moment when a particular event occurs. This is advantageous as malicious events rarely manifest themselves with individual packets (e.g., denial-of-service (DoS) attacks, network scans, etc.)”  col. 9 lines 32-39.
It is noted further that while disclosing policer, Noguchi is silent about policer in a data plane of the network device, which however had been known in the art before the effective filing date of the claimed invention as shown by Joseph in a disclosure “Performing Customer Bandwidth Profiling In Computer Networks” (Title), wherein “The method of claim 1, further comprising: configuring one or more of a policer unit and a shaper unit located in a data plane of the intermediately positioned network device” (claim 2).
Therefore, it would have been obvious to one of ordinary skill in the art to combine the policer in a data plane of the network device of Joseph with the policer of Noguchi so that it enables “service providers to achieve the cost benefits associated with a centralized deployment of customer connection management devices while also potentially providing for the more accurate customer bandwidth profiling (and thereby policing and enforcement of the service profile) of de-centralized or distributed deployments of customer connection management devices” col. 2, lines 30-35.

Claim 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Noguchi as applied to claim 1 above, and further in view of Falsafi (US 9131408 B1).

Noguchi further discloses the following:
Regarding claim 13, The method of claim 1, wherein the policer limits traffic (e.g. aforesaid policer limiting traffic). 

It is noted that while disclosing the policer limiting traffic, Noguchi is silent about a policer limits traffic based on a quality of service (QoS), which however had been known in the art before the effective filing date of the claimed invention as shown by Falsafi in a disclosure “Apparatus and Method Throttling Network Bandwidth Based on Data Usage” (Title), wherein “Policer 302 is responsible for routing data or packets between connected devices, clients, and/or nodes using a predefined QoS or predefined traffic priorities to ensure smooth routing”  col 9, lines 53-56.
	Therefore, it would have been obvious to one of ordinary skill in the art to combine the policer limiting traffic based on a QoS of Falsafi with the policer of Noguchi “to alleviate traffic congestion” col. 1, line 35.

Claim 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Noguchi as applied to claim 1 above, and further in view of Banse et. al. (US 10257098 B1, Banse hereinafter).

Noguchi further discloses the following:
Regarding claim 14, The method of claim 1, wherein the policer limits traffic (e.g. aforesaid policer limiting traffic). 

It is noted that while disclosing the policer limiting traffic, Noguchi is silent about a policer limits traffic based on a traffic type, which however had been known in the art before the effective filing date of the claimed invention as shown by Banse in a disclosure “Credit Mechanisms for Packet Processing” (Title), wherein “Packet policing may also be used to limit the rate of a certain class or type of packets. For example, in an enterprise network, the network owner may want to limit certain types of traffic, such as for example video streams or storage accesses, to balance the load across the network, limit the flow of packets in certain parts of the network, or for some other reason.” col. 2 lines 21-27. 
Therefore, it would have been obvious to one of ordinary skill in the art to combine the policer limiting traffic based on a traffic type of Banse with the policer of Noguchi to “control a user’s use of a network” col. 2 lines 12-13. 

Claim 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Noguchi as applied to claim 18 above, and further in view of Banse et. al. (US 10257098 B1, Banse hereinafter) and Roese et. al. (US 20050027837 A1, Roese hereinafter).

Noguchi further discloses the following:
Regarding 15, The method of claim 18, wherein the traffic comprises user traffic (e.g. Note that the underlined feature is different from the claimed feature and this difference will be discussed below).

It is noted that while disclosing the traffic, Noguchi is silent about traffic type, which however had been known in the art before the effective filing date of the claimed invention as shown by Banse in a disclosure “Credit Mechanisms for Packet Processing” (Title), wherein “Packet policing may also be used to limit the rate of a certain class or type of packets. For example, in an enterprise network, the network owner may want to limit certain types of traffic, such as for example video streams or storage accesses, to balance the load across the network, limit the flow of packets in certain parts of the network, or for some other reason.” col. 2 lines 21-27. 
Therefore, it would have been obvious to one of ordinary skill in the art to combine the policer limiting traffic based on a traffic type of Banse with the policer of Noguchi to “control a user’s use of a network” col. 2 lines 12-13. 
It is noted further that while disclosing traffic type, Noguchi in view Banse is silent about traffic type comprises broadcast, known unicast, unknown unicast, or multicast, which however had been known in the art before the effective filing date of the claimed invention as shown by Roese in a disclosure “System and Method for Dynamic Network Policy Management” (Title), wherein “Additional policies that may be assigned based on attached function information and/or any trigger related to ingress and egress on a port include but are not limited to bandwidth limits, source address only allowed, filter multicast and broadcast traffic, protocol restrictions, specific VLAN only, no flooding traffic permitted, and mirroring of ingress features and filters” [0041], which policies to filter multicast and broadcast traffic are associated with policer limiting traffic based on broadcast and multicast.
Therefore, it would have been obvious to one of ordinary skill in the art to combine the policer limiting traffic based on multicast and broadcast traffic of Roese with the policer of Noguchi in view of Banse so that “a comprehensive and integrated system for controlling network usage for all attached functions at all times”  [0010] is provided. 

