PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 15/915,096
Filing Date: 8 Mar 2018
Appellant(s): NICIRA, INC.



__________________
Gene Su
Registration No. 45,140
For Appellant


EXAMINER’S ANSWER




This is in response to the appeal brief filed February 15, 2022
.
(1) Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 08/30/2021 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”
The following ground(s) of rejection are applicable to the appealed claims.
Claims 1, 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Adams et al. (US Pat. 8,693,344 81 filed 09/27/2011 in view of Manuja et al. (US Pat. 7,764,612 81 filed 06/16/2005).
Claims 22-24 are rejected under 35 U.S.C. 103 as being unpatentable over Adams in view of Manuja in further view of Lu (US Pub. 2007/0083924 A1 filed 10/08/2005).
WITHDRAWN REJECTIONS
The following grounds of rejection are not presented for review on appeal because they have been withdrawn by the examiner.  
Claims 2, 5, 9, 12, 16 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Adams in view of Manuja in further view of Li et al. (US Pat. 9,571,382 82 filed 02/09/2015).
Claims 3, 6, 10, 13, 17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Adams in view of Manuja in view of Li in further view of Jiang et al. (US Pat. 8,856,384 82 filed 10/14/2011).
Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Adams in view of Manuja in in view of Li in view of Jiang in further view of Saunderson et al. (US Pat. 7,596,614 82 filed 07/29/2005).
Claims 7, 14 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Adams in view of Manuja in view of McCaig et al. (US Pub. 2018/0262533 A1 provisional application 62/470,818 filed 03/13/2017) in further view of Pani (US Pat. 8,789,135 81 filed 06/15/2012).
(2) Response to Argument
Examiner response strictly follows the definition provided by Appellant: : “The "whitelist" set only includes flow entries that each allow communication over an allowed forwarding path. This way, it is not necessary to configure any flow entries that specifies a block (or drop) action to explicitly block communication over a forbidden forwarding path. Absence of any matching flow entry in the whitelist set automatically causes a flow-based forwarding element to block communication over the forbidden forwarding path. Unlike conventional firewall rules, the whitelist set is a non-hierarchical set that does not need any complex order of precedence, or priority levels. Each flow entry in the whitelist set may be considered as a pinhole that allows a flow of packets to pass through (e.g., the packets are forwarded over the allowed forwarding path to the destination). See, e.g., paragraph [0035] of the present application.” (Appeal Brief, page 5).
Limitations of independent claims 1, 8 and 15 were rejected under 35 U.S.C. 103 as being unpatentable over Adams in view of Manuja. Adams disclosed “packet forwarding decision engine may be used to assist packet forwarding system 14 to make decisions about how to forward network packets”, which reads on the limitation “identifying an allowed forwarding path between the destination and the first workload”. As was stated by Examiner, Adams does not teach whitelist (Final Office Action, page 6).  Manuja however teaches “whitelist”. It should be noted that Appellant definition of “whitelist” corresponds to the ordinary and customary meanings given to the term “whitelist” by those of ordinary skill in the art, and Examiner has no objections to it.
Therefore whitelist of Manuja by definition teaches:
1 only includes flow entries that each allow communication over an allowed forwarding path;
2 the whitelist set is a non-hierarchical set;
3 the packets are forwarded over the allowed forwarding path to the destination.
Those are the same as enumerated 3 features by Appellant (Appeal Brief, page 13):
From the foregoing language, claim 1 explicitly recites/requires at least three
features with respect to the first flow entry in the whitelist set of flow entries:
(i) the first flow entry specifies "a first action to allow communication over the
allowed forwarding path",
(ii) the first action specified by the first flow entry is "perform[ed] ... to forward the
first packet to the destination", and
(iii) the first flow entry is "non-hierarchical." These recitations/features will be
referred to and identified hereinafter as recitations/features "(i)", "(ii)", and "(iii)".

 “two levels” argument – Appellant argues that Manuja's ACL 520 provides two levels of protection for the slow path 250: allowing access to the slow path, and after access to the slow path is allowed, assigning the trusted path 290A or the untrusted path 290B based on whether the endpoint is trusted/untrusted. Thus, the configuration/configuring of the ACL 520 needs to specify whether an endpoint is trusted or untrusted (Appeal Brief, page 16).
Response:  Although “The example embodiment of FIG. 5 uses two levels of protection.” (Manuja, Column 6, lines 19-20). In the same paragraph Manuja teaches that “A particular embodiment may utilize any one of the protection levels, or any combination of the protection levels.” (Manuja, Column 6, lines 17-19). And further: “In another embodiment, a single ACL whitelist contains endpoints that are permitted access to the slow path 250, and  all other packets are denied.” (Manuja, Column 6, lines 33-35)
“prior to packet detection” argument – Appellant argues that since neither Adams nor Manuja teach or suggest the recitation of "the flow entries included in the whitelist set. .. are configured based on the set of security policies prior to packet detection" (emphasis ours), claim 1 is further allowable. (Appeal Brief, page 17).
Response:  Appellant’s argument based on a different embodiment of Manuja with 2 levels as shown above. First of all primary reference of Adams, although does not teach explicitly whitelist, teaches “prior to packet detection” as “Controller server 18 may convert virtual flow mods to packet forwarding rules based on network switch capabilities. For example, flow table entries that directly match a given network packet ( e.g., such as in FIG. 18) may be provided to network switches when controller server 18 identifies that the network switches are not capable of prioritizing flow table entries ( e.g., when every flow table entry is assigned the maximum priority or when priorities cannot be assigned to the flow table entries).” (Adams, Column 20, lines 16-22). Manuja, also teaches “In FIG. 4, authorized subscriber endpoints 410A, 410C and 410D have not yet been promoted, so are untrusted. Endpoint 410B (an authorized subscriber) establishes a dialog with the application server 175 (FIG. 1) prior to placing or receiving a call.” And as was provided in Final Office Action (pages 8-9): “Before routing a packet onto one of the two sub-paths, the traffic manager 240 determines if placing the packet on the sub-path would violate the policy associated with that subpath.”
“virtue of their respective dependencies” argument – Appellant argues that dependent claims 2 - 7, 9 - 14, and 16 - 24 should be reversed and these claims should be allowed.
Response: Appellant did not provide any specific separate arguments in regards to rejection of claims 22, 23, and 24. Examiner maintains rejections of parent claims 1, 8, and 15 and therefore claims 23, 24, and 24 are stand rejected as was provided in Final Office action (08/30/2021, pages 22-23).
 For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,
/OLEG KORSAK/Primary Examiner, Art Unit 2492                                                                                                                                                                                                        
Conferees:
/MICHAEL W CHAO/Primary Examiner, Art Unit 2492    

                                                                                                                                                                                                    /SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492                                                                                                                                                                                                        

Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.