DETAILED ACTION

1.	Claims 1, 4, 6, and 9 are presented for consideration.

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

2.	Claims 1, 4, 6, and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Robertson [ US Patent Application No 2016/0164840 ], in view of Ross [ US Patent Application No 2017/0078323 ].

3.	As per claim 1, Robertson discloses the invention as claimed including a method, comprising: 
distributing a service request from a network switch to a response module [ i.e. distributor component routes request to at least two web proxy servers ] [ i.e. 300, Figure 3; and paragraphs 0065, 0067, and 0069 ], where the response module comprises a main controller configured for data interaction processing and an auxiliary controller configured for interactive data processing [ i.e. proxy servers, type A and type B receive the request for resources and proceeds to process the request ] [ 110a, 110b, Figure 3; and paragraphs 0085-0091 ], both the main controller and 
generating, by the main controller and the auxiliary controller in the response module, respective response data according to the service request, respectively [ i.e. output from the web proxy servers 110a, 110b ] [ 615, Figure 6; 715, Figure 7; and paragraphs 0092, and 0096 ]; and 
comparing the respective response data of the main controller with the respective response data of the auxiliary controller [ i.e. comparator component compares both of the outputs ] [ paragraphs 0066, and 0093 ]; if a result of comparison is inconsistent, indicating the network switch is abnormal [ i.e. detect a difference between the two outputs, an alert is generated ] [ paragraph 0096, and 0097 ];
wherein the main controller and the auxiliary controller comprise different CPUs, different operating systems and protocol stack software to form heterogeneous equivalent controller structures [ i.e. designed/manufacture by different vendors ] [ Figure 2; and paragraphs 0063, 0064 ]; and
wherein the main controller is configured for normal data interaction processing; the auxiliary controller is configured to receive distributed data consistent with that of the main controller and respond to the distributed data [ i.e. proxy servers, type A and type B receive the request for resources and proceeds to process the request ] [ 110a, 110b, Figure 3; and paragraphs 0085-0091 ].
Robertson does not specifically disclose an administrator is informed, and the response data generated by the auxiliary controller is fed back to the network switch; and, if the result of comparison is consistent, the response data generated by the main controller is fed back to the network switch; and

Ross discloses an administrator is informed [ i.e. alerting an administrator to the event ] [ paragraphs 0018, and 0035 ], and the response data generated by the auxiliary controller is fed back to the network switch; and, if the result of comparison is consistent, the response data generated by the main controller is fed back to the network switch [ i.e. comparator module may be configured to receive from each implementations to which a given request has been sent a corresponding response generated by that implementation in response to the request ] [ 110, Figures 1 and 3; and paragraphs 0020, and 0029 ]; and
during the interactive data processing, the auxiliary controller is in an invisible state where the auxiliary controller is isolated from the network switch [ i.e. providing security isolation between the implementations ] [ paragraphs 0026, and 0028 ].
It would have been obvious to a person skill in the art before the effective filing date of the claimed invention to combine the teaching of Robertson and Ross because the teaching of Ross would enable to detect attacks, to minimize vulnerability windows as well as to identify and contain attackers [ Ross, paragraph 0018 ].