Claim 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Noguchi et. al. (US 20190065425 A1, Noguchi hereinafter) in view of Gandhewar et. al. (US 10050937 B1, Gandhewar hereinafter).

Noguchi discloses the following:
Regarding claim 19, A network device, comprising: 
at least one network processor to receive and send data traffic (e.g. “The program that achieves any of the functions may be executed by a central processing unit (CPU). The CPU is also referred to as microprocessor (MPU) or processor. The CPU is not limited to a single processor and may have a multiprocessor configuration. The single CPU may be connected to a single socket and have a multicore configuration. One or more of the processes of the aforementioned sections may be executed by a processor other than the CPU or by a dedicated processor such as a DSP or a network processing unit (NPU)” [0237], which processor is considered as the network processor and is used to receive and send data traffic); and 
non-transitory machine-readable medium storing a program executable by the at least one network processor (e.g. “A program that causes a computer or another machine or device (hereinafter referred to as computer or the like) to achieve any of the aforementioned functions may be stored in a storage medium readable by the computer or the like. The function may be provided by causing the computer or the like to read and execute the program stored in the storage medium. The storage medium readable by the computer or the like is  a non-transitory storage medium that electrically, magnetically, optically, mechanically, or chemically accumulates information such as data and the program, and the information stored in the storage medium may be read by the computer or the like” [0235]-[0236]), the program comprising sets of instructions for: 
receiving a policer rate;
receiving a maximum data rate corresponding to one or more communications channels; 
receiving a maximum burst time for performing a data burst;
determining a maximum burst size based on the policer rate, the maximum data rate, and the maximum burst time; and 
configuring the network device to police traffic received at the one or more communications channels based the maximum burst size (e.g. Note that the remainder of this claim is similar to claim 1 except that claim 1 is a method claim and this is a non-transitory storage medium claim. Thus, the same reasoning as applied to claim 1 applies here as well).

It is noted that while disclosing the network device, Noguchi is silent about “A network device, comprising: at least one control plane processor configured in a control plane, which however had been known in the art before the effective filing date of the claimed invention as shown by Gandhewar in a disclosure “Reducing Impact of Network Attacks in Access Networks” (Title), wherein “A network device comprising: a control plane having a processor executing software implementing one or more protocols; an interface of a forwarding plane configured to receive a packet from a subscriber access device positioned at an edge of a sub-network of an access network, the packet including trusted information inserted by an intermediate network device positioned between the network device and the subscriber access device, the trusted information identifying the sub-network of the access network from which the packet was received; and a hardware-based policer configured in a packet forwarding engine of the forwarding plane to: determine, based on the trusted information, whether the sub-network identified by the trusted information has been identified as participating in the network attack; forward, responsive to the determination that the sub-network identified by the trusted information has not been identified as participating in the network attack, the packet for subsequent protocol-specific processing by the control plane; and drop, responsive to the determination that the sub-network identified by the trusted information has been identified as participating in the network attack, the packet without forwarding the packet to the control plane.” Claim 11. Note that the network device is considered as the network device of Noguchi.
Therefore, it would have been obvious to one of ordinary skill in the art to combine the control plane processor of the control plane of the network device of Gandhewar with the network device of Noguchi so that “the impact of network attacks in access networks” may be reduced “by avoiding untrusted information that may consume processing resources in the control plane, while also preventing wholesale dropping of all packets across the entire access network in favor of only dropping packets associated with circuits associated with the network attack” col 2, lines 1-7. 

