DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Remarks
This communication is considered fully responsive to the amendment filed on 11/12/2021.
Claims 1-5, 7-12, 14 are pending and are examined in this office action. 
Claim 1, 8  have been amended.
No new claim has been added and Claim 6, 13 have been canceled.

Response to Arguments
Applicant’s arguments, filed 11/12/2021, with respect to the rejection(s) of claim(s) under 35 USC § 102 have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of prior art on record to clarify the mapping and further in view of Hwang et al. (US 20150109923  A1; hereinafter as “Hwang”).

	
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
.


Claims 1-6, 8-13 are rejected under 35 U.S.C. 103 as being unpatentable over HANKINS et al. (US 20190268224 A1; hereinafter as “HANKINS”) in view of Hwang et al. (US 20150109923  A1; hereinafter as “Hwang”).

Regarding claim 1, HANKINS teaches a method for a network device (see fig. 3: Tunnel server 560 and NAT 563 combined: [0141]-[0142]; “a NAT device is incorporated into a tunnel server”: [0136]) to provide network interoperability support for a non-virtualized entity in a network environment (“devices communicating as part of virtual broadcast domain 514 may communicate with devices operating as part of non-virtual broadcast domain 510. In one illustrative embodiment, this may be accomplished via a tunnel server”: [0141]; VPN connection between virtual broadcast domain with non-virtual broadcast domain: [0142]), wherein the method comprises:  
 (Fig. 3: controller 506) and associated with a network interoperability support service, performing security verification ( (Fig. 3: controller, element 506; fig. 4 element 421: Aforesaid controller initiates provisioning of tunnel server: “a controller may initiate provisioning of one or more tunnel servers… At block 422, a controller may initiate transmission of one or more network addresses for one or more tunnel servers to gateway device A and/or gateway device B,....”: [0136]; Aforesaid tunnel server creates a VPN tunnel from virtual domain to non-virtual domain: “Selected networking policies or a unified networking policy may, for example, include particulars regarding implementing at least one of the following processes: virus scanning, authentication, filtering (including URL filtering, for example), deep packet inspection, encryption, a firewall”: [0049])  and one  or more configuration operations to configure a network interoperability support service on the network device (see fig. 4: aforesaid tunnel server  “may also include a capability to implement a private network policy and inspection”: [0049]; [0075];  “A logical broadcast domain  [==non-virtual broadcast domain] may also be extended to another device communicating as part of another network [==virtual broadcast domain], such as via a virtual private network (VPN) [==network interoperability support service]”.. aforesaid Tunnel server creates VPN tunnel among the devices including layer security: [0169], see fig. 4: element 424: Tunnel server initiates services, inter alia, virus scanning, URL filtering, deep  inspection, firewall etc (==one  or more configuration operations to configure a network interoperability support service])  with respect to signal packet transmissions: [0136] ; NAT  service at Tunnel server: [0136]) ;


    PNG
    media_image1.png
    579
    836
    media_image1.png
    Greyscale

Obtaining, from the management entity (Fig. 5: controller 506), policy information associated with the network interoperability support service (… “a controller may provision one or more tunnel servers, for example, to facilitate communications between network devices communicating as part of different broadcast domains”: [0034];  “a controller may provision one or more tunnel servers” to provide VPN tunnel: [0034]; “…a tunnel service may also include a capability to implement a private network policy and inspection”: , “the term private network policy and inspection refers to a capability to implement a unified networking policy, despite potentially being physically or logically separate networks and/or physically or logically separate sub-networks, for example.”: [0049];   [0049]) by;  
in response to detecting an ingress packet travelling from a virtualized computing environment towards the non-virtualized entity, or an egress packet travelling from the non-virtualized entity (a signal packet from virtual broadcast domain to non-virtual domain: [0047]; see fig. 3,  [0018] performing the network interoperability support service (“tunnel server linking several network devices, for example. A tunnel server may, for example, execute software capable of receiving and/or sending signal packets from network devices in different logical broadcast domains:” [0046]; VPN service from non-virtual to virtual entry: [0148]); 
performing the network interoperability support service by processing the ingress packet or egress packet based on the policy information (“… a tunnel service may also include a capability implement a private network policy and inspection process, which may, for example, including a unified networking policy, ….Selected networking policies or a unified networking policy may, for example, include particulars regarding implementing at least one of the following processes: virus scanning, authentication, filtering (for example, URL filtering), deep packet inspection, encryption, a firewall”.. [0075]; tunnel server 560 may be instructed to forward network transmission signal packets from gateway device 515 to gateway device 511, and forward network transmission signal packets from gateway device 511 to gateway device 515:[0146]).

