DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The claims 1-23 are pending.

Response to Arguments
Applicant's arguments filed on 02/14/2022 have been fully considered but they are not persuasive. 
A. 	Applicant argue that the cited prior art do not disclose determining a policy for the host name, which is associated with the host name and the reputation data associated with the host name.
In reply, the examiner respectfully disagrees.

However, Song discloses parsing network traffic to determine reputation of the domain name, Song further disclose applying policies based on parsed network traffic/data received from inspection module 108 (paragraph 0054-0057). Accordingly, the applied policies are based on the determined reputation data). Therefore, the cited prior art discloses the argued limitations).

B. 	Applicant argue that the cited prior art does not disclose wherein the determined action for the network flows is selected from the group comprising: sending the network flows through a VPN tunnel to a server; sending the network flows out a local proxy on the client to a private or public network; and blocking the network flows. Specifically, applicant argue that 
In reply, the examiner respectfully disagrees.

Examiner notes that the claims require the action to be selected from a group of actions. Therefore, one determined action is selected from the group/list of actions.
Song discloses performing appropriate security actions including transmitting the network traffic through a secure tunnel connection such as VPN tunnel); proxy socket 516 allowing access to the domain of the domain name; and blocking transmission of the network traffic) (paragraph 0015; 0032; 0033; 0072; Fig. 5). Accordingly, one security action is selected based on dynamic policies.  


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 9-11, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Song et al (US Publication No. 2019/0372937 A1) in view of Huang (US Publication No. 2010/0057895 A1), and further in view of Rahman et al (US Publication No. 2010/0188976 A1).
With respect to claim 1, Song teaches a mobile management method (paragraph 0103) comprising: receiving from an application on a client a DNS query for a host name (paragraph 0007; 0034; 0067 disclose DNS request for network traffic from network client in computing device); retrieving reputation data associated with the host name from [a local cache] on the client (paragraph 0034; 0054 disclose retrieving locally stored reputation data associated with domain name); determining a policy for the host name, which is associated with the host name and the reputation data associated with the host name (paragraph 0054-0057 disclose applying policies based on parsed network traffic/data received from inspection module 108); and determining based on the determined policy for the host name, an action for network flows to be taken (paragraph 0032; 0033; 0072 disclose performing appropriate security actions based on dynamic policies), wherein the determined action for the network flows is selected from the group (paragraph 0072 disclose performing appropriate security actions) comprising: sending the network flows through a VPN tunnel to a server (paragraph 0015; 0033; 0069; 0072 disclose security action including transmitting the network traffic through a secure tunnel connection such as VPN tunnel); sending the network flows out a local proxy on the client to a private or public network (paragraph 0015; 0069; 0072; Fig. 5 disclose security action including proxy socket 516 allowing access to the domain of the domain name); and blocking the network flows (paragraph 0007; 0015; 0069; 0072 disclose security action including blocking transmission of the network traffic).
Song does not explicitly disclose reputation data associated with the host name from a local cache on the client.
However, Huang teaches reputation data associated with the host name from a local cache on the client (paragraph 0008; 0062 disclose storing reputation information as a record in a cache portion of memory 202) in order to efficiently reduce redundant queries to obtain reputation status (paragraph 0062). Therefore, based on Song in view of Huang, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Huang to the system of Song in order to efficiently reduce redundant queries to obtain reputation status.

With respect to claim 2, Song teaches sending at least network flow metadata to a collector on the client (paragraph 0062-0067; 0072); and transmitting the network flow metadata in the collector to a VPN server pool via the VPN tunnel (paragraph 0062-0067; 0072).

With respect to claim 3, Song teaches wherein, whether the network flows are sent through the VPN tunnel, sent out of the local proxy or blocked, the network flow metadata is sent to the VPN server pool (paragraph 0062-0067; 0072).

With respect to claim 9, Song teaches updating the reputation data for the host name each time a DNS query for the host name is received by the client (paragraph 0062-0067; 0072).

