DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 
Election/Restrictions
NO restrictions warranted at applicant’s time of filing for patent. 
Priority
Applicant claim[s] domestic priority under 35 USC 120 where the instant application is a continuation application [CON] of the following continuation applications:
16/740961, filed on 01/13/2020, now US PAT # 10,873,595
15/608983, filed on 05/30/2017, now US PAT # 10,547,631
14/834102, filed on 08/24/2015, now US PAT # 10,154,055
10/882852, filed on 07/01/2004, now Abandoned. 
The instant application further claims domestic priority under 35 USC 119e to provisional application # 60/484,085, filed on 07/01/2004
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 11/13/2020, 10/07/2021, the submissions are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Drawings
Applicant’s drawings filed on 11/13/2020 has been inspected, and are in compliance with MPEP 608.02. 
Specification
Applicant’s specification filed on 11/13/2020 has been inspected, and is in compliance with MPEP 608.01. 
Claim Objections
Claim[s] 12 is objected to because of the following informalities: the claim language doesn’t end in proper grammatical English punctuation.  
Appropriate correction is required.
Claim Interpretation – 35 USC 112th 6th or F
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  
Such claim limitation(s) is/are: 
Regarding claim 1. An apparatus, comprising:
an intrusion prevention system configured “to:
receive a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for:
identifying at least one configuration associated with the at least one networked device, and
determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable;
cause display a plurality of techniques including a first technique for utilizing an intrusion prevention system component for occurrence mitigation, and a second technique for utilizing a firewall for occurrence mitigation;
allow receipt of:
user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation;
user input causing selection of the second technique for utilizing the firewall for occurrence mitigation;
apply, based on the user input causing selection of the first technique for utilizing the intrusion prevention system component for occurrence mitigation, the first technique for utilizing the intrusion prevention system component for occurrence mitigation;
apply, based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, the second technique for utilizing the firewall for occurrence mitigation;
identify:
for the at least one networked device, a first occurrence including at least one first occurrence packet, and
for the at least one networked device, a second occurrence including at least one second occurrence packet;
determine:
that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable;
that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and
cause a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable.”
Regarding claim 6. An apparatus, comprising:
at least one platform;
an intrusion prevention system configured “to communicative couple with the at least one platform;
a firewall configured to communicative couple with the at least one platform;
at least one first data storage configured to communicative couple with the at least one platform; and
at least one second data storage configured to communicative couple with the at least one platform;”
said at least one platform configured “to:
receive a result of at least one operation in connection with at least one of a plurality of networked devices, the at least one operation based on first information from the at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for:
identifying at least one configuration associated with the at least one networked device, and
determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in the at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable;
cause display a plurality of techniques including a first technique for utilizing the intrusion prevention system for occurrence mitigation, a second technique for utilizing the firewall for occurrence mitigation;
allow receipt of:
user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, and
user input causing selection of the second technique for utilizing the firewall for occurrence mitigation;
based on the user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, automatically apply the first technique for utilizing the intrusion prevention system for occurrence mitigation;
based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, automatically apply the second technique for utilizing the firewall for occurrence mitigation;
cause identification of:
in connection with the at least one networked device, a first occurrence including at least one first occurrence packet directed to the at least one networked device, and
in connection with the at least one networked device, a second occurrence including at least one second occurrence packet directed to the at least one networked device;
determine:
that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable;
that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and
cause a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable.”
Regarding claim 13. An intrusion prevention system, comprising:
means “for receiving a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation” configured “for:
identifying at least one configuration associated with the at least one networked device, and determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable;”
means “for causing display of a plurality of techniques including a first technique for utilizing an intrusion prevention system for occurrence mitigation, and a second technique for utilizing a firewall for occurrence mitigation;”
means “for receiving user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation and user input causing selection of the second technique for utilizing the firewall for occurrence mitigation;”
means “for: based on the user input causing selection of the first technique for utilizing the intrusion prevention system for occurrence mitigation, applying the first technique for utilizing the intrusion prevention system for occurrence mitigation; and based on the user input causing selection of the second technique for utilizing the firewall for occurrence mitigation, applying the second technique for utilizing the firewall for occurrence mitigation;”
means “for identifying:
for the at least one networked device, a first occurrence including at least one first occurrence packet, and
for the at least one networked device, a second occurrence including at least one second occurrence packet;”
code for determining:
that the first occurrence including the at least one first occurrence packet directed to the at least one networked device is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable, and
that the second occurrence including the at least one second occurrence packet directed to the at least one networked device is not capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable; and
means “for causing a reporting of at least the first occurrence based on the determination that the first occurrence including the at least one first occurrence packet is capable of taking advantage of the at least one of the actual vulnerability to which the at least one networked device is actually vulnerable.”
