DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, anycorrection of the statutory basis for the rejection will not be considered a new ground ofrejection if the prior art relied upon, and the rationale supporting the rejection, would bethe same under either status. 

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/13/2022 has been entered.
 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1, 8, 11 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Subbiah et al. (US 10,230,688 B1) in view of Miyauchi (US 20130212209 A1).

Subbiah et al. disclose large-scale, fiber channel storage networks with the following features: regarding claim 1, a computer-implemented method for handling soft zoning violations, the method comprising: assigning a first target device and an endpoint device that is coupled to a switch port of a Fibre Channel (FC) switch to one or more zones; in response to the endpoint device logging into the FC switch, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; obtaining from the sampled traffic a source identifier associated with the endpoint device and a destination identifier associated with a target device; and using the source identifier and the destination identifier to determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic (Fig. 2, illustrates an example topology of a Fibre Channel network implementing a virtual FDISC remote login process, under some embodiments, see teachings in [col1 ln 66-67, col 2 ln 1, col 6 ln 1-38, 61-63, col 7 ln 36-43, 58-67. col 8 ln 1-7 & col 9 ln 33-38] summarized as “a computer-implemented method for handling soft zoning violations, the method comprising (i.e. each node in the network(s) comprises a computing device capable of executing software code to perform the processing steps described herein, wherein (fig. 8) shows a system block diagram of a computer system used to execute one or more software components of the present system, and zones can be implemented through either a hard or soft method that combine with two sets of attributes, name and port wherein zoning is the partitioning of an FC fabric into smaller subsets to restrict interference, add security, and to simplify network management, and the soft zoning restricts only the fabric name service, to show only an allowed subset of devices  [col 6 ln 7-12 & col 9 ln 33-38]), assigning a first target device and an endpoint device that is coupled to a switch port of a Fibre Channel (FC) switch to one or more zones (i.e. zones define a membership group of the hosts and targets comprising the nodes in the system, in a network topology 200, Host H1 (endpoint device), connected to switch port of a fiber channel switch FCF1 to zones, wherein the zoning is the partitioning of an FC fabric into smaller subsets to restrict interference, add security, and to simplify network management [col 6 ln 1-14, ln 33-38]), in response to the endpoint device logging into the FC switch, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port (i.e. a mechanism that allows hosts connected to one FCF switch to login to targets connected to different FCF switches, zoning can be applied to either the switch port a device is connected to, or the WWN on the host being connected (name zoning),  Port-based zoning restricts traffic flow based on the specific switch port to which a device is connected, in response to login of the host H1, host address translation table will be used to translate the address for all subsequent traffic originated at Host H1) and ingresses at the port F1[col1 ln 66-67, col 2 ln 1, col 6 ln 20-32 ]), obtaining from the sampled traffic a source identifier associated with the endpoint device and a destination identifier associated with a target device (i.e. each FCF is assigned a respective domain like domain 11, domain 22, and domain 33 (fig. 3), and after the FIP login process, Host H1 is assigned an allotted fiber channel ID (FCID) and MAC address like FCID: 11-F1-00 and MAC: H1-FCOE-MAC1, a host address translation table is formed that contains a mapping of the host's FCID, FCOE MAC addresses, , when the Host H1 is logged in to FCF1, it extracts the ID of the Host H1 (endpoint device identifier) and the destination address associated with the target devices T1, T2 or T3 [col 6 ln 61-63, col 7 ln 36-43, 58-67 & col 8 ln 1-7]), and using the source identifier and the destination identifier to determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic (i.e. the FCF1 to which Host H1 is connected, examines the source address (FCID) and the destination address for target device (T1, T2 or T3), and if finds that the traffic is intended for a target device which has not been assigned the zone, the FCF1 restricts traffic flow based on the determination [col 5 ln 61-67 & col 6 ln1-32])”).   
 	Subbiah et al. is short of expressly teaching “obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port” and “determining that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic”.
	Miyauchi discloses an information processing apparatus of a storage system with the following features: regarding claim 1, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; determining that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic (Fig. 5, a block diagram illustrating functions of the server of the second embodiment, see teachings in [0068-0076 & 0079-0081] summarized as “obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; determining that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic (i.e. system comprising of server 100 (host device) coupled to a fibre channel switch 200 coupled to a storage apparatus 300 (target device), server data controller 111 of the server 100 performs transmission and reception of data with the storage apparatus 300 having a storage region allocated to the server 100 by the fibre channel physical port 112 or a virtual port set at the fibre channel physical port 112, wherein a hardware configuration of the fibre channel switch 200 (fig. 4) has a CPU 201, host bus adapters 202a, 202b, 202c, and 202d, a switch card 203, a table storage memory 204, a port monitoring unit 205, a LAN port 206, a service processor 207, and a bus 208, and each of the host bus adapters 202a, 202b, 202c, and 202d monitors its communication port and acquires a frame of the server 100 at  the ingress port ports, as  port monitoring unit 205 monitors the communication ports of the host bus adapters 202a, 202b, 202c, and 202d and detects the occurrence of anomaly and trouble in the communication ports and communication passages connected, as a result the data communicated by the host device 100, received at the fibre channel physical port 212a is not transmitted or restricted and the host device 100 is not allowed to use a storage region which is not allocated or assigned to it)”). 