With respect to claim 10, Song teaches wherein the updating of the reputation data for the host name comprises: sending a request through the VPN tunnel to retrieve reputation data for the host name from the server (paragraph 0062-0067; 0072); and receiving the retrieved reputation data for the host name from the server through the VPN tunnel (paragraph 0062-0067; 0072).

With respect to claim 11, Song teaches wherein, when the DNS query for the host name is resolved in the client, based upon policy, the method further comprises: returning the resolved host name to the application (paragraph 0034; 0054; 0062-0067; 0072); receiving a request for forwarding network flow to a remote host for the resolved host name (paragraph 0034; 0054; 0062-0067; 0072); retrieving reputation data associated with the remote host from [a local cache] on the client (paragraph 0034; 0054; 0062-0067; 0072); determining whether a policy associated with the remote host and the reputation data associated with the remote host exists (paragraph 0034; 0054; 0062-0067; 0072); and one of: sending network flows one of: through a VPN tunnel to a server or out a local proxy on the client to a private or public network; or blocking the network flow based on the determined policy for the remote host (paragraph 0034; 0054; 0062-0067; 0072).

With respect to claim 14, Song teaches wherein the client is a mobile client roaming between plural dissimilar networks (Fig. 7; paragraph 0034; 0054; 0062-0067; 0072), and wherein the DNS query is processed while the VPN tunnel is established over a first network and the network flows to the remote host are sent through the VPN tunnel while it is established over a second network dissimilar from the first network (Fig. 7; paragraph 0034; 0054; 0062-0067; 0072).


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 15, 16, and 23 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Song et al (US Publication No. 2019/0372937 A1).
With respect to claim 15, Song teaches a mobile management method (paragraph 0103) comprising: sending at least network flow metadata to a collector on a client (paragraph 0034; 0054; 0062-0067; 0072); transmitting the network flow metadata in the collector to a VPN server pool via the VPN tunnel (paragraph 0034; 0054; 0062-0067; 0072); processing the network flow metadata to find and detect events and conditions within the network (paragraph 0105; 0109); sending the found and detected events and conditions to the client (paragraph 0034; 0054; 0062-0067; 0072); determining whether a policy associated with the found and detected events and conditions exists (paragraph 0034; 0054; 0062-0067; 0072); and changing at least one of network usage or device behaviors based on the determined policy (paragraph 0034; 0054; 0062-0067; 0072).

With respect to claim 16, Song teaches wherein, whether the network flows are sent through the VPN tunnel, sent out of the local proxy or blocked, the network flow metadata is sent to a data gateway on a server (paragraph 0034; 0054; 0062-0067; 0072).

With respect to claim 23, Song teaches a mobile management system comprising:  a VPN server pool (paragraph 0060); and a client device connectable to the VPN server pool via a VPN tunnel (VPN client), wherein the client device comprises a reputation data store (paragraph 0054), a policy rules store and a VPN policy engine coupled to perform a policy lookup based upon a policy rule stored in the policy rules store for host name and reputation data for the host name stored in the reputation data store (paragraph 0034; 0054; 0062-0067; 0072), and wherein, based upon the policy lookup, the VPN policy engine is configured to take action on network flows (paragraph 0032; 0033; 0072 disclose performing appropriate security actions based on dynamic policies), wherein the action taken on the network flows are selected from the group comprising: sending the network flows through a VPN tunnel to a server (paragraph 0015; 0033; 0069; 0072 disclose security action including transmitting the network traffic through a secure tunnel connection such as VPN tunnel), sending the network flows out a local proxy on the client to a private or public network (paragraph 0015; 0069; 0072; Fig. 5 disclose security action including proxy socket 516 allowing access to the domain of the domain name), and blocking the network flow (paragraph 0007; 0015; 0069; 0072 disclose security action including blocking transmission of the network traffic).

Allowable Subject Matter
Claims 4-8, 12, 13, and 17-22 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHEIKH T NDIAYE whose telephone number is (571)270-3914. The examiner can normally be reached Monday-Friday 8:00am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JOON H HWANG can be reached on 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/CHEIKH T NDIAYE/Primary Examiner, Art Unit 2447                                                                                                                                                                                                                                                            

5/21/2022