DETAILED ACTION

This office action is a response to the amendment filed on 2/3/2022. Claims 1-14 and 21-26 are pending.


Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Allowable Subject Matter

Claims 1-14 and 21-26 (renumbered as 1-20) are allowed.
The following is an examiner’s statement of reasons for allowance:
Applicant's amendments filed on 2/3/2022 have overcome the current rejections. An updated search has been performed and no prior art has been found that solely, or in any reasonable combination, reads on the claims.
Claimed invention is directed to a method for implementing security filters for virtual network function (VNF) which involves receiving a request to create a VNF on a worker node. A filter for the worker node is updated for the VNF based on the request. The filter is configured to filter data traffic from and to the multiple VNFs within the worker node based on security rules.
Closest prior art include Sood et al., Banerjee et al., and Wu et al. Sood discloses a VNF for performing security monitoring in a network functions virtualization architecture which performs an authenticated key exchange with a VNF manager and configures the security monitoring VNF based on personalization data received from the VNF manager. 

Wu discloses that a system QoS monitor may monitor performance metrics such as capacity utilization, network input/output for each processor, and event processing throughput per event processor. SDM resources may be reconfigured to add more capacity when network event processing throughput falls below a threshold.
However, prior art on record does not disclose denying data traffic based on security rules for certain types of traffic, allowing certain traffic based on traffic types and destination being a particular VNF, and denying certain traffic based on origination being a particular VNF. 
Claims 1, 8 and their dependent thereof are allowable because the closest prior art, either alone, or in combination, fails to anticipate or render obvious the above mentioned features of based on the security rules, denying, by the filter, first data traffic of the data traffic based on an identification of the first data traffic as being a packet, allowing, by the filter, second data traffic of the data traffic based on an identification of the second data traffic as being of a type that is different from a packet, denying by the filter, third data traffic of the data traffic based on the third data traffic being from a second virtual network function of the plurality of virtual network functions within the first worker node, and allowing, by the filter, fourth data traffic of the data traffic based on the fourth data traffic being destined for the second virtual network function; in combination with all other limitations in the claims as defined by the Applicant.
Claim 21 and its dependent thereof are allowable because the closest prior art, either alone, or in combination, fails to anticipate or render obvious the features of wherein the security rules allow, by the filter, first data traffic based on an identification of the first data traffic as being a packet, deny, by the filter, second data traffic of the data traffic based on an identification of the second data traffic as being of a type that is different from a packet, allow, by the filter, third data traffic of the data traffic based on the third data traffic being from a second virtual network function of the plurality of virtual network functions within the first worker node, and deny, by the filter, fourth data traffic of the data traffic based on the fourth data traffic being destined for the second virtual network function; in combination with all other limitations in the claims as defined by the Applicant.



Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAUMIT SHAH whose telephone number is (571)272-6959. The examiner can normally be reached Monday - Friday 9 am - 6 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, EDAN ORGAD can be reached on (571) 272-7884. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SAUMIT SHAH/Primary Examiner, Art Unit 2414