While HANKINS teaches “Obtaining, from the management entity, policy information associated with the network interoperability support service”,   
HANKINS does not expressively teach:  
based on the configuration information, determining address information associated with the management entity; and generating and sending a request to the management entity using the address information to register the network device and to obtain the policy information.

HANKINS, in the same field of endeavor, discloses: 
based on the configuration information, determining address information associated with the management entity; and generating and sending a request to the management entity using the address information to register the network device and to obtain the policy information  (“A controller device in a network receives a registration request from a physical switch device and from a virtual switch that is hosted by a server device in the network. The controller device registers the physical switch device such that the controller device is able to send configuration messages to the physical switch device. The controller device also registers the virtual switch such that the controller device is able to receive mapping information from the virtual switch. The controller device receives from the virtual switch the mapping information comprising Media Access Control address information of one or more virtual machines that are in communication with the virtual switch. The mapping information is stored in a database maintained by the controller device.”: [abstract]; “the ToR switch 104 may have registered with the controller 106 prior to sending this ARP request message, and as a part of the registration process, the controller 106 may have sent to the ToR switch 104 a configuration message that comprises instructions for the ToR switch 104 to send to the controller 106 any ARP or other address request message received by the ToR switch 104”: [0032]-[0033]; configuration message include controller’s address:[0048];  “The virtual switches 110(1) and 110(2), for example, will register (e.g., send a registration message) with the controller 106 using, e.g., an OpenFlow protocol. The OpenFlow protocol will ensure the registration of the ToR switch 104 (e.g., an OpenFlow or "OF" switch) to the controller”: …” Virtual Switch Database (OVSDB) Management Protocol or an Extensible Messaging and Presence Protocol (XMPP)) to enable the controller 106 to send OpenFlow rules to a flow table of the ToR switch 104. ”: [0028]).

Therefore, it would have been obvious to one of the ordinary skill in the art, before the effective filing date of the claimed invention was filed to provide the technique of HWANG to the system of HANKINS in order to maintain a database of address and policy for the devices connected to controller (HWANG, [0029]).   
 
Regarding claim 2, HANKINS in view of HWANG teaches, the method of claim 1 above. Furthermore HANKINS teaches , wherein performing the network interoperability support service (virtual tunnels) comprises: modifying an existing packet field of the ingress packet to store context information associated with the network interoperability support service, wherein the existing packet field is a header field or a payload field (aforesaid “ tunnel server, for example, may be employed to monitor and/or measure network traffic. To do so may involve, for example, termination of signal packet encapsulation. After termination of encapsulation, subsequent re-encapsulation may then permit a signal packet to continue to traverse a private network in an embodiment: [0077]).

