Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detailed Action
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Claims 1-3, 5-9, 11 & 18-27 remain pending in this application. Applicant's submission filed on 25 January 2022 has been entered.
  
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5-9 & 11 are rejected under 35 U.S.C. 103 as being unpatentable over Kapoor et al (USPG Pub No. 20080133518A1; Kapoor hereinafter) in view of Robertson et al (USPG Pub No. 20020188538A1; Robertson hereinafter) further in view of Manghirmalani et al (USPG Pub No. 20140337509A1; Manghirmalani hereinafter).

	As for Claim 1, Kapoor teaches, A method comprising:
	“receiving from a first packet processing device of a plurality of packet processing devices, by the centralized state engine, a query pertaining to state information associated with a packet to be processed by the first packet processing device, wherein the state information associated with the packet influences how the packet is to be processed by the first packet processing device” (see Fig. 1; see pp. [0122], [0124-0127] ; e.g., the reference of Kapoor teaches of the monitoring of data flows involving packets of data indicating state information of at least one of a plurality of networked devices within an intrusion detection system, for example.  A flow processing facility, running on a computing device and considered equivalent to Applicant’s centralized state engine, can implement a firewall that operates on packets of a dataflow received from at least another of a plurality of networked devices and embodies a stateful process that examines headers, payloads or in the context of a network state to detect unwanted manipulations of networked resources.  This state may relate to a session or connection associated with a specific protocol or application in use, where detection of unwanted manipulations may include accessing, utilizing, logging in/out, activating service, etc.  As discussed within paragraphs [0209-0210] and [0455], a request, considered equivalent to Applicant’s teaching of a received query, can be instantiated and recognized within the payloads of received packets, and acted upon by the flow processing facility to provide stateful, dynamic re-routing of data packets and flows.  The flow processing facility processes requests for access to URLs, for example, within data flows, which can be approved or denied, thus providing URL filtering and influencing the processing of data received); 
responsive to the query, identifying, by the centralized state engine, the state information based on the query by processing the received query with reference to the state database (see pp. [0209-0211]; e.g., As discussed within at least paragraphs [0209-0211], action rules are adhered to and matched up with received data packets and/or their corresponding data cells in order to specify an action that triggers a transaction associated with a provision of a service and is associated with at least a “logging database” containing “a log of alerts, packets, data cells, or information associated with any and all of the foregoing”);  and 
providing, by the centralized state engine, the first packet processing device with the identified state information by generating a response to the query containing the identified state information (see pp. [0176-0178]; e.g., As stated within paragraph [0176-0178], an output map pertaining to a dataflow can be generated in real-time which, in collaboration with a detection process, can flag a data flow as anomalous and process the data off-line and/or out of band for more analysis.  The further analysis can utilize content search logic to produce a “pattern tree” to represent a set of patterns and represent states in a state machine as there had been transitions from one state to another, as discussed within paragraphs [0180-0184]). 
The reference of Kapoor does not appear to explicitly recite the amended limitations of, “facilitating decoupling of state storage from packet processing within a distributed security environment by maintaining, by a centralized state engine running on a computing device and associated with the distributed security environment, state information in a state database for each of a plurality of end-to-end packet flows”, “wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment and which operate at different times as state producers or state consumers”, “wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices”.
The reference of Robertson recites the amended limitation for, “facilitating decoupling of state storage from packet processing within a distributed security environment by maintaining, by a centralized state engine running on a computing device and associated with the distributed security environment, state information in a state database for each of a plurality of end-to-end packet flows” (see pp. [0290-0291], [0294]; e.g., the reference of Robertson serves as an enhancement to the teachings of Kapoor by providing for the decoupling of data from the services and applications that historically owned the data, thereby decoupling shared enterprise data from specific applications and opening up the data layer to across-the-enterprise access.  Applicant’s “centralized state engine” is equivalent in function to the “DataBus” of Robertson, as the DataBus provides a mechanism for separating applications and data resources within a distributed environment.  A clean separation is made between applications {i.e., dynamic elements} and data resources or persistent business objects {i.e., somewhat static, passive elements} that are accessed by those applications. The cited paragraph [0294] provides at least an “underlying relational database” which stores the state of these business objects”  Earlier text within paragraph [0091] teaches of utilizing a “federated architecture” in which interconnected servers/hubs processing information on one or more of a plurality of applications produce and consume data, while paragraph [0123] teaches of utilizing “security servers with security applications and rules servers with a rules engine installed”, equivalent in function to Applicant’s “distributed security environment”. Paragraph [0252] provides for the use of “multicast packets” for allowing service provider processes and consumer processes to spontaneously discover servers within a multicast radius, thus, accounting for one or more of a plurality of “end-to-end packet flows”),
The combined references of Kapoor and Robertson are considered analogous art for being within the same field of endeavor, which is computer security and protection and access to data resources.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have combined the decoupling of state data from one or more data resources within a distributed environment, as taught by Robertson, with the method of Kapoor in order to satisfy a need for a system which supports the ubiquity of data access, subject to security constraints across a large enterprise, wherein data may be highly distributed and partitioned. (Robertson: [0021])
The combined references of Kapoor and Robertson do not appear to explicitly recite the limitations of, “wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment and which operate at different times as state producers or state consumers”, and “wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices”.
The reference of Manghirmalani recites the limitations of, “wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment and which operate at different times as state producers or state consumers” (see Fig. 1; see pp. [0071], [0087], [0092], [0108]; e.g., the reference of Manghirmalani serves an enhancement to the combined teachings of Kapoor and Robertson, and provides teachings which incorporate the utilization of an “Intrusion Protection System (IPS)” having an “Intrusion Detection System” within virtualized/non-virtualized environments involving the communication of flows of packets of “SERMON data” by a plurality of “SERMON Clients” and “SERMON Servers”.  One or more of a plurality of components, such as a “PDM State Manager”, is used for the storage of SERMON data, and as stated within the cited paragraph [0071], is responsible for managing all of the states for metrics that are periodically collected from an identified entity within the hosted service environment.  Paragraph [0108] teaches of utilizing an “intrusion prevention system (IPS)”, an “intrusion detection system (IDS)” and/or firewalls, which are modeled from input-output packet/byte counters and CPU load.  In relation to those teachings, and found within earlier text of paragraph [0087], Manghirmalani describes the improvement of performance and security of networks by applying one or more of a plurality of services instantiated by a plurality of perimeter switches and inner switches, and controlled by at least a “logically centralized controller” that facilitates unidirectional “service paths” specified for upstream and downstream traffic, which is funneled through forms of network performance monitoring {i.e. pp. [0154]} such as at least “Virus Scan”, “Deep Packet Inspection (DPI)” and “Content Cache”,  before entering the Internet. As stated within rationale provided above, “SERMON Clients” and “SERMON Servers” are involved in the communication of flows of packets within virtualized/non-virtualized environments.  A controller application providing the distribution of flows to different instances of DPI utilizes at least CPU data and packet data such as packet rate statistics, inspecting each and every packet beyond the TCP headers scanning for recognizable content to apply rules, as discussed within paragraph [0092], and further reading on Applicant’s teaching of “security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning...”), and 
“wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices” (see Fig. 1; see pp. [0016-0018], [0091-0092]; e.g., the cited paragraphs [0016-0018] of Manghirmalani provide the functionality of at least the PDM state manager, which receives a communicated request having at least a list of switches to be passed from one or more applications requesting information through a “performance database manager (PDM)”, and flagging an application identifier and storing SERMON data within an “AppDB” after determining whether this is the first encounter of the request. At least Figure 1 illustrates the use of a plurality of SERMON clients and SERMON servers {i.e. considered equivalent to Applicant’s “at least two packet processing devices of the plurality of packet processing devices”} being utilized for the request and retrieval of data, such as request for snapshot data.  Paragraph [0071] teaches that the “PDM State Manager”, is used for the storage of SERMON data, and is responsible for managing all of the states for metrics that are periodically collected from an identified entity within the hosted service environment.  Additionally, paragraphs [0091-0092] discuss the hierarchical relationships of retrieved performance data apparently from SERMON Clients/Servers  having a plurality of identifiers and metrics, such as “socket statistics (sockstat)”, which includes protocol and status (state information), utilized for further analysis by at least different instances of Deep Packet Inspection (DPI))
The combined references of Kapoor, Robertson and Manghirmalani are considered analogous art for being within the same field of endeavor, which is computer security and protection and access to data resources for a network packet processing apparatus using fault recovery mechanisms.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have incorporated an Intrusion Protection System for the for packet security scanning of packets within a communicated flow of packets over a network, as taught by Manghirmalani, with the methods of and Robertson Kapoor, because what is needed is a framework for exporting application configuration and performance information for performance monitoring in virtualized and non-virtualized environments. (Manghirmalani: [0009])