Claim 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Noguchi et. al. (US 20190065425 A1, Noguchi hereinafter) in view of Hastwell et. al. (US 8958318 B1, Hastwell hereinafter) and Joseph (US 9100214 B1).
Noguchi discloses the following:

Regarding claim 20, A network device comprising:
a data processing pipeline (e.g. “The switch 1 includes an input Quality-of-Service (QoS) section 2 and an output QoS section 3 as functional constituent elements. The input QoS section 2 executes a QoS process for the input side of the switch 1. The output QoS section 3 executes a QoS process for the output side of the switch 1. Each of the input QoS section 2 and the output QoS section 3 is a field-programmable gate array (FPGA), an application specific integrated circuit (ASIC), or a programmable logic device (PLD), for example. Alternatively, each of the input QoS section 2 and the output QoS section 3 may be a function achieved by causing a network processor to execute a predetermined program, for example……… The input QoS section 2 includes the same number of policers 20 as the number of flows that are input to the interface cards or the switch 1. However, FIG. 2 illustrates only a single policer 20 for convenience sake. Each of the policers 20 executes policing on a target flow” [0056]-[0058], wherein the input QoS and the output QoS are associated with the network data processing pipeline and flow is considered as network traffic) configured to receive network traffic on a plurality of ingress ports and send the network traffic on a plurality of egress ports (e.g. “If the switch 1 is the chassis switch, the switch 1 includes multiple interface cards having multiple ports, a switch card for relaying between the multiple interface cards, and a control card for executing control (the cards are not illustrated). If the switch 1 is the pizza box switch, the switch 1 includes multiple ports, a switch section for relaying between the ports, and a controller for executing control (the ports, the switch section, and the controller are not illustrated)” [0053], which ports comprise ingress and egress ports wherein network traffic is received at the ingress ports and sent via the egress ports of the network device), wherein a policer to limit the flow of network traffic through the data processing pipeline (e.g. “A policer is a function of executing policing to control the amount of traffic to be input to a buffer. The policing is executed on the upstream side of the buffer. A burst size of the policer is the maximum amount of traffic allowable by the policer” [0035]); and
receiving a policer rate (e.g. “In the policing by each of the policers 20, the following process is executed, for example. For example, if tokens exist in a token bucket (not illustrated), arriving frames are output. For example, if a token does not exist in the token bucket, a process of discarding arriving frames is executed. In the policing, tokens in an amount corresponding to the output frames are deleted from the token bucket. In the policing, a predetermined amount of tokens are added to the token bucket in each of predetermined time cycles” [0059], which predetermined amount of tokens added to the token bucket in predetermined time cycles is associated with the policer rate. Note that the network device must be receiving the policer rate since aforesaid decision to forward or discard arriving frames depends on the policer rate), a maximum data rate corresponding to one or more communication channels (e.g. "Each of the policers 20 includes a burst size setting section 21, a peak information rate (PIR) setting section 22, and a token monitoring section 23. The burst size setting section 21 sets the burst size of the policer 20 or a token upper limit …... The PIR setting section 22 sets the maximum information rate of a target flow” [0060], which maximum information rate is considered as the maximum data rate and aforesaid setting of the maximum information rate must be preceded by receiving the maximum information rate. Moreover, “If the switch 1 is the chassis switch, the switch 1 includes multiple interface cards having multiple ports, a switch card for relaying between the multiple interface cards, and a control card for executing control (the cards are not illustrated). If the switch 1 is the pizza box switch, the switch 1 includes multiple ports, a switch section for relaying between the ports, and a controller for executing control (the ports, the switch section, and the controller are not illustrated)” [0053], which ports are associated with one or more communication channels), and a maximum burst time (e.g. “A burst time period within a predetermined time period may be calculated using the number of times that a frame has been discarded in each token addition cycle. For example, a burst time period within a time period of 1 second is obtained by multiplying a token addition cycle by the number of times that a frame has been discarded for a time period of 1 second. If the burst time period within the predetermined time period exceeds a threshold, the token monitoring section 23 may determine that the target flow is to be subjected to the burst size control” [0085], which burst time with a threshold is considered as the maximum burst time and must be received by the network device before determining whether a target flow is to be subjected to burst size control), 
determining a maximum burst size based on the policer rate, the maximum data rate, and the maximum burst time (e.g. “FIGS. 4, 5, and 6 are diagrams illustrating examples of traffic of flows to be subjected to the burst size control. Each of graphs illustrated on upper sides of FIGS. 4 to 6 indicates an example of a change in the rate of inputting a flow to be subjected to the burst size control. Each of graphs illustrated on lower sides of FIGS. 4 to 6 indicates an example of a change in the amount of tokens accumulated in a token bucket in the case where traffic of a flow indicated by each of the graphs illustrated on the upper sides is input to a policer 20” [0090]. Moreover, “A policer is a function of executing policing to control the amount of traffic to be input to a buffer. The policing is executed on the upstream side of the buffer. A burst size of the policer is the maximum amount of traffic allowable by the policer. In the policing, frames in an amount corresponding to tokens accumulated in a token bucket may be output according to a token bucket scheme. In the policing, if a token is not accumulated in the token bucket, a frame is discarded, for example. A predetermined amount of tokens are added to the token bucket in each of predetermined cycles. An upper limit of the amount of tokens capable of being accumulated in the token bucket is set in the token bucket. The amount of tokens held in the token bucket does not exceed the upper limit. The upper limit of the amount of tokens capable of being accumulated in the token bucket is hereinafter referred to as token upper limit. If the token bucket is full of tokens, the policer may output traffic for the token upper limit. Thus, the burst size of the policer is synonymous with the token upper limit. The burst size of the policer and the token upper limit are examples of the “maximum value of tokens capable of being accumulated” [0035]-[0038], which burst size is considered as the maximum burst size. Thus, the maximum burst size is based on the policer rate, the maximum data rate and the maximum burst time),
configures the policer to police traffic received over the one or more communication channels based the maximum burst size (e.g. Fig. 2, “Each of the policers 20 includes a burst size setting section 21, a peak information rate (PIR) setting section 22, and a token monitoring section 23. The burst size setting section 21 sets the burst size of the policer 20…….. The PIR setting section 22 sets the maximum information rate of a target flow. The burst size setting section 21 is an example of a “controller” [0060], which setting the burst size is associated with configuring the network device to police traffic over the one or more communication channels based on maximum burst size).

