DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA 
This Office Action is in response to the communication filed on 05/10/2022
Claims 1, 2, 5-12, and 15-20 have been examined and are pending in this application. Claims 1 and 11 are independent.
This Action is made FINAL.
Response to Arguments/Remarks
Claims 1, 2, 5-12, and 15-20 are allowable over PriorArt.
As to the claims 1, 2, 5-12, and 15-20, which remain rejected for double patenting over claims 1-18, U.S. Patent No. 9,819,699. Applicant submitted that Applicant filed a terminal disclaimer (along with a power of attorney and statement of ownership under 37 CFR 3.73(b)) over U.S. Patent No. 9,819,699, and this terminal disclaimer was reviewed and approved on February 8, 2022, by the office. Therefore, the double patenting rejection be withdrawn and the Claims be allowed.
The Examiner reviewed the submitted Terminal Disclaimer, which was filed on 02/07/2022, and discovered that a wrong U.S. Patent No. cited in the form. 
Examiner assumed that the wrong U.S. Patent No. was cited by a clerical error. Therefore, in attempt to accelerate the prosecution process, the Examiner has contacted the Applicant’s representative Mr. Rose, Daniel (Reg. No. 63,214) on 04/13/22 and and left voicemail describing the error on the Terminal Disclaimer, and requesting a Terminal Disclaimer with the correct U.S. Patent No., so that a Notice of Allowance can be issued.  As of 05/24/22, the corrected was not filed, and the Examiner did not receive any phone call from the Applicant. Due to the limited time that the Examiner is required to make a response or consiidertaion, the Examiner proceeded with issuing an Office Action instead of a Notice of Allowance.
Double Patenting
Claims 1, 2, 5-12, and 15-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1-18 of U.S. Patent No. 9,819,699. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the instant application are anticipated by the reference claims.
The independent claims 1 and 11 of the instant application are anticipated by the claims 1, 3, and 4, and claims 10, 12, and 13, of the reference patent, respectively. 
The dependent claims 5 and 15 of the instant application are also anticipated by the claims 1 and 10 of the reference patent, respectively. Also the dependent claims 2, 5-10, 12, and 15-20 of the instant application are anticipated by the dependent claims 2, 5-9 and 11, 14-18 of the reference patent, respectively.
Please see Non-Final Office Action, mailed out on 02/05/2021, for detail and additional information of the rejections.

Allowable Subject Matter
Claims 1, 2, 5-12, and 15-20 are considered allowable over prior art. However, the claims are rejected under double patenting, please see double patenting section for the detail rejection. 
The following is an examiner’s statement of reasons for allowable subject matter consideration: 
The present invention is directed to a method and system for reducing rule set sizes via statistical redistribution throughout a plurality of network security appliances. A rule set may be generated for each security appliance that includes (i) a first set of rules based on known attacks, identified as rules for mandatory inclusion in the rule set; and (ii) a subset of the second set of rules, identified as rules for potential inclusion in the rule set, selected randomly according to a distribution percentage, score, or weight for each potentially included rule. Higher scored rules, which may be more likely vectors for potential attack, may be distributed to a greater number of appliances; while lower scored rules that may be less likely or represent more speculative attacks may be distributed to fewer appliances.
The closest prior art, as previously recited, Perincha (US 2016/0191466) is generally directed to technique for dynamically optimized rule-based security policy management are provided. A request is received by a network security management device to add a new traffic flow policy rule to multiple existing policy rules managed by the network security management device. Dependencies of the new traffic flow policy rule on the existing policy rules are automatically determined. An updated set of policy rules is formed by incorporating the new traffic flow policy rule within the existing policy rules based on the dependencies. The updated set of policy rules is then optimized by grouping, reordering and/or deleting a sub-set of policy rules of the updated set of policy rules based on one or more of weights assigned to particular types of traffic, preference settings, priority settings, network traffic characteristics and usage statistics for each policy rule of the updated set of policy rules, Yamagata (US 7,219,237) is generally directed to access control according to access rights granted to users, by a simple configuration. A communication system includes: a plurality of forwarding nodes that process a received packet in accordance with a processing rule (packet handling operation) associating a matching rule for identifying a flow and processing content to be applied to a packet that conforms with the matching rule; a policy management apparatus provided with an access control policy storage unit that associates roles assigned to users and access rights set for each role, the policy management apparatus providing information related to access rights associated with a role of a user who is successfully authenticated, to a control apparatus; and the control apparatus that creates a path between a terminal of the user who is successfully authenticated and a resource that the user can access, based on information related to access rights received from the policy management apparatus, and sets a processing rule in a forwarding node in the path in question, and Merugu (US 2002/0152209) is generally directed to a technique where classification of packets into flows is an inherent operation performed by networks that support enhanced services. To support multiple-dimensional packet classification, a packet classification system is provided to select representative bits from a packet to look up a set of rules. The per-flow classification works with a large set of rules, where each rule comprises of multiple fields and also allows fast dynamic variation in the rule set. A lookup process includes a simple and finite set of instructions that can be efficiently implemented as pipelined hardware and support very high packet arrival rates.
The Examiner concludes that in addition to the Applicant's arguments/Remarks, filed on 01/20/2022 with the amendment, prior art of reference does not teach at least the limitations of the independent claim 1, in which limitations of the dependent claim 6 has been incorporated in addition to the additional limitations none of Perincha, Yamagata and Merugu, nor any other art teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the amended independent claim 1. For example, none of the cited prior art teaches or suggest the steps of generating, by a management server, from a rule database comprising a plurality of packet processing rules, each packet processing rule associated with a distribution percentage, a first rule set for a first security appliance, the first rule set comprising a first subset of the packet processing rules, each associated with a 100% distribution percentage and a second subset of the packet processing rules associated with distribution percentages less than 100%;  generating, by the management server, a second rule set for a second security appliance, the second rule set comprising the first subset of the packet processing rules and a third subset of the packet processing rules associated with distribution percentages less than 100%, the packet processing rules of the third subset different from the packet processing rules of the second subset, and transmitting, by the management server, the first rule set to the first security appliance and the second rule set to the second security appliance, as a whole with the remaining limitations. Therefore, the claim 1 is considered allowable over the cited prior art.
As to claim 1, the claim is directed to a system, and the claim limitations are similar to the claim limitations of the method claim 1.  Therefore, claim 11 is also considered allowable for the same reason set forth above for claim 1.
As to claims 2, 5-10, 12, and 15-20, the claims are dependent from claims 1 or 11 respectively, and are considered allowable over PriorArt.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jahangir Kabir whose telephone number is (571) 270-3355.  The examiner can normally be reached on 9:00- 5:00 Mon-Thu.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/JAHANGIR KABIR/             Primary Examiner, Art Unit 2439