		As for Claim 2, Kapoor teaches, the state information for the plurality of packets comprises any or a combination of session state information, network security device related state information, flow state information, 5-tuple state information, and security control based state information (see pp. [0123-0125]; e.g., the reference of Kapoor teaches of embodying a stateful process that, “examines the headers, payloads, or both in the context of a network state.  This state may relate to a session or connection that is associated with a particular protocol or application in use over the network.  In an example and without limitation, this state may relate to a TCP/IP connection”, reading on Applicant’s claimed limitation of utilizing “network security device related state information”). 
As for Claim 3, Kapoor teaches, the first packet processing device comprises any or a combination of a network security device, an application device, a host device, a virtualization host, a packet-forwarding device, or a packet-processing module configured therein (see pp. [0139], [0483]; e.g., utilizing network security virtualization for at least a plurality of server devices). 
As for Claim 5, Kapoor teaches, pushing to the first packet processing device, by the centralized state engine, the state information associated with the packet responsive to receipt by the centralized state engine of an update to the state information associated with the packet (see pp. [0489-0490]; e.g., the reference of Kapoor teaches of each security aspect of network security deployment facilitating pushing policies and updates to various components separately without impacting others). 

As for Claim 6, Kapoor teaches, creating, by the centralized state engine, the state information associated with the packet responsive to receiving the state information associated with the packet from a second packet processing device of the plurality of packet processing devices (see pp. [0561]; e.g., the reference of Kapoor teaches of utilizing a data flow processing facility, considered equivalent in function to a centralized state engine, in order to receive and process data flow over a network from at least one other processing device including packet headers and/or data flow, providing a stateful inspection of data cells, and allowing, denying or modifying incoming data). 