It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Subbiah et al. by using the features as taught by Miyauchi in order to provide a more effective and efficient system that is capable of obtaining sampled traffic ingresses at the switch port and restricting traffic to target device. The motivation of using these functions is that it is more cost effective and dynamic.
Regarding claim 8:
Subbiah et al. disclose large-scale, fiber channel storage networks with the following features: regarding claim 8, a Fibre Channel (FC) system for handling soft zoning violations, the system comprising: an FC switch; a processor coupled to the FC switch; and a non-transitory computer-readable medium comprising instructions that, when executed by the processor, cause steps to be performed, the steps comprising: assigning a first target device and an endpoint device that is coupled to a switch port of a Fibre Channel (FC) switch to one or more zones; in response to the endpoint device logging into the FC switch, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; obtaining from the sampled traffic a source identifier associated with the endpoint device and a destination identifier associated with a target device; using the source identifier and the destination identifier to determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones; and performing one or more actions to restrict the second traffic (Fig. 2, illustrates an example topology of a Fibre Channel network implementing a virtual FDISC remote login process, under some embodiments, see teachings in [col1 ln 66-67, col 2 ln 1, col 6 ln 1-38, 61-63, col 7 ln 36-43, 58-67. col 8 ln 1-7 & col 9 ln 33-38] summarized as “a Fibre Channel (FC) system for handling soft zoning violations, the system comprising: an FC switch; a processor coupled to the FC switch; and a non-transitory computer-readable medium comprising instructions that, when executed by the processor, cause steps to be performed, the steps comprising (i.e. each node in the network(s) comprises a computing device capable of executing software code to perform the processing steps described herein, wherein (fig. 8) shows a system block diagram of a computer system used to execute one or more software components of the present system, and zones can be implemented through either a hard or soft method that combine with two sets of attributes, name and port, wherein zoning is the partitioning of an FC fabric into smaller subsets to restrict interference, add security, and to simplify network management, and the soft zoning restricts only the fabric name service, to show only an allowed subset of devices  [col 6 ln 7-12 & col 9 ln 33-38]), assigning a first target device and an endpoint device that is coupled to a switch port of a Fibre Channel (FC) switch to one or more zones (i.e. zones define a membership group of the hosts and targets comprising the nodes in the system, in a network topology 200, Host H1 (endpoint device), connected to switch port of a fiber channel switch FCF1 to zones, wherein the zoning is the partitioning of an FC fabric into smaller subsets to restrict interference, add security, and to simplify network management [col 6 ln 1-14, ln 33-38]), in response to the endpoint device logging into the FC switch, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port (i.e. a mechanism that allows hosts connected to one FCF switch to login to targets connected to different FCF switches, zoning can be applied to either the switch port a device is connected to, or the WWN on the host being connected (name zoning),  Port-based zoning restricts traffic flow based on the specific switch port to which a device is connected, in response to login of the host H1, host address translation table will be used to translate the address for all subsequent traffic originated at Host H1) and ingresses at the port F1[col1 ln 66-67, col 2 ln 1, col 6 ln 20-32 ]), obtaining from the sampled traffic a source identifier associated with the endpoint device and a destination identifier associated with a target device (i.e. each FCF is assigned a respective domain like domain 11, domain 22, and domain 33 (fig. 3), and after the FIP login process, Host H1 is assigned an allotted fiber channel ID (FCID) and MAC address like FCID: 11-F1-00 and MAC: H1-FCOE-MAC1, a host address translation table is formed that contains a mapping of the host's FCID, FCOE MAC addresses, , when the Host H1 is logged in to FCF1, it extracts the ID of the Host H1 (endpoint device identifier) and the destination address associated with the target devices T1, T2 or T3 [col 6 ln 61-63, col 7 ln 36-43, 58-67 & col 8 ln 1-7]), using the source identifier and the destination identifier to determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones; and performing one or more actions to restrict the second traffic (i.e. the FCF1 to which Host H1 is connected, examines the source address (FCID) and the destination address for target device (T1, T2 or T3), and if finds that the traffic is intended for a target device which has not been assigned the zone, the FCF1 restricts traffic flow based on the determination [col 5 ln 61-67 & col 6 ln1-32])”).