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
Appropriate action required. 
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim[s] 1, 6, 13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. Regarding the means for plus functional claiming technique invoked as indicated above, it is unclear as to where in the specification as filed the required structure or hardware needed to invoke means for or step plus function is located. Further it is unclear where the recited functionality of the recited/invoked means for plus functionality is located as required. 
	Appropriate action required. 
Double Patenting
The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A non-statutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on non-statutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based e-Terminal Disclaimer may be filled out completely online using web-screens. An e-Terminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about e-Terminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
The pending claim[s] are rejected on the ground of non-statutory double patenting as being unpatentable over the subject matter of the various U.S. Patents below. Although the claims at issue are not identical, they are not patentably distinct from each other because the subject matter of the pending application and the issued patents are not distinct in scope. For example: an intrusion prevention system comprising a platform, a instruction prevention system and firewall that communicates with the platform; at least one first data storage and second data storage configured to communicate with the platform; and as the result of performing a plurality of operations that collective protect one or more networked devices, by determining whether a networked device is actually vulnerable to attack based on the identified configuration of the network device, and first information of the first data base that contains identified vulnerabilities. Once actual vulnerabilities are determined, the user is presented with display showing such vulnerabilities and techniques or mitigation selections for user to choose to mitigate such determined vulnerabilities. The user can select either an intrusion prevention system mitigation technique, or a firewall mitigation technique to apply and mitigate the actual vulnerability. Also, with the said platform, it can detect when a packet is actually able to take advantage of such identified vulnerability, in which the user can identify and applicant, again, either an intrusion prevention system mitigation technique, or a firewall mitigation technique to apply and mitigate the actual vulnerability. When such actual packet occurrence is actually able to take advantage of such identified vulnerability, and report is sent to the user. 

Pending US Application # 			US PAT # 
17/098281					9117069
1, 6, 7, 8, 13 					12, 174, 175, 176, 21
17/098281					10154055
1 – 18						1 – 18
17/098281					10547631
1 – 12						1 – 11, 20
Claim Rejections - 35 USC § 101
NO rejections warranted at applicant’s initial time of filing for patent.
Claim[s] 1 - 18 have been evaluated under 2019 PEG, while claim[s] 1, 6, 13 do recite an identified abstract idea, as defined under the new guidance. For example: mental process [i.e. concepts can be performed in the human mind: observation, evaluation, judgment, opinion], i.e. claim 1, lines 2-16, 
“….receive a result of at least one operation performed on at least one of a plurality of networked devices, the at least one operation based on first information from at least one first data storage identifying a plurality of potential vulnerabilities including at least one first potential vulnerability and at least one second potential vulnerability, the at least one operation configured for:
identifying at least one configuration associated with the at least one networked device, and
determining that the at least one networked device is actually vulnerable to at least one actual vulnerability, based on the identified at least one configuration and the first information from the at least one first data storage identifying the plurality of potential vulnerabilities, such that second information associated with the result is stored in at least one second data storage separate from the at least one first data storage, the second information relating to the at least one actual vulnerability to which the at least one networked device is actually vulnerable….etc.”
However, there is a practical application of such identified abstract idea, therefore, the claims are statutory under the meaning of the statute.
Claim Rejections - 35 USC § 102
NO rejections warranted at applicant’s time of filing for patent. 
Claim Rejections - 35 USC § 103
NO rejections warranted at applicant’s time of filing for patent. 
Allowable Subject Matter
Claim[s] 1 – 18 contains allowable subject matter, but as allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with.  See 37 CFR 1.111(b) and MPEP § 707.07(a).
***A reasons for allowance are forthcoming in the next subsequent office action. 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT SHAIFER - HARRIMAN whose telephone number is (571)272-7910. The examiner can normally be reached M - F: 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571- 272- 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/           Primary Examiner, Art Unit 2434