As for Claim 7, Kapoor teaches, A computer system associated with a distributed security environment, wherein the computer system comprises: 
a non-transitory storage device having embodied therein instructions representing a state engine (see pp. [0240-0241]; e.g., utilizing at least one of a plurality of memory devices.  A flow processing facility, running on a computing device, is considered equivalent to Applicant’s centralized state engine); and 
one or more processors coupled to the non-transitory storage device and operable to execute the state engine to perform a method (see pp. [0016]; e.g., utilizing at least one of a plurality of processors, such as a control processor and a data flow processor) comprising: 
receiving from a first packet processing device of the plurality of packet processing devices a query pertaining to state information associated with a packet to be processed by the first packet processing device, wherein the state information associated with the packet influences how the packet is to be processed by the first packet processing device (see Fig. 1; see pp. [0122], [0124-0127] ; e.g., the reference of Kapoor teaches of the monitoring of data flows involving packets of data indicating state information of at least one of a plurality of networked devices within an intrusion detection system, for example.  A flow processing facility, running on a computing device and considered equivalent to Applicant’s centralized state engine, can implement a firewall that operates on packets of a dataflow received from at least another of a plurality of networked devices and embodies a stateful process that examines headers, payloads or in the context of a network state to detect unwanted manipulations of networked resources.  As discussed within paragraphs [0159], [0209-0210], a request can be instantiated by the flow processing facility to provide stateful, dynamic re-routing of data packets and flows); 
responsive to the query, identifying the state information based on the query by processing the received query with reference to the state database (see pp. [0209-0210]; e.g., As discussed within at least paragraphs [0209-0211], action rules are matched up with received data packets and/or their corresponding data cells in order to specify an action that triggers a transaction associated with a provision of a service and is associated with at least a “logging database” containing “a log of alerts, packets, data cells, or information associated with any and all of the foregoing”); and 
providing the first packet processing device with the identified state information by generating a response to the query containing the identified state information (see pp. [0176-0178]; e.g., As stated within paragraph [0176-0178], an output map pertaining to a dataflow can be generated in real-time which, in collaboration with a detection process, can flag a data flow as anomalous and process the data off-line and/or out of band for more analysis.  The further analysis can utilize content search logic to produce a “pattern tree” to represent a set of patterns and represent states in a state machine as there had been transitions from one state to another, as discussed within paragraphs [0180-0184]).  
The reference of Kapoor does not appear to explicitly recite the amended limitations of, “facilitating decoupling of state storage from packet processing within a distributed security environment by maintaining, by a centralized state engine running on a computing device and associated with the distributed security environment, state information in a state database for each of a plurality of end-to-end packet flows”, “wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment and which operate at different times as state producers or state consumers”, “wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices” and “wherein the first or second packet processing device determines no further scanning is necessary responsive to the security state information indicative of a completed IPS scan”.
The reference of Robertson recites the amended limitation for, “facilitating decoupling of state storage from packet processing within a distributed security environment by maintaining, by a centralized state engine running on a computing device and associated with the distributed security environment, state information in a state database for each of a plurality of end-to-end packet flows” (see pp. [0290-0291], [0294]; e.g., the reference of Robertson serves as an enhancement to the teachings of Kapoor by providing for the decoupling of data from the services and applications that historically owned the data, thereby decoupling shared enterprise data from specific applications and opening up the data layer to across-the-enterprise access.  Applicant’s “centralized state engine” is equivalent in function to the “DataBus” of Robertson, as the DataBus provides a mechanism for separating applications and data resources within a distributed environment.  Paragraph [0091] teaches of utilizing a “federated architecture” in which interconnected servers/hubs processing information on one or more of a plurality of applications produce and consume data, while paragraph [0123] teaches of utilizing security servers with security applications and rules servers with a rules engine installed, equivalent in function to Applicant’s “distributed security environment” and paragraph [0252] states the use of “multicast packets” for allowing service provider processes and consumer processes to spontaneously discover servers within a multicast radius).
The combined references of Kapoor and Robertson are considered analogous art for being within the same field of endeavor, which is computer security and protection and access to data resources.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have combined the decoupling of state data from one or more data resources within a distributed environment, as taught by Robertson, with the method of Kapoor in order to satisfy a need for a system which supports the ubiquity of data access, subject to security constraints across a large enterprise, wherein data may be highly distributed and partitioned. (Robertson: [0021])
Kapoor and Robertson do not appear to explicitly recite the limitations of, “wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment and which operate at different times as state producers or state consumers”, “wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices” and “wherein the first or second packet processing device determines no further scanning is necessary responsive to the security state information indicative of a completed IPS scan”.
The reference of Manghirmalani recites the limitations of, “wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment and which operate at different times as state producers or state consumers” (see Fig. 1; see pp. [0071], [0087], [0092], [0108]; e.g., the reference of Manghirmalani serves an enhancement to the combined teachings of Kapoor and Robertson, and provides teachings which incorporate the utilization of an “Intrusion Protection System (IPS)” having an “Intrusion Detection System” within virtualized/non-virtualized environments involving the communication of flows of packets of “SERMON data” by a plurality of “SERMON Clients” and “SERMON Servers”.  One or more of a plurality of components, such as a “PDM State Manager”, is used for the storage of SERMON data, and as stated within the cited paragraph [0071], is responsible for managing all of the states for metrics that are periodically collected from an identified entity within the hosted service environment.  Paragraph [0108] teaches of utilizing an “intrusion prevention system (IPS)”, an “intrusion detection system (IDS)” and/or firewalls, which are modeled from input-output packet/byte counters and CPU load.  In relation to those teachings, and found within earlier text of paragraph [0087], Manghirmalani describes the improvement of performance and security of networks by applying one or more of a plurality of services instantiated by a plurality of perimeter switches and inner switches, and controlled by at least a “logically centralized controller” that facilitates unidirectional “service paths” specified for upstream and downstream traffic, which is funneled through forms of network performance monitoring {i.e. pp. [0154]} such as at least “Virus Scan”, “Deep Packet Inspection (DPI)” and “Content Cache”,  before entering the Internet. As stated within rationale provided above, “SERMON Clients” and “SERMON Servers” are involved in the communication of flows of packets within virtualized/non-virtualized environments.  A controller application providing the distribution of flows to different instances of DPI utilizes at least CPU data and packet data such as packet rate statistics, inspecting each and every packet beyond the TCP headers scanning for recognizable content to apply rules, as discussed within paragraph [0092], and further reading on Applicant’s teaching of “security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning...”), 
“wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices” (see Fig. 1; see pp. [0016-0018], [0091-0092]; e.g., the cited paragraphs [0016-0018] of Manghirmalani provide the functionality of at least the PDM state manager, which receives a communicated request having at least a list of switches to be passed from one or more applications requesting information through a “performance database manager (PDM)”, and flagging an application identifier and storing SERMON data within an “AppDB” after determining whether this is the first encounter of the request. At least Figure 1 illustrates the use of a plurality of SERMON clients and SERMON servers {i.e. considered equivalent to Applicant’s “at least two packet processing devices of the plurality of packet processing devices”} being utilized for the request and retrieval of data, such as request for snapshot data.  Paragraph [0071] teaches that the “PDM State Manager”, is used for the storage of SERMON data, and is responsible for managing all of the states for metrics that are periodically collected from an identified entity within the hosted service environment.  Additionally, paragraphs [0091-0092] discuss the hierarchical relationships of retrieved performance data apparently from SERMON Clients/Servers  having a plurality of identifiers and metrics, such as “socket statistics (sockstat)”, which includes protocol and status (state information), utilized for further analysis by at least different instances of Deep Packet Inspection (DPI)) and 
“wherein the first or second packet processing device determines no further scanning is necessary responsive to the security state information indicative of a completed IPS scan” (see pp. [0087]; e.g., paragraph [0087], Manghirmalani describes the improvement of performance and security of networks by applying one or more of a plurality of services instantiated by a plurality of perimeter switches and inner switches, and controlled by at least a “logically centralized controller” that facilitates unidirectional “service paths” specified for upstream and downstream traffic, which is funneled through forms of network performance monitoring {i.e. pp. [0154]} such as at least “Virus Scan”, “Deep Packet Inspection (DPI)” and “Content Cache”,  before entering the Internet, thus, indicating that certain security processes must a be completed, such as a “Virus Scan” and “Deep Packet Inspection (DPI)”, before reaching the Internet).
The combined references of Kapoor, Robertson and Manghirmalani are considered analogous art for being within the same field of endeavor, which is computer security and protection and access to data resources for a network packet processing apparatus using fault recovery mechanisms.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have incorporated an Intrusion Protection System for the for packet security scanning of packets within a communicated flow of packets over a network, as taught by Manghirmalani, with the methods of and Robertson Kapoor, because what is needed is a framework for exporting application configuration and performance information for performance monitoring in virtualized and non-virtualized environments. (Manghirmalani: [0009])

