DETAILED ACTION
This Office action is in response to remarks filed by Applicant on 2/15/2022.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

 Information Disclosure Statement PTO-1449
The Information Disclosure Statements submitted by applicant on 4/11/2022 has been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.

Response to Amendment
Applicant presents amendments to claims 1, 3, 6, 8–9, 16, 18, and 20. All amendments have been fully considered.
Applicant’s amendments are sufficient to overcome the previous rejections under 35 U.S.C. 102 and 103.  Therefore, a new search was conducted to identify prior art that would read on the invention as claims.  As a result, a new primary reference and combination of references is presented as grounds for new rejections under 35 U.S.C. 102 and 103, below.  Additionally, claims 4–8 are identified as containing allowable subject matter.

Response to Arguments
Applicant presents arguments regarding independent claims 1, 16 and 20.  All argument have been fully considered.
Examiner agrees with Applicant’s assertion that the previous rejections under 35 U.S.C. 102 and 103 have been overcome considering the amendments to the claims.  As mentioned above, new grounds for rejection are presented below.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 16–17 rejected under 35 U.S.C. 102(a)(1) as being anticipated by Srinivas (US 2002/0112057 A1, published Aug. 15, 2002).
Regarding claim 16, Srinivas discloses: a method for actuating transmission control protocol/Internet protocol (TCP/IP) through a programmable input output (IO) device coupled to a host device, the method comprising: identifying a computer workload during a handshake process for establishing a network connection with a remote host (a receiver of data advertises its RWIN size during TCP/IP connection setup. Srinivas ¶ 0051.); dynamically tuning, based at least in part on an identity of the computer workload, one or more TCP/IP parameters of the network connection for adjusting a performance of the network connection for the computer workload (TCP/IP connection throughput is automatically tuned based upon the determined size of the RWIN. Srinivas ¶¶ 0051–0052 and 0055.); and completing the handshake process to establish the network connection with the remote host (delivery of the ACK establishes the connection. Srinivas ¶ 0051.).  
Regarding claim 17, Srinivas discloses the limitations of claim 16, wherein the computer workload is a software application, a container application, or a computing process, provided through the host device (RWIN is a computing process. Srinivas ¶ 0051.).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1–2, 10–11, 20 rejected under 35 U.S.C. 103 as being unpatentable over Srinivas in view of Yang (US 2017/0163633 A1, published Jun. 8, 2017).
Regarding claims 1 and 20, Srinivas discloses: a programmable input output (IO) device comprising: cause the programmable IO device to perform operations to actuate transmission control protocol/Internet protocol (TCP/IP), the operations comprising: identifying a computer workload during a handshake process for establishing a network connection with a remote host (a receiver of data advertises its RWIN size during TCP/IP connection setup. Srinivas ¶ 0051.); dynamically tuning, based at least in part on an identity of the computer workload, one or more TCP/IP parameters of the network connection for adjusting a performance of the network connection for the computer workload (TCP/IP connection throughput is automatically tuned based upon the determined size of the RWIN. Srinivas ¶¶ 0051–0052 and 0055.); and completing the handshake process to establish the network connection with the remote host (delivery of the ACK establishes the connection. Srinivas ¶ 0051.).  
Srinivas does not disclose: at least one advanced reduced instruction set computer (RISC) machine (ARM) core communicably coupled to at least one central processing unit (CPU) core of a host device; and a memory unit, the memory unit having instructions stored thereon which, when executed by the at least one ARM core.
However, Yang does disclose: at least one advanced reduced instruction set computer (RISC) machine (ARM) core communicably coupled to at least one central processing unit (CPU) core of a host device; and a memory unit, the memory unit having instructions stored thereon which, when executed by the at least one ARM core (Yang ¶ 0071.).
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the tuning of the bandwidth of a TCP/IP connection based upon determining the receive window characteristics of Srinivas with advanced reduced instruction set computer (RISC) machine (ARM) core communicably coupled to at least one central processing unit (CPU) core of a host device based upon the teachings of Yang. The motivation being to employ a data cloud network and reduce power consumption. Yang para. 0101.
Regarding claim 2, Srinivas in view of Yang discloses the limitations of claim 1, wherein the computer workload is a software application, a container application, or a computing process, provided through the host device (RWIN is a computing process. Srinivas ¶ 0051.).
Regarding claim 10, Srinivas in view of Yang discloses the limitations of claim 1, wherein the one or more TCP/IP parameters are associated with a congestion control algorithm, a retransmission method, a sequence number, a TCP flag checking method, a transmission-window size, a congestion window assize, or a send/receive buffer size (the client facing node is a traffic management controller, application delivery controller, a server load balancer. Yang ¶ 0074.).  
Regarding claim 11, Srinivas in view of Yang discloses the limitations of claim 1, wherein the one or more TCP/IP parameters are related to L4-L7 protocols (communication bandwidth is tuned. Srinivas ¶ 0051.).