4.	As per claim 4, Robertson discloses the invention as claimed including a device, comprising: 
a distribution module, a response module and a sensing module [ Figures 3, and 4 ], wherein: the distribution module is configured to distribute a service request from a network switch to the response module [ i.e. distributor component routes request to at least two web proxy servers ] [ i.e. 300, Figure 3; and paragraphs 0065, 0067, and 0069 ], the response module 
the response module is configured to generate respective response data by using the main controller and the auxiliary controller according to the service request, respectively  [ i.e. output from the web proxy servers 110a, 110b ] [ 615, Figure 6; 715, Figure 7; and paragraphs 0092, and 0096 ]; and 
the sensing module is configured to compare the respective response data generated by the main controller and the auxiliary controller [ i.e. comparator component compares both of the outputs ] [ paragraphs 0066, and 0093 ]; if a result of comparison is inconsistent, determine that the network switch is abnormal [ i.e. detect a difference between the two outputs, an alert is generated ] [ paragraph 0096, and 0097 ];
the main controller and the auxiliary controller comprise different CPUs, different operating systems and protocol stack software to form heterogeneous equivalent controller structures [ i.e. designed/manufacture by different vendors ] [ Figure 2; and paragraphs 0063, 0064 ]; and
the main controller is configured for normal data interaction processing; the auxiliary controller is configured to receive distributed data consistent with that of the main controller and respond to the distributed data [ i.e. proxy servers, type A and type B receive the request for 
Robertson does not specifically disclose inform an administrator, and feed back the response data generated by the auxiliary controller to the network switch; and, if the result of comparison is consistent, feed back the response data generated by the main controller to the network switch; and
during the interactive data processing, the auxiliary controller is in an invisible state where the auxiliary controller is isolated from the network switch.
Ross discloses an administrator is informed [ i.e. alerting an administrator to the event ] [ paragraphs 0018, and 0035 ], and feed back the response data generated by the auxiliary controller to the network switch; and, if the result of comparison is consistent, feed back the response data generated by the main controller to the network switch [ i.e. comparator module may be configured to receive from each implementations to which a given request has been sent a corresponding response generated by that implementation in response to the request ] [ 110, Figures 1 and 3; and paragraphs 0020, and 0029 ]; and
during the interactive data processing, the auxiliary controller is in an invisible state where the auxiliary controller is isolated from the network switch [ i.e. providing security isolation between the implementations ] [ paragraphs 0026, and 0028 ].
It would have been obvious to a person skill in the art before the effective filing date of the claimed invention to combine the teaching of Robertson and Ross because the teaching of Ross would enable to detect attacks, to minimize vulnerability windows as well as to identify and contain attackers [ Ross, paragraph 0018 ].

5.	As per claim 6, Robertson discloses the invention as claimed including an Ethernet switch, comprising: 
a switching chip configured to forward data  [ i.e. distributor component routes request to at least two web proxy servers ] [ i.e. 300, Figure 3; and paragraphs 0065, 0067, and 0069 ]; 
a main controller configured to receive service request data distributed by the switching chip in a normal data interaction state and respond to the service request data; 15an auxiliary controller configured to receive service request data distributed by the switching chip and respond to the service request data  [ i.e. proxy servers, type A and type B receive the request for resources and proceeds to process the request ] [ 110a, 110b, Figure 3; and paragraphs 0085-0091 ], both the main controller and the auxiliary controller being of a heterogeneous equivalent controller structure [ i.e. non-identical web proxy servers ] [ paragraph 0063, and 0064 ]; and 
a comparator configured to distribute the service request data from the switching chip to the main controller and the auxiliary controller, to compare response data of the main controller and the auxiliary controller [ i.e. comparator component compares both of the outputs ] [ paragraphs 0066, and 0093 ], and further to forward data and/or inform an administrator according to a result of comparison [ i.e. detect a difference between the two outputs, an alert is generated ] [ paragraph 0096, and 0097 ]; wherein
the main controller and the auxiliary controller comprise different CPUs, different operating systems and protocol stack software to form heterogeneous equivalent controller 
the main controller is configured for normal data interaction processing; the auxiliary controller is configured to receive distributed data consistent with that of the main controller and respond to the distributed data [ i.e. proxy servers, type A and type B receive the request for resources and proceeds to process the request ] [ 110a, 110b, Figure 3; and paragraphs 0085-0091 ].  
Robertson does not specifically disclose the switching chip in an invisible state, and during the interactive data processing, the auxiliary controller is in an invisible state where the auxiliary controller is isolated from the switching chip.
Ross discloses the switching chip in an invisible state, and during the interactive data processing, the auxiliary controller is in an invisible state where the auxiliary controller is isolated from the switching chip  [ i.e. providing security isolation between the implementations ] [ paragraphs 0026, and 0028 ].
It would have been obvious to a person skill in the art before the effective filing date of the claimed invention to combine the teaching of Robertson and Ross because the teaching of Ross would enable to detect attacks, to minimize vulnerability windows as well as to identify and contain attackers [ Ross, paragraph 0018 ].

6.	As per claim 9, it is rejected for similar reasons as stated above in claim 1.

Response to Arguments

7.	Applicant’s arguments with respect to claim(s) 1, 4, 6, and 9 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUSTIN NGUYEN whose telephone number is (571)272-3971. The examiner can normally be reached Monday-Friday 9-6 PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian Gillis can be reached on 571-2727952. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/DUSTIN NGUYEN/Primary Examiner, Art Unit 2446