It is noted that while disclosing the network device, Noguchi is silent about network device comprising: a data plane comprising a data processing pipeline, the data plane comprises a policer and policer in the data plane, which however had been known in the art before the effective filing date of the claimed invention as shown by Joseph in a disclosure “Performing Customer Bandwidth Profiling In Computer Networks” (Title), wherein “The method of claim 1, further comprising: configuring one or more of a policer unit and a shaper unit located in a data plane of the intermediately positioned network device” (claim 2), which data plane comprises an policer and data prcessing pipeline to process network traffic  or user data traffic. 
Therefore, it would have been obvious to one of ordinary skill in the art to combine the policer in a data plane of the network device of Joseph with the policer of Noguchi so that it enables “service providers to achieve the cost benefits associated with a centralized deployment of customer connection management devices while also potentially providing for the more accurate customer bandwidth profiling (and thereby policing and enforcement of the service profile) of de-centralized or distributed deployments of customer connection management devices” col. 2, lines 30-35.
It is noted further that while disclosing the network device, Noguchi is silent about a control plane for at least configuring the data plane, the control plane receiving a policer rate, a maximum data rate corresponding to one or more communication channels, and a maximum burst time, wherein the control plane comprises means for determining a maximum burst size, and wherein the control plane configures the policer in the data plane, which however had been known in the art before the effective filing date of the claimed invention as shown by Hastwell in a disclosure “Event-based Capture Of Packets From A Network Flow” (Title), wherein “Control-plane policing allows the size of captured bursts (i.e., contiguous groups of packets) to be configured ahead of time. After the predetermined number of packets is captured, remaining packets will be dropped in the hardware” col. 8 lines 4-6. Note that the policer rate, maximum data rate and maximum burst time are control data used to determine the maximum burst size to control user data and thus must be received by the control plane of the network device since as known to one of ordinary skill in the art, data plane is associated with network traffic or user data traffic and control plane is associated with control data to configure the user data of the data plane by configuring the policer. 
Therefore, it would have been obvious to one of ordinary skill in the art to combine Hastwell’s method of determining the burst size in the control plane with the method of determining the burst size of Noguchi so that “techniques described herein allow for the collection of bursts of traffic to provide the analysis server with full batches of packets substantially at the moment when a particular event occurs. This is advantageous as malicious events rarely manifest themselves with individual packets (e.g., denial-of-service (DoS) attacks, network scans, etc.)”  col. 9 lines 32-39.

(Examiner’s Note: In addition to references mentioned above, another reference US 10050937 B1 also discloses policers on a data plane and a control plane controlling the processing of the policers on the data plane).

Allowable Subject Matter
Claim 6 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims along with making corrections of all 112(b) issues associated with these claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUMITRA GANGULY whose telephone number is (571)272-0813. The examiner can normally be reached 10 a.m to 6 p.m.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Derrick Ferris can be reached on 571 272 3123. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SUMITRA GANGULY/Examiner, Art Unit 2411                     

/JUNG H PARK/Primary Examiner, Art Unit 2411