Regarding claim 3, HANKINS in view of HWANG teaches, the method of claim 1 above. Furthermore HANKINS teaches , wherein performing the network interoperability support service  (VPN) comprises: based on the policy information, performing the network (A non-virtual broadcast domain simply is another way to refer to a physical BD since it refers to a broadcast domain in which the broadcast domain devices exclude any virtual devices. Thus, devices in a non-virtual BD may comprise physical devices, such as a router, a computing platform (that includes a computing device, for example), a network device, etc. The term broadcast domain is also used in a generic sense meaning that it is not limited exclusively to a broadcast type of signal packet transmission scheme and/or may include in addition to and/or in place of a broadcast, other types of signal packet transmission schemes, such as, but not limited to, anycast, broadcast, multicast, unicast, geocast, the like, or any combinations thereof : [0031]; a tunnel server may comprise a network device physically, logically, virtually or non-virtually separate from a controller. Likewise, a tunnel server may execute additional services. For example, in an embodiment, a tunnel service may also include a capability to implement a private network policy and inspection: [0049]).

Regarding claim 4, HANKINS in view of HWANG teaches, the method of claim 1 above. Furthermore HANKINS teaches , wherein performing the network interoperability support service comprises: performing the network interoperability support service to implement one or more of the following for the non-virtualized entity: micro-segmentation, network observability service, sidecar proxy service, and tunneling service (VPN tunnel service in between two broadband domain: [0105]-[0106]). 

Regarding claim 5, HANKINS in view of HWANG teaches, the method of claim 1 above. Furthermore HANKINS teaches , wherein performing the security verification comprises: performing security verification based on security information in the configuration information prior to installing software image information to configure the network interoperability support service (“controller 206 may provision tunnel server 260 and may notify gateway devices 211 and/or 215 of a network address for tunnel server 260”: [0093];  configuration of a devices can be “through installation of a software application on a device”: [0093], [0093]). 

Regarding claims 8-12, the claim is interpreted and rejected for the same reason as set forth in claims 1-5.

Claims 7, 14 are rejected under 35 U.S.C. 103 as being unpatentable over HANKINS in view of HWANG  and further  in view of DECUSATIS et al. (US 20150350081 A1; hereinafter as “DECUSATIS”).

Regarding claim 7, HANKINS in view of HWANG  teaches independent claim 1 as shown above. HANKINS in view of HWANG   do not expressively teach, the method of claim 1, wherein performing the one or more configuration operations comprises at least one of the following: configuring a bridging module of the network device to perform network bridging from a virtual network in the virtualized computing environment to a physical network in which the non-virtualized entity is located; configuring a layer-2 switching module to perform layer-2 bridging; configuring a control-plane agent of the network device to interact with the .

DECUSATIS teaches: the method of claim 1, wherein performing the one or more configuration operations comprises at least one of the following: configuring a bridging module of the network device to perform network bridging from a virtual network in the virtualized computing environment to a physical network in which the non-virtualized entity is located; configuring a layer-2 switching module to perform layer-2 bridging; configuring a control-plane agent of the network device to interact with the management entity to obtain the policy information; and configuring a packet processing module to perform the network interoperability support service (see fig. 2: LAYER 2 NETWORK from virtual network to non-virtual network: Overlay networks like Virtual eXtensible Local Area Network (VXLAN) connect geographically separated Layer-2 (L2) networks using tunnels. These are L2 over Layer-3 (L3) tunnels. L2 packets originated by a virtual machine (VM) in a VXLAN and destined to another VM or group of VMs in same VXLAN in another physical location are carried over L3 tunnels. VXLAN tunnels are created by encapsulating data packets with VXLAN identifiers, which identify the tunnel through which the data packets are to flow. [0002]).

Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention was filled to provide the technique of
DECUSATIS to the method of HANKINS  in view of HWANG  in order to provide control the flow of the data packets among virtual network and non-virtual network (DECUSATIS, [0025]). The (DECUSATIS, [0030]). 

Regarding claims 14, the claim is interpreted and rejected for the same reason as set forth in claims 7.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to M MOSTAZIR RAHMAN whose telephone number is (571)272-4785. The examiner can normally be reached 8:30am-5:00pm PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Derrick Ferris can be reached on 571-272-3123. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for 





/M Mostazir Rahman/Examiner, Art Unit 2411                                                                                                                                                                                                        
/DERRICK W FERRIS/Supervisory Patent Examiner, Art Unit 2411