As for Claim 8, Kapoor teaches, the state information for the plurality of packets comprises any or a combination of session state information, network security device related state information, flow state information, 5-tuple state information, and security control based state information (see pp. [0123-0125]; e.g., the reference of Kapoor teaches of embodying a stateful process that, “examines the headers, payloads, or both in the context of a network state.  This state may relate to a session or connection that is associated with a particular protocol or application in use over the network.  In an example and without limitation, this state may relate to a TCP/IP connection”, reading on Applicant’s claimed limitation of utilizing “network security device related state information”). 
As for Claim 9, Kapoor teaches, the first packet processing device comprises any or a combination of a network security device, an application device, a host device, a virtualization host, a packet-forwarding device, or a packet-processing module configured therein (see pp. [0139], [0483]; e.g., utilizing network security virtualization for at least a plurality of server devices). 
As for Claim 11, Kapoor teaches, the method further comprises pushing to the first packet processing device the state information associated with the packet responsive to receipt by the centralized state engine of an update to the state information associated with the packet (see pp. [0489-0490]; e.g., the reference of Kapoor teaches of each security aspect of network security deployment facilitating pushing policies and updates to various components separately without impacting others).



Claims 18-27 are rejected under 35 U.S.C. 103 as being unpatentable over Robertson et al (USPG Pub No. 20020188538A1; Robertson hereinafter) in view of Manghirmalani et al (USPG Pub No. 20140337509A1; Manghirmalani hereinafter) further in view of Wadkins et al (USPG Pub No. 20140181267A1; Wadkins hereinafter). 
As for Claim 18, Robertson teaches, A method comprising:
“facilitating decoupling of state storage from packet processing by maintaining in a database, by a cloud-based state engine running on a computing device and associated with a distributed security environment, state information for each of a plurality of end-to-end packet flows” (see pp. [0290-0291], [0294]; e.g., the reference of Robertson provides for the decoupling of data from the services and applications that historically owned the data, thereby decoupling shared enterprise data from specific applications and opening up the data layer to across-the-enterprise access.  Applicant’s “centralized state engine” is equivalent in function to the “DataBus” of Robertson, as the DataBus provides a mechanism for separating applications and data resources within a distributed environment.  Paragraph [0091] teaches of utilizing a “federated architecture” in which interconnected servers/hubs processing information on one or more of a plurality of applications produce and consume data, while paragraph [0123] teaches of utilizing security servers with security applications and rules servers with a rules engine installed, equivalent in function to Applicant’s “distributed security environment” and paragraph [0252] states the use of “multicast packets” for allowing service provider processes and consumer processes to spontaneously discover servers within a multicast radius), 
The reference of Robertson does not appear to explicitly recite the limitations of, “wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment, which operate at different times as state producers or state consumers”, “wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices”, “wherein the first or second packet processing device determines no further scanning is necessary responsive to the security state information indicative of a completed IPS scan”, “receiving from a first packet processing device of the plurality of packet processing devices, by the cloud-based state engine, an update pertaining to state information for a particular end-to-end packet flow of the plurality of end-to-end packet flows”, “responsive to receipt of the update: modifying, by the cloud-based state engine, the database to reflect the update” and “pushing, by the cloud-based state engine, the update to a second packet processing device of the plurality of packet processing devices”.
Manghirmalani recites the limitations of, 
“wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment, which operate at different times as state producers or state consumers” (see Fig. 1; see pp. [0071], [0087], [0092], [0108]; e.g., the reference of Manghirmalani serves an enhancement to the combined teachings of Kapoor and Robertson, and provides teachings which incorporate the utilization of an “Intrusion Protection System (IPS)” having an “Intrusion Detection System” within virtualized/non-virtualized environments involving the communication of flows of packets of “SERMON data” by a plurality of “SERMON Clients” and “SERMON Servers”.  One or more of a plurality of components, such as a “PDM State Manager”, is used for the storage of SERMON data, and as stated within the cited paragraph [0071], is responsible for managing all of the states for metrics that are periodically collected from an identified entity within the hosted service environment.  Paragraph [0108] teaches of utilizing an “intrusion prevention system (IPS)”, an “intrusion detection system (IDS)” and/or firewalls, which are modeled from input-output packet/byte counters and CPU load.  In relation to those teachings, and found within earlier text of paragraph [0087], Manghirmalani describes the improvement of performance and security of networks by applying one or more of a plurality of services instantiated by a plurality of perimeter switches and inner switches, and controlled by at least a “logically centralized controller” that facilitates unidirectional “service paths” specified for upstream and downstream traffic, which is funneled through forms of network performance monitoring {i.e. pp. [0154]} such as at least “Virus Scan”, “Deep Packet Inspection (DPI)” and “Content Cache”,  before entering the Internet. As stated within rationale provided above, “SERMON Clients” and “SERMON Servers” are involved in the communication of flows of packets within virtualized/non-virtualized environments.  A controller application providing the distribution of flows to different instances of DPI utilizes at least CPU data and packet data such as packet rate statistics, inspecting each and every packet beyond the TCP headers scanning for recognizable content to apply rules, as discussed within paragraph [0092], and further reading on Applicant’s teaching of “security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning...”), 
“wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices” (see Fig. 1; see pp. [0016-0018], [0091-0092]; e.g., the cited paragraphs [0016-0018] of Manghirmalani provide the functionality of at least the PDM state manager, which receives a communicated request having at least a list of switches to be passed from one or more applications requesting information through a “performance database manager (PDM)”, and flagging an application identifier and storing SERMON data within an “AppDB” after determining whether this is the first encounter of the request. At least Figure 1 illustrates the use of a plurality of SERMON clients and SERMON servers {i.e. considered equivalent to Applicant’s “at least two packet processing devices of the plurality of packet processing devices”} being utilized for the request and retrieval of data, such as request for snapshot data.  Paragraph [0071] teaches that the “PDM State Manager”, is used for the storage of SERMON data, and is responsible for managing all of the states for metrics that are periodically collected from an identified entity within the hosted service environment.  Additionally, paragraphs [0091-0092] discuss the hierarchical relationships of retrieved performance data apparently from SERMON Clients/Servers  having a plurality of identifiers and metrics, such as “socket statistics (sockstat)”, which includes protocol and status (state information), utilized for further analysis by at least different instances of Deep Packet Inspection (DPI)); and
“wherein the first or second packet processing device determines no further scanning is necessary responsive to the security state information indicative of a completed IPS scan” (see pp. [0087]; e.g., paragraph [0087], Manghirmalani describes the improvement of performance and security of networks by applying one or more of a plurality of services instantiated by a plurality of perimeter switches and inner switches, and controlled by at least a “logically centralized controller” that facilitates unidirectional “service paths” specified for upstream and downstream traffic, which is funneled through forms of network performance monitoring {i.e. pp. [0154]} such as at least “Virus Scan”, “Deep Packet Inspection (DPI)” and “Content Cache”,  before entering the Internet, thus, indicating that certain security processes must a be completed, such as a “Virus Scan” and “Deep Packet Inspection (DPI)”, before reaching the Internet).  
The combined references of Robertson and Manghirmalani are considered analogous art for being within the same field of endeavor, which is computer security and protection and access to data resources for a network packet processing apparatus using fault recovery mechanisms.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have incorporated an Intrusion Protection System for the for packet security scanning of packets within a communicated flow of packets over a network, as taught by Manghirmalani, with the method of Robertson, because what is needed is a framework for exporting application configuration and performance information for performance monitoring in virtualized and non-virtualized environments. (Manghirmalani: [0009])
The references of Robertson and Manghirmalani do not appear to recite the limitations of, “receiving from a first packet processing device of the plurality of packet processing devices, by the cloud-based state engine, an update pertaining to state information for a particular end-to-end packet flow of the plurality of end-to-end packet flows”, “responsive to receipt of the update: modifying, by the cloud-based state engine, the database to reflect the update” and “pushing, by the cloud-based state engine, the update to a second packet processing device of the plurality of packet processing devices”.
The reference of Wadkins teaches, “receiving from a first packet processing device of the plurality of packet processing devices, by the cloud-based state engine, an update pertaining to state information for a particular end-to-end packet flow of the plurality of end-to-end packet flows” (see pp. [0046-0055]; e.g., the reference of Wadkins serves as an enhancement to the teachings of Robertson and Manghirmalani, and teaches of determining that rules/ruleset necessary for modifying/updating components, such as received and classified messages having components {“INVITE” and session description protocol “SDP”}, for example, are not contained within a flow table, and requesting from a virtual environment an updated flow table where the necessary rules/changes to the rules tables are computed by a rules engine.  This process is considered equivalent in function to Applicant’s claimed limitation by determining that the current information needed an update in order to execute a particular function.  Flow rule sets, which represent the state of a given flow at a point in time, can be cached in the physical CPE device or requested from a virtual CPE);
“responsive to receipt of the update: modifying, by the cloud-based state engine, the database to reflect the update” (see pp. [0051], [0057]; e.g., the reference of Wadkins teaches of utilizing the rules engine to compute the necessary rules/changes to the rules tables once it is determined that the necessary rules are not within an existing flow table and after receiving a request to the virtual environment.  The teachings provide for the performance of an inherent firewall function by blocking packet flows that are not in correspondence with flow tables and a central rules engine, whereas the firewall process is equivalent to a security scanning process); and
“pushing, by the cloud-based state engine, the update to a second packet processing device of the plurality of packet processing devices” (see pp. [0054-0057]; e.g., within the reference of Wadkins cited paragraph [0055], it states, “In a deployment with millions of CPE devices, each CPE device can be treated as a virtual CPE instance that is modeled as state and, as a result, policies can be applied to each of the virtual instances separate from any other instance”, meaning that the updates/modifications made are reflected using centralized logic to update flow tables that control and manipulate packet flows within the one or more CPE devices.  An example of this process is provided within the cited paragraph [0056]).
The combined references of Robertson, Manghirmalani and Wadkins are considered analogous art for being within the same field of endeavor, which is control of computer equipment.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have combined packet flow concerning current state information and network security devices, as taught by Wadkins, with the methods of Manghirmalani and Robertson because it becomes cost prohibitive for many organizations to maintain a gateway computer with sufficient processing power and storage capacity to fully satisfy network traffic demands. (Wadkins; [0005])

