DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the Request for Continued Examination (RCE) filed on 05/30/2022.
Claims 1-14 are currently pending in this application. Claims 1, 4, 6, 8 and 11 have been amended. The terminal disclaimer (TD) filed on 04/11/2022 has been approved.
No information disclosure statement (IDS) has been filed.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/17/2022 has been entered.

Response to Arguments
The previous objections to the specification and the objections to the claim 4 have been withdrawn in response to the applicants’ amendments/remarks.
The previous 101 rejections to the claims 1-7 have been withdrawn in response to the applicants’ amendments/remarks.
The previous double patenting rejections have been withdrawn in response to the applicants’ filing of the TD, which was approved on 04/11/2022.

The previous 112(b) rejections to the claims 1-14 have been withdrawn in response to the applicants’ amendments/remarks; however, current amendments cause the new rejections. See the updated rejections in the 112(b)-rejection section below.

Regarding 102 rejections, the applicants have amended claims and have, in pages 19-20 of the remarks, argued that “… Schultz merely discloses … provides security policies … however, independent claims 1 and 8 recite … provides rules, security controls, or policy controls … Conversely, the application details that rules that may govern the protection … as an individual policy, from [0131] and … exclude traffic, from [0132] the application … claims 1 and 8, and any claims dependent thereon …”.
Applicants’ these arguments are not persuasive.
First of all, it is noted that when the claims use several limitations/terms (e.g., rules, security controls, policy controls) with the term “or”, showing only one limitation/term (e.g., rules) for the obviousness is enough to reject the claimed terms. Moreover, although the claims are interpreted in light of the specification, limitations for the specification (e.g., information of the paragraphs 0131 and 0132 of the application) are not read into the claims - see In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). See the amended rejections in the 102-rejection section below.
 
 
Thus, the applicants’ arguments are not persuasive. Please see rejections below for the current claims.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. 

Claims 1-14 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention.

Claim 1 (claim 8 includes similar limitations) recites “… provide a plurality of firewall, each firewall corresponding to said plurality of network components, wherein said firewall provides rules … for one or more of said plurality of network components …”, however, it is not clear whether one firewall is provided to a plurality of network components or not (or all firewalls to all network components). Note: “one or more of the plurality of network components” is assumed as “more of the plurality of network components).
Claims 2-7 and 9-14 depend from the claim 1 or 8, and are analyzed and rejected accordingly.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-14 are rejected under 35 U.S.C. 102(a) (2) as being anticipated by Schultz et al. (US 2018/0041470 A1).

As per claim 1, Schultz teaches a network system for distributed firewall management in a network comprising a plurality of network components associated with one or more client sites [figs. 1A, 1B and 2 of Schultz - the network system of fig. 2 for firewall management by the APN network control node NCN for the distributed client site or APN client sites with a plurality of network components of fig. 1B], said system comprising: at least one processor and at least one non-transitory memory comprising program code, wherein the at least one non-transitory memory and the program code are configured to, with the at least one processor, cause the system [see par. 0056 of Schultz] to perform operations configured to:
provide a plurality of firewalls, each firewall corresponding to said plurality of network components, wherein said firewall provides rules, security controls, or policy controls for one or more of said plurality of network components [(fig. 1A, 1B, 2; par. 0016, lines 1-5; par. 0050, lines 1-22; par. 0070, lines 1-6 of Schultz teaches the system providing a plurality of firewalls (e.g., the integrated firewalls), each firewall corresponding to said plurality of network components, wherein said firewall provides rules, security controls, or policy controls for one or more of said plurality of network components]; and
manage, by a centralized firewall network controller configured the rules, security controls, or policy controls for the plurality of firewalls [fig. 2; par. 0072, lines 1-27 of Schultz teaches a centralized firewall network controller (e.g., the controller of the network control node NCN with the administrator) configured to manage the rules, security controls, or policy controls for the plurality of firewalls (e.g., the network control node NCN with the administrator can adjust/manage centralized configuration for a set of security policies to provide a managed/controlled firewall network that incorporates connections of the plurality of client site network components shown in fig. 2].

As per claim 2, Schultz teaches the system of claim 1. 
Schultz further teaches wherein the centralized firewall network controller is configured to provide a software defined perimeter defense system [par. 0049, lines 1-13; par. 0229, lines 1-2, 18-19 of Schultz – the centralized network controller NCN is configured for security zones to provide a software defined perimeter defense system as the security boundary of each security zone].

As per claim 3, Schultz teaches the system of claim 1. 
Schultz further teaches wherein the centralized firewall network controller is configured to provide five layers of security comprising administrator, network, trusted, public and untrusted [table 16; par. 0072, lines 9-27; par. 262, lines 1-5; par. 264, lines 9-11 of Schultz – the centralized APN configuration of the controller NCN provides network setting for selected site appliances, the security zones with Internet security zone for a trusted interface, untrusted Internet security zone with an untrusted interface, default LAN security zone with not setting a zone or public and administrator specific/assigned security zone].

As per claim 4, Schultz teaches the system of claim 1. 
Schultz further teaches wherein the centralized firewall network controller is configured to provide rule management with an asset alias capacity to assign a unit alias to each of the plurality of assets across the plurality of network components [figs. 1B, 2; par. 0060, lines 1-19; par. 0229, lines 1-19; table 11 of Schultz – the central configuration provides rule management with bandwidth or capacity optimization and the assigned security zone A or B or C to each appliance of the plurality of appliances of the client site network. In other words, the asset alias capacity optimization assigns a unit alias (e.g., security zone A/B/C) to each of the plurality of appliances across the plurality of network components].

As per claim 5, Schultz teaches the system of claim 1. 
Schultz further teaches wherein the plurality of firewalls use processing resources of the plurality of network components [figs. 1B, 2; par. 0049, lines 1-10; par. 0050, lines 1-29; par. 0060, lines 1-19 of Schultz teaches the plurality of firewalls, such as 192, 194, 196, 198, use processing resources of the plurality of network components, such as WAN Ingress/Egress processor modules, etc.].

As per claim 6, Schultz teaches the system of claim 1. 
Schultz further teaches wherein the centralized firewall network controller is configured to provide automatic network component discovery [figs. 1B, 2; par. 0076, lines 1-11 of Schultz teaches automatic network component discovery].

As per claim 7, Schultz teaches the system of claim 1. 
Schultz further teaches wherein the client site network component is configured to separate lower-link data traffic and to encapsulate data packets of the lower-link data traffic using the common access protocol [figs. 1A, 4; par. 0034, lines 1-10; par. 0089, lines 24-34 of Schultz teaches the transport reliable protocol (TRP) processing is begun including checking path id validity and path resequencing. Conduit user data processing is begun including aggregation, phase 1 of header compression, checking IP header of user data, application lookup using an application classification table. Also, a flow and rule lookup in a rules table is accomplished. The conduit flow processing is begun including handling fragmentation, re-sequence flow processing, phase 2 of header compression and strip TRP encapsulation. In other words, the client site network component (e.g., conduit processor module) is configured to separate lower-link data traffic (e.g., the data link layer traffic) and to encapsulate data packets of the lower-link data traffic using the common access protocol (e.g., TRP processing).

Claims 8-14 are method claims that correspond to the system claims 1-7, and are analyzed and rejected accordingly.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAUNG T LWIN whose telephone number is (571)270-7845.  The examiner can normally be reached on Monday - Friday 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/MAUNG T LWIN/Primary Examiner, Art Unit 2495