DETAILED ACTION
Claims 1-20 are pending.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed 2/25/2022 have been fully considered but they are not persuasive.
A. Applicant argues the prior art does not does accepting by the first computing device the request prior to establishment of connection with the second computing device to provide the service after authenticating by the first computing device of the second computing device with use of credentials of the second computing device and responsive to accepting the request, establishing connection with the second computing device in which to provide the service to the second computing device.
However, the examiner respectfully disagrees. The examiner points to TLS handshaking taught in Thakur. The examiner points to Figure 6B of Thakur as well as paragraphs 233, 242 and 99.  Paragraph 242 of Thakur states, “At step 608, the client agent 120 establishes a transport layer connection, or third connection, 640 with the appliance 200. In some embodiments, the client agent 120 establishes a SSL VPN connection 640. In one embodiment, the client agent 120 and appliance 200 perform a SSL or TLS handshake to establish a secure session over the transport layer connection”.  The claim limitations are silent as to what the services the requested by the request. Here, in Thakur the SSL/TLS Handshake, the service could be establishing a secure connection, thus by initiating the steps to establish a connection, a request could be accepted prior the establishment of the request, and after the authentication (after the Handshake certificates are verified). Furthermore, Khandekar more specifically discloses wherein the connection is established to provide the service (Paragraph 39, once the resource is identified, the resource is allocated to perform the task/service (connection is established)). Therefore, applicant’s arguments are not persuasive.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Khandekar (US 2014/0101226 A1) in view of Thakur (US 2012/0036231 A1).

With regards to Claim 1, Khandekar teaches a method comprising: determining, by a first computing device prior to acceptance of a request from a second computing device in communication with the first computing device, that the first computing device is enabled to provide a service to the second computing device based at least on identification of the second computing device (i.e., Responsive to receiving the registration requests, the load balancer 201 registers (405) each processing resource from which a registration request was received. According to one embodiment of the present invention, registration of a processing resource involves a sequence or series of message exchanges (e.g., a protocol) between the load balancer 201 and the registering resource. As part of the registration sequence or protocol, the registering resource may communicate a variety of information to the load balancer 201, including the resource's identification (e.g., resource name), network address, and communication port, and optionally information regarding one or more scripts that may be remotely executed on the resource when the load balancer 201 requires utilization information from the resource or wishes to communicate load balancer event information to the resource, Paragraph 31); and establishing, by the first computing device responsive to acceptance of the request, the connection with the second computing device in which to provide the service to the second computing device (i.e., Responsive to receiving a server-related processing task request, the load balancer 201 optionally determines (411) which registered resources are capable of performing the requested processing task, Paragraph 39).
However, Khandekar does not explicitly disclose accepting, by the first computing device, the request prior to establishment of a connection to provide the service and after authentication of the second computing device with use of credentials of the second computing device. Thakur does teach accepting, by the first computing device, the request prior to establishment of a connection to provide the service and after authentication of the second computing device with use of credentials of the second computing device (i.e., Paragraph 233, 242, 99, Figure 6B, TLS Handshake) in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection (Paragraph 1).  Therefore, based on Khandekar in view of Thakur, it would have been obvious to one having ordinary skill in the art before the effective filing date to utilize the teachings of Thakur with the system of Khandekar in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection.
	
	With regards to Claim 2, Khandekar teaches further comprising receiving, by the first computing device from the second computing device, the request, wherein the request being one to provide the service to the second computing device (i.e., the load balancer 201 electronically receives (403) registration requests from the processing resources, Paragraph 30)

With regards to Claim 3, Khandekar teaches wherein the service requested by the second computing device is to provide load balancing of data traffic by the first computing device (i.e., the load balancer 201 electronically receives (403) registration requests from the processing resources, Paragraph 30; Paragraph 13; Figure 2, Items 208).