As for Claim 19, Robertson teaches, wherein the end-to-end packet flow comprises a session (see pp. [0239-0240]; e.g., the reference of Robertson teaches of a client opening a session with a service, reading on Applicant’s claimed limitation).

As for Claim 20, Robertson teaches the managing the communication of state information over a network between producers and consumers within a network security environment, and Manghirmalani provides teachings which incorporate the utilization of an “Intrusion Protection System (IPS)” having an “Intrusion Detection System” within virtualized/non-virtualized environments.
Robertson and Manghirmalani do not appear to explicitly recite the limitation, “wherein the plurality of packet processing devices comprise network security devices associated with a private network”.
Wadkins teaches, “wherein the plurality of packet processing devices comprise network security devices associated with a private network” (see pp. [0019]; e.g., the reference of Wadkins teaches of allowing network access using a plurality of configurable computing resources within an infrastructure such as a “private cloud”, considered equivalent to Applicant’s teaching of a private network).
The combined references of Robertson, Manghirmalani and Wadkins are considered analogous art for being within the same field of endeavor, which is control of computer equipment.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have combined packet flow concerning current state information and network security devices, as taught by Wadkins, with the methods of Manghirmalani and Robertson because it becomes cost prohibitive for many organizations to maintain a gateway computer with sufficient processing power and storage capacity to fully satisfy network traffic demands. (Wadkins; [0005])

As for Claim 21, Robertson teaches the managing the communication of state information over a network between producers and consumers within a network security environment, and Manghirmalani provides teachings which incorporate the utilization of an “Intrusion Protection System (IPS)” having an “Intrusion Detection System” within virtualized/non-virtualized environments.
Robertson and Manghirmalani do not appear to explicitly recite the limitation, “wherein the first packet processing device comprises an Intrusion Detection System (IDS) and wherein the second packet processing device comprises a unified threat management (UTM) appliance”
Wadkins teaches, “wherein the first packet processing device comprises an Intrusion Detection System (IDS) and wherein the second packet processing device comprises a unified threat management (UTM) appliance” (see pp. [0125]; e.g., the reference of Wadkins teaches of utilizing an Intrusion Prevention System (IPS) for monitoring packet flows by examining/scanning packets from clients, such as Universal threat management/UTM devices, before being sent to a server for the detection of threats.
The combined references of Robertson, Manghirmalani and Wadkins are considered analogous art for being within the same field of endeavor, which is control of computer equipment.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have combined packet flow concerning current state information and network security devices, as taught by Wadkins, with the methods of Manghirmalani and Robertson to improve processing efficiency. (Wadkins; [0122])

As for Claim 22, Robertson teaches the managing the communication of state information over a network between producers and consumers within a network security environment, and Manghirmalani provides teachings which incorporate the utilization of an “Intrusion Protection System (IPS)” having an “Intrusion Detection System” within virtualized/non-virtualized environments.
Robertson and Manghirmalani do not appear to explicitly recite the limitation, “wherein the update includes information indicative of one or more of a state of an application associated with the session, a state of antivirus scanning of the session, and a state of intrusion prevention scanning for the session”.
Wadkins teaches, “wherein the update includes information indicative of one or more of a state of an application associated with the session, a state of antivirus scanning of the session, and a state of intrusion prevention scanning for the session” (see pp. [0125]; e.g., the reference of Wadkins teaches of utilizing an Intrusion Prevention System (IPS) for monitoring packet flows by examining/scanning packets from clients, such as Universal threat management/UTM devices, before being sent to a server for the detection of threats. Paragraphs [0033-0034] teach that state {information} of each physical “Customer Premises equipment/CPE” of a network is stored and run against one or more of a plurality of services, such as router, firewall, etc., where the state can then be modified).
The combined references of Robertson, Manghirmalani and Wadkins are considered analogous art for being within the same field of endeavor, which is control of computer equipment.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have combined packet flow concerning current state information and network security devices, as taught by Wadkins, with the methods of Manghirmalani and Robertson to improve processing efficiency. (Wadkins; [0122])