Claims 3 rejected under 35 U.S.C. 103 as being unpatentable over Srinivas in view of Yang in view of Knecht (US 10,104,039 B1, issued Oct. 16, 2018).
Regarding claim 3, Srinivas in view of Yang discloses the limitations of claim 1. Srinivas in view of Yang does not disclose: wherein the identity is a cryptographic identity and wherein the operations comprise: identifying the cryptographic identity of the computer workload, wherein the cryptographic identity of the computer workload is related to an associated security group, and wherein the one or more TCP/IP parameters are tuned based on the cryptographic identity of the computer workload.
However, Knecht does disclose: wherein the identity is a cryptographic identity and wherein the operations comprise: identifying the cryptographic identity of the computer workload, wherein the cryptographic identity of the computer workload is related to an associated security group, and wherein the one or more TCP/IP parameters are tuned based on the cryptographic identity of the computer workload (the tunnel client 140 connects to the edge server 150B via the anycast protocol thereby creating a connection to the closest edge server to the origin server 130. Knecht 5:35–40. The tunnel client 140 may be configured to send configuration information for the tunnel to the tunnel service. Knecht 5:45–52. The configuration information may include authentication information (e.g., username/password, an access token (e.g., an API key), cryptographic identity (e.g., a certificate), and/or email address), TLS configuration information (e.g., 50 type of TLS supported), port, and/or hostname that traffic should be received on. The tunnel client 140 may collect data during operation and report the collected data to the tunnel service 145 (which may in turn forward the data to the tunnel control service 150) that can be used as additional 55 metrics for load balancing. Knecht 5:50–56.).
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the tuning of the bandwidth of a TCP/IP connection based upon determining the receive window characteristics of Srinivas with the identified workload is related to a security group and the TCP/IP parameters are configured based upon the cryptographic identity of the workload based upon the teachings of Knecht. The motivation being configuring the tunnel connection in a way that assists in load balancing of the system. Knecht col. 5, ll. 50-56.  

Claims 9 rejected under 35 U.S.C. 103 as being unpatentable over Srinivas in view of Yang in view of Pensando (WO 2019/133434 A1, See IDS filed 10/1/2021).
Regarding claim 9, Srinivas in view of Yang discloses the limitations of claim 1. Srinivas in view of Yang does not disclose: wherein the one or more TCP/IP parameters are comprise an advertised window and is tuned based on a queue depth of a queue associated with the computer workload, and wherein the queue depth is determined according to a difference between the queue and a consumer index.
However, Pensando does disclose: wherein the one or more TCP/IP parameters are comprise an advertised window and is tuned based on a queue depth of a queue associated with the computer workload, and wherein the queue depth is determined according to a difference between the queue and a consumer index (certain kinds of traffic receive differentiated service when used in combination with queuing techniques such as priorty, fairness, weighted fairness. Pensando ¶ 0069. The policies allow or deny connection to and between specific groups for rate limiting purposes. Pensando ¶ 0069.).
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the tuning of the bandwidth of a TCP/IP connection based upon determining the receive window characteristics of Srinivas with a network policy including attributes of the workload and network factors based upon the teachings of Pensando. The motivation being to balance packet flow using metrics to allow or deny particular flows. Pensando ¶ 0069.
 