With regards to Claim 4, Khandekar teaches the above disclosed subject matter. However, Khandekar does not explicitly disclose further comprising establishing, by the first computing device, the connection with the second computing device via a handshake responsive to and after acceptance of the request.  Thakur does teach further comprising establishing, by the first computing device, the connection with the second computing device via a handshake responsive to and after acceptance of the request (i.e., At steps 601, 602 and 603, the appliance 200 and server 106 perform a transport layer connect handshake to establish a first transport layer connection, Paragraph 233) in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection (Paragraph 1).  Therefore, based on Khandekar in view of Thakur, it would have been obvious to one having ordinary skill in the art before the effective filing date to utilize the teachings of Thakur with the system of Khandekar in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection.

With regards to Claim 5, Khandekar teaches wherein the first computing device being identified by the second computing device as providing the service via a domain name system (i.e., Communication of the load balancer's address information to address resolution servers 222, such as DNS servers, enables the processing resources to automatically discover the load balancer 201 in the same way that network addresses for other hostnames or services are discovered, Paragraph 29).

With regards to Claim 6, Khandekar teaches further comprising determining, by the first computing device, the identification of the second computing device via an identifier of the second computing device received via the request (i.e., Responsive to receiving the registration requests, the load balancer 201 registers (405) each processing resource from which a registration request was received…registering resource may communicate a variety of information to the load balancer 201, including the resource's identification (e.g., resource name), network address, and communication port, and optionally information regarding one or more scripts that may be remotely executed on the resource when the load balancer 201 requires utilization information from the resource or wishes to communicate load balancer event information to the resource, Paragraph 31).

With regards to Claim 7, Khandekar teaches further comprising including, by the first computing device, the second computing device as one of the plurality of computing devices for which the first computing device provides the service (i.e., The load balancer electronically receives registration requests from at least some of the processing resources from within the pool of resources. The load balancer registers each processing resource from which a registration request is received, Paragraph 13; Figure 2, Item 203).

The limitations of Claim 8 are rejected in the analysis of Claim 1 above, and the claim is rejected on that basis.
The limitations of Claim 9 are rejected in the analysis of Claim 2 above, and the claim is rejected on that basis.
The limitations of Claim 10 are rejected in the analysis of Claim 3 above, and the claim is rejected on that basis.
The limitations of Claim 11 are rejected in the analysis of Claim 4 above, and the claim is rejected on that basis.
The limitations of Claim 12 are rejected in the analysis of Claim 5 above, and the claim is rejected on that basis.
The limitations of Claim 13 are rejected in the analysis of Claim 6 above, and the claim is rejected on that basis.
The limitations of Claim 14 are rejected in the analysis of Claim 7 above, and the claim is rejected on that basis.

With regards to Claim 15, Khandekar teaches a device providing load balancing as a service to a plurality of servers, the device comprising: one of more processors, coupled to memory, and configured to: receive a request from a service to initiate establishment of a connection, the server having identified the device as providing load balancing via a domain name system (i.e., the load balancer 201 electronically receives (403) registration requests from the processing resources, Paragraph 30; Figure 2, Items 208); determine, prior to acceptance of the request, that the device is able to provide load balancing of the server (i.e., Responsive to receiving the registration requests, the load balancer 201 registers (405) each processing resource from which a registration request was received. According to one embodiment of the present invention, registration of a processing resource involves a sequence or series of message exchanges (e.g., a protocol) between the load balancer 201 and the registering resource. As part of the registration sequence or protocol, the registering resource may communicate a variety of information to the load balancer 201, including the resource's identification (e.g., resource name), network address, and communication port, and optionally information regarding one or more scripts that may be remotely executed on the resource when the load balancer 201 requires utilization information from the resource or wishes to communicate load balancer event information to the resource, Paragraph 31); establish, responsive to acceptance of the request, the connection with the server to cause the device to load balance the server among a plurality of servers (i.e., Responsive to receiving a server-related processing task request, the load balancer 201 optionally determines (411) which registered resources are capable of performing the requested processing task, Paragraph 39).
However, Khandekar does not explicitly disclose perform, prior to acceptance of the request, authentication of the server using credentials of the server; and accept the request responsive to the determination and authentication. Thakur does teach perform, prior to acceptance of the request, authentication of the server using credentials of the server (i.e., Paragraph 233, 242, 99, Figure 6B, TLS Handshake); and accept the request responsive to the determination and authentication (i.e., Paragraph 233, 242, 99, Figure 6B, TLS Handshake) in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection (Paragraph 1).  Therefore, based on Khandekar in view of Thakur, it would have been obvious to one having ordinary skill in the art before the effective filing date to utilize the teachings of Thakur with the system of Khandekar in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection.