As for Claim 23, Robertson teaches, A system comprising:
a processing resource (see Fig. 16; see pp. [0098]; e.g., the reference of Robertson teaches of the utilization of clients and servers within a Databus data management architecture); and
a non-transitory computer-readable medium, coupled to the processing resource, (see pp. [0175]; e.g., the reference teaches of utilizing components such as Jiro/Jini enabled disks for file storage, for example. Paragraph [0354] teaches of caching data within a volatile memory) having stored therein instructions that when executed by the processing resource cause the processing resource to:
facilitate decoupling of state storage from packet processing by maintaining in a database associated with a distributed security environment, state information for each of a plurality of end-to-end packet flows as reported by a plurality of packet processing devices participating in the distributed security environment, which operate at different times as state producers or state consumers, wherein the state information for a particular end-to-end packet flow of the plurality of end-to-end packet flows influences how a packet associated with the a particular end-to-end packet flow is processed by the plurality of packet processing devices (see pp. [0091], [0123], [0252]; e.g., text within paragraph [0091] teaches of utilizing a “federated architecture” in which interconnected servers/hubs processing information on one or more of a plurality of applications produce and consume data, while paragraph [0123] teaches of utilizing security servers with security applications and rules servers with a rules engine installed, equivalent in function to Applicant’s “distributed security environment” and paragraph [0252] states the use of “multicast packets” for allowing service provider processes and consumer processes to spontaneously discover servers within a multicast radius.  As stated at least within paragraphs [0290-0291] & [0294], Robertson provides for the decoupling of data from the services and applications that historically owned the data, thereby decoupling shared enterprise data from specific applications and opening up the data layer to across-the-enterprise access.  Applicant’s “centralized state engine” is equivalent in function to the “DataBus” of Robertson, as the DataBus provides a mechanism for separating applications and data resources within a distributed environment.  A clean separation is made between applications {i.e., dynamic elements} and data resources or persistent business objects {i.e., somewhat static, passive elements} that are accessed by those applications). 
The reference of Robertson does not appear to explicitly recite the limitations of, “wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment, which operate at different times as state producers or state consumers”, “wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices”, “wherein the first or second packet processing device determines no further scanning is necessary responsive to the security state information indicative of a completed IPS scan”, “receive from a first packet processing device of the plurality of packet processing devices an update pertaining to state information for a particular end-to-end packet flow of the plurality of end-to-end packet flows”, “responsive to receipt of the update: modifying the database to reflect the update” and “pushing the update to a second packet processing device of the plurality of packet processing devices”.
Manghirmalani recites the limitations of, 
“wherein the state information further comprises security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning as reported by a plurality of packet processing devices participating in the distributed security environment, which operate at different times as state producers or state consumers” (see Fig. 1; see pp. [0071], [0087], [0092], [0108]; e.g., the reference of Manghirmalani serves an enhancement to the combined teachings of Kapoor and Robertson, and provides teachings which incorporate the utilization of an “Intrusion Protection System (IPS)” having an “Intrusion Detection System” within virtualized/non-virtualized environments involving the communication of flows of packets of “SERMON data” by a plurality of “SERMON Clients” and “SERMON Servers”.  One or more of a plurality of components, such as a “PDM State Manager”, is used for the storage of SERMON data, and as stated within the cited paragraph [0071], is responsible for managing all of the states for metrics that are periodically collected from an identified entity within the hosted service environment.  Paragraph [0108] teaches of utilizing an “intrusion prevention system (IPS)”, an “intrusion detection system (IDS)” and/or firewalls, which are modeled from input-output packet/byte counters and CPU load.  In relation to those teachings, and found within earlier text of paragraph [0087], Manghirmalani describes the improvement of performance and security of networks by applying one or more of a plurality of services instantiated by a plurality of perimeter switches and inner switches, and controlled by at least a “logically centralized controller” that facilitates unidirectional “service paths” specified for upstream and downstream traffic, which is funneled through forms of network performance monitoring {i.e. pp. [0154]} such as at least “Virus Scan”, “Deep Packet Inspection (DPI)” and “Content Cache”,  before entering the Internet. As stated within rationale provided above, “SERMON Clients” and “SERMON Servers” are involved in the communication of flows of packets within virtualized/non-virtualized environments.  A controller application providing the distribution of flows to different instances of DPI utilizes at least CPU data and packet data such as packet rate statistics, inspecting each and every packet beyond the TCP headers scanning for recognizable content to apply rules, as discussed within paragraph [0092], and further reading on Applicant’s teaching of “security state information from an IPS (Intrusion Prevention System) representing progress of packet security scanning...”), 
“wherein the state information associated with the packet is created responsive to receiving the state information associated with the packet from at least two packet processing devices of the plurality of packet processing devices” (see Fig. 1; see pp. [0016-0018], [0091-0092]; e.g., the cited paragraphs [0016-0018] of Manghirmalani provide the functionality of at least the PDM state manager, which receives a communicated request having at least a list of switches to be passed from one or more applications requesting information through a “performance database manager (PDM)”, and flagging an application identifier and storing SERMON data within an “AppDB” after determining whether this is the first encounter of the request. At least Figure 1 illustrates the use of a plurality of SERMON clients and SERMON servers {i.e. considered equivalent to Applicant’s “at least two packet processing devices of the plurality of packet processing devices”} being utilized for the request and retrieval of data, such as request for snapshot data.  Paragraph [0071] teaches that the “PDM State Manager”, is used for the storage of SERMON data, and is responsible for managing all of the states for metrics that are periodically collected from an identified entity within the hosted service environment.  Additionally, paragraphs [0091-0092] discuss the hierarchical relationships of retrieved performance data apparently from SERMON Clients/Servers  having a plurality of identifiers and metrics, such as “socket statistics (sockstat)”, which includes protocol and status (state information), utilized for further analysis by at least different instances of Deep Packet Inspection (DPI)); and
“wherein the first or second packet processing device determines no further scanning is necessary responsive to the security state information indicative of a completed IPS scan” (see pp. [0087]; e.g., paragraph [0087], Manghirmalani describes the improvement of performance and security of networks by applying one or more of a plurality of services instantiated by a plurality of perimeter switches and inner switches, and controlled by at least a “logically centralized controller” that facilitates unidirectional “service paths” specified for upstream and downstream traffic, which is funneled through forms of network performance monitoring {i.e. pp. [0154]} such as at least “Virus Scan”, “Deep Packet Inspection (DPI)” and “Content Cache”,  before entering the Internet, thus, indicating that certain security processes must a be completed, such as a “Virus Scan” and “Deep Packet Inspection (DPI)”, before reaching the Internet).  
The combined references of Robertson and Manghirmalani are considered analogous art for being within the same field of endeavor, which is computer security and protection and access to data resources for a network packet processing apparatus using fault recovery mechanisms.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have incorporated an Intrusion Protection System for the for packet security scanning of packets within a communicated flow of packets over a network, as taught by Manghirmalani, with the method of Robertson, because what is needed is a framework for exporting application configuration and performance information for performance monitoring in virtualized and non-virtualized environments. (Manghirmalani: [0009])
The references of Robertson and Manghirmalani do not appear to recite the limitations to, “receive from a first packet processing device of the plurality of packet processing devices an update pertaining to state information for a particular end-to-end packet flow of the plurality of end-to-end packet flows”, “responsive to receipt of the update: modifying the database to reflect the update” and “pushing the update to a second packet processing device of the plurality of packet processing devices”.
The reference of Wadkins teaches, “receive from a first packet processing device of the plurality of packet processing devices an update pertaining to state information for a particular end-to-end packet flow of the plurality of end-to-end packet flows” (see pp. [0046-0055]; e.g., the reference of Wadkins serves as an enhancement to the teachings of Robertson and Manghirmalani, and teaches of determining that rules/ruleset necessary for modifying/updating components, such as received and classified messages having components {“INVITE” and session description protocol “SDP”}, for example, are not contained within a flow table, and requesting from a virtual environment an updated flow table where the necessary rules/changes to the rules tables are computed by a rules engine.  This process is considered equivalent in function to Applicant’s claimed limitation by determining that the current information needed an update in order to execute a particular function.  Flow rule sets, which represent the state of a given flow at a point in time, can be cached in the physical CPE device or requested from a virtual CPE);
“responsive to receipt of the update: modifying the database to reflect the update” (see pp. [0051], [0057]; e.g., the reference of Wadkins teaches of utilizing the rules engine to compute the necessary rules/changes to the rules tables once it is determined that the necessary rules are not within an existing flow table and after receiving a request to the virtual environment.  The teachings provide for the performance of an inherent firewall function by blocking packet flows that are not in correspondence with flow tables and a central rules engine, whereas the firewall process is equivalent to a security scanning process); and
“pushing the update to a second packet processing device of the plurality of packet processing devices” (see pp. [0054-0057]; e.g., within the reference of Wadkins cited paragraph [0055], it states, “In a deployment with millions of CPE devices, each CPE device can be treated as a virtual CPE instance that is modeled as state and, as a result, policies can be applied to each of the virtual instances separate from any other instance”, meaning that the updates/modifications made are reflected using centralized logic to update flow tables that control and manipulate packet flows within the one or more CPE devices.  An example of this process is provided within the cited paragraph [0056]).
The combined references of Robertson, Manghirmalani and Wadkins are considered analogous art for being within the same field of endeavor, which is control of computer equipment.  Therefore, it would have been obvious to one of ordinary skill in the art by the effective filing date of the claimed invention to have combined packet flow concerning current state information and network security devices, as taught by Wadkins, with the methods of Manghirmalani and Robertson because it becomes cost prohibitive for many organizations to maintain a gateway computer with sufficient processing power and storage capacity to fully satisfy network traffic demands. (Wadkins; [0005])
Claims 24-27 amount to a system comprising instructions that, when executed by one or more processors, performs the method of Claims 19-22, respectively. Accordingly, Claims 24-27 are rejected for substantially the same reasons as presented above for Claims 19-22 and based on the references’ disclosure of the necessary supporting hardware and software (Robertson; see pp. [0017-0020]; e.g., method for implementation integrating hardware and software components).