Claims 12–15 rejected under 35 U.S.C. 103 as being unpatentable over Srinivas in view of Yang in view of Roch (US 2016/0212098 A1, published Jul. 21, 2016).
Regarding claim 12, Srinivas in view of Yang discloses the limitations of claim 1. Srinivas in view of Yang does not disclose: wherein the operations comprise: enabling or disabling a security protocol to be applied to a data flow associated with the computer workload.
However, Roch does disclose: wherein the operations comprise: enabling or disabling a security protocol to be applied to a data flow associated with the computer workload (IPSec protocol enabled though the secured VPN tunnel. Roch ¶ 0027.).
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the tuning of the bandwidth of a TCP/IP connection based upon determining the receive window characteristics of Srinivas with enabling or disabling a security protocol applied to a dataflow associated with the workload based upon the teachings of Roch. The motivation being to provide an efficient use of resources through balancing the load on the system. Roch ¶ 0021.
Regarding claim 13, Srinivas in view of Yang in view of Roch discloses the limitations of claim 12, wherein the security protocol is enabled or disabled based on a request or a location of the computer workload (access devices capable of establishing a secured VPN tunnel are enabled depending on their functionality as a gateway or the like. Roch ¶ 0027.).  
Regarding claim 14, Srinivas in view of Yang in view of Roch discloses the limitations of claim 12, wherein the operations comprise: terminating the data flow; and determining one or more TCP algorithms based on the data flow (to achieve load balancing, redirecting traffic flow, which amounts to terminating one traffic flow for another. Roch ¶¶ 0027–0028. Depending on the received flow, the load balancing functionality identifies associated traffic for a particular tunnel using various parameters. Roch ¶ 0027.).  
Regarding claim 15, Srinivas in view of Yang discloses the limitations of claim 1. Srinivas in view of Yang does not disclose: wherein the operations comprise: upgrading a TCP algorithm without intervention from the host device.
However, Roch does disclose: wherein the operations comprise: upgrading a TCP algorithm without intervention from the host device (directing traffic from one tunnel to another enhances the system and be understood to be an upgraded process. Roch ¶¶ 0027–0028.).  
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the tuning of the bandwidth of a TCP/IP connection based upon determining the receive window characteristics of Srinivas with upgrading a TCP algorithm without intervention based upon the teachings of Roch. The motivation being to provide an efficient use of resources through balancing the load on the system. Roch ¶ 0021.

Claim 18 rejected under 35 U.S.C. 103 as being unpatentable over Srinivas in view of Knecht.
Regarding claim 18, Srinivas discloses the limitations of claim 16. Srinivas does not disclose: wherein the identity is a cryptographic identity and the method further comprises: identifying the cryptographic identity of the computer workload, wherein the cryptographic identity of the computer workload is related to an associated security group, and wherein the one or more TCP/IP parameters are tuned based on the cryptographic identity of the computer workload.
However, Knecht does disclose: wherein the identity is a cryptographic identity and the method further comprises: identifying the cryptographic identity of the computer workload, wherein the cryptographic identity of the computer workload is related to an associated security group, and wherein the one or more TCP/IP parameters are tuned based on the cryptographic identity of the computer workload (the tunnel client 140 connects to the edge server 150B via the anycast protocol thereby creating a connection to the closest edge server to the origin server 130. Knecht 5:35–40. The tunnel client 140 may be configured to send configuration information for the tunnel to the tunnel service. Knecht 5:45–52. The configuration information may include authentication information (e.g., username/password, an access token (e.g., an API key), cryptographic identity (e.g., a certificate), and/or email address), TLS configuration information (e.g., 50 type of TLS supported), port, and/or hostname that traffic should be received on. The tunnel client 140 may collect data during operation and report the collected data to the tunnel service 145 (which may in turn forward the data to the tunnel control service 150) that can be used as additional 55 metrics for load balancing. Knecht 5:50–56.).
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the tuning of the bandwidth of a TCP/IP connection based upon determining the receive window characteristics of Srinivas with the identified workload is related to a security group and the TCP/IP parameters are configured based upon the cryptographic identity of the workload based upon the teachings of Knecht. The motivation being configuring the tunnel connection in a way that assists in load balancing of the system. Knecht 5:50-56.  

Claim 19 rejected under 35 U.S.C. 103 as being unpatentable over Srinivas in view of Knecht.
Regarding claim 19, Srinivas in view of Knecht discloses the limitations of claim 18. Srinivas in view of Knecht does not disclose: comprising: preforming a deep packet inspection on a data packet received by the programmable IO device, wherein the cryptographic identity of the computer workload is identified based on the deep packet inspection.
However, Di Crescenzo does disclose: comprising: preforming a deep packet inspection on a data packet received by the programmable IO device, wherein the cryptographic identity of the computer workload is identified based on the deep packet inspection (the server may retrieve the IP address information (the recited identity information) from the IP header of handshake packets received from the client. Di Crescenzo ¶ 0097.). 
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the tuning of the bandwidth of a TCP/IP connection based upon determining the receive window characteristics of Srinivas with inspecting data packets for the identity of the device based upon the teachings of Di Crescenzo. The motivation being to protect identities on a network and achieve bandwidth savings. Di Crescenzo ¶ 0014.

Allowable Subject Matter
Claims 4–8 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Jiao (US 2016/0234099 A1, published Aug. 11, 2016), a controller making routing parameter decisions based upon transmission characteristics and identified applications; Valluir (US 2015/0236909 A1, published Aug. 20, 2015), optimizing mobile client device operations by tuning TCP/IP connections based upon client devices.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VANCE LITTLE whose telephone number is (571)270-0408. The examiner can normally be reached Monday - Friday 9:30am - 5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung (Jay) Kim can be reached on (571) 272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/VANCE M LITTLE/Examiner, Art Unit 2494