With regards to Claim 16, Khandekar teaches the above disclosed subject matter. However, Khandekar does not explicitly disclose wherein the one or more processors are further configured to establish the connection as an outbound connection from the device to the server that passed through one of a firewall or network address translation (NAT) perimeter.  Thakur does teach wherein the one or more processors are further configured to establish the connection as an outbound connection from the device to the server that passed through one of a firewall or network address translation (NAT) perimeter (i.e., In one embodiment, the system may include multiple, logically-grouped servers 106. In these embodiments, the logical group of servers may be referred to as a server farm 38. In some of these embodiments, the serves 106 may be geographically dispersed, Paragraph 43; Paragraphs 118-119 firewall) in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection (Paragraph 1).  Therefore, based on Khandekar in view of Thakur, it would have been obvious to one having ordinary skill in the art before the effective filing date to utilize the teachings of Thakur with the system of Khandekar in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection.

With regards to Claim 17, Khandekar teaches the above disclosed subject matter. However, Khandekar does not explicitly disclose wherein the one or more processors are further configured to use the connection from an inverted connection pool maintained by the device.  Thakur does teach wherein the one or more processors are further configured to use the connection from an inverted connection pool maintained by the device (i.e., Referring now to FIG. 6A, an embodiment of an appliance 200 and client agent 120 is depicted for providing a server initiated transport layer connection between a server 106 and a client 102 connected by a virtual private network connection via the appliance 200…., Paragraph 223) in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection (Paragraph 1).  Therefore, based on Khandekar in view of Thakur, it would have been obvious to one having ordinary skill in the art before the effective filing date to utilize the teachings of Thakur with the system of Khandekar in order to provide server initiated connections to a client connected via a secure socket layer virtual private network connection.

With regards to Claim 18, Khandekar teaches wherein the one or more processors are further configured to include the server in a pool of servers load balanced by the device (i.e., The load balancer electronically receives registration requests from at least some of the processing resources from within the pool of resources. The load balancer registers each processing resource from which a registration request is received, Paragraph 13; Figure 2, Item 203).

With regards to Claim 19, Khandekar teaches wherein the one or more processors are further configured to identify the server in the pool of servers using an identifier of the server included with the request (i.e., Responsive to receiving the registration requests, the load balancer 201 registers (405) each processing resource from which a registration request was received…registering resource may communicate a variety of information to the load balancer 201, including the resource's identification (e.g., resource name), network address, and communication port, and optionally information regarding one or more scripts that may be remotely executed on the resource when the load balancer 201 requires utilization information from the resource or wishes to communicate load balancer event information to the resource, Paragraph 31).

With regards to Claim 20, Khandekar teaches wherein a name of the pool of servers is published to the domain name system and the device maintains a mapping of servers in the pool of servers (i.e., The network address and port number of the load balancer 201 may be stored as a DNS service (SRV) record within the address resolution server 222, where such server 222 is a DNS server. By publishing its network address to one or more address resolution servers 222, the load balancer 201 may effectively function as a load balancing service that may be discovered and utilized by processing services or applications executing on resources within the resource pool 203…, Paragraph 22)
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SURAJ M JOSHI whose telephone number is (571)270-7209. The examiner can normally be reached Monday - Friday 8-6 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon Hwang can be reached on (571)272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SURAJ M JOSHI/Primary Examiner, Art Unit 2447                                                                                                                                                                                                        June 13, 2022