Response to Arguments
Applicant's arguments and amendments, with respect to the rejection(s) of Claims 1-3, 5-9, 11 & 13-27 have been fully considered and are persuasive in-part, as the Kim et al and Narayanaswamy et al references have been withdrawn from consideration, rendering Applicant’s arguments concerning those references moot.  The Kapoor, Robertson, and Wadkins references have been maintained, with updated rationale provided within this communication above.
Upon further consideration and in direct response to Applicant’s arguments and claim amendments, a new ground(s) of rejection for Claims 1-3, 5-9, 11 & 18-27 is made in view of Manghirmalani et al (USPG Pub No. 20140337509A1). 


Conclusion
The prior art made of reference and not relied upon is considered pertinent to Applicant’s disclosure.
**H R et al (US Patent No. 11,165,750B1) teaches a flexible services-based pipeline for firewall filter processing.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RAHEEM HOFFLER whose telephone number is (571)270-1036. The examiner can normally be reached Monday-Friday: 10:00am-2:00pm; 6pm-10:00pm w/ flex.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tamara Kyle can be reached on 5712724241. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/TAMARA T KYLE/Supervisory Patent Examiner, Art Unit 2156                                                                                                                                                                                                        
/RAHEEM HOFFLER/
Examiner
Art Unit 2156

								4/9/2022