	Subbiah et al. is short of expressly teaching “obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port”; and “determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones; and performing one or more actions to restrict the second traffic”.
	Subbiah et al. also do not expressly disclose the following features: regarding claim 11, wherein the first and second target devices are storage devices.
	Miyauchi discloses an information processing apparatus of a storage system with the following features: regarding claim 8, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; and determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones; and performing one or more actions to restrict the second traffic (Fig. 5, a block diagram illustrating functions of the server of the second embodiment, see teachings in [0068-0076 & 0079-0081] summarized as “obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; and determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones; and performing one or more actions to restrict the second traffic (i.e. system comprising of server 100 (host device) coupled to a fibre channel switch 200 coupled to a storage apparatus 300 (target device), server data controller 111 of the server 100 performs transmission and reception of data with the storage apparatus 300 having a storage region allocated to the server 100 by the fibre channel physical port 112 or a virtual port set at the fibre channel physical port 112, wherein a hardware configuration of the fibre channel switch 200 (fig. 4) has a CPU 201, host bus adapters 202a, 202b, 202c, and 202d, a switch card 203, a table storage memory 204, a port monitoring unit 205, a LAN port 206, a service processor 207, and a bus 208, and each of the host bus adapters 202a, 202b, 202c, and 202d monitors its communication port and acquires a frame of the server 100 at  the ingress port ports, as  port monitoring unit 205 monitors the communication ports of the host bus adapters 202a, 202b, 202c, and 202d and detects the occurrence of anomaly and trouble in the communication ports and communication passages connected, as a result the data communicated by the host device 100, received at the fibre channel physical port 212a is not transmitted or restricted and the host device 100 is not allowed to use a storage region which is not allocated or assigned to it)”).
 	Miyauchi also discloses the following features: regarding claim 11, wherein the first and second target devices are storage devices (Fig. 2, illustrates a system configuration of a second embodiment, see teachings in [0050-0051] summarized as “as illustrated in the fig. the system comprising of a plurality of two servers 100 and 100a, one fibre channel switch 200 and two target storage devices 310 and 310a”).
It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Subbiah et al. by using the features as taught by Miyauchi in order to provide a more effective and efficient system that is capable of obtaining sampled traffic ingresses at the switch port and restricting traffic to target device. The motivation of using these functions is that it is more cost effective and dynamic.
Regarding claim 14:
Subbiah et al. disclose large-scale, fibre channel storage networks with the following features: regarding claim 14, a non-transitory computer-readable medium or media comprising one or more sequences of instructions which, when executed by at least one processor, causes steps to be performed comprising: assigning a first target device and an endpoint device that is coupled to a switch port of a Fibre Channel (FC) switch to one or more zones; in response to the endpoint device logging into the FC switch, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; obtaining from the sampled traffic a source identifier associated with the endpoint device and a destination identifier associated with a target device; and using the source identifier and the destination identifier to determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic (Fig. 2, illustrates an example topology of a Fibre Channel network implementing a virtual FDISC remote login process, under some embodiments, see teachings in [col1 ln 66-67, col 2 ln 1, col 6 ln 1-38, 61-63, col 7 ln 36-43, 58-67. col 8 ln 1-7 & col 9 ln 33-38] summarized as “a non-transitory computer-readable medium or media comprising one or more sequences of instructions which, when executed by at least one processor, causes steps to be performed comprising (i.e. each node in the network(s) comprises a computing device capable of executing software code to perform the processing steps described herein, wherein (fig. 8) shows a system block diagram of a computer system used to execute one or more software components of the present system, and zones can be implemented through either a hard or soft method that combine with two sets of attributes, name and port wherein zoning is the partitioning of an FC fabric into smaller subsets to restrict interference, add security, and to simplify network management, and the soft zoning restricts only the fabric name service, to show only an allowed subset of devices  [col 6 ln 7-12 & col 9 ln 33-38]), assigning a first target device and an endpoint device that is coupled to a switch port of a Fibre Channel (FC) switch to one or more zones (i.e. zones define a membership group of the hosts and targets comprising the nodes in the system, in a network topology 200, Host H1 (endpoint device), connected to switch port of a fiber channel switch FCF1 to zones, wherein the zoning is the partitioning of an FC fabric into smaller subsets to restrict interference, add security, and to simplify network management [col 6 ln 1-14, ln 33-38]), in response to the endpoint device logging into the FC switch, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port (i.e. a mechanism that allows hosts connected to one FCF switch to login to targets connected to different FCF switches, zoning can be applied to either the switch port a device is connected to, or the WWN on the host being connected (name zoning),  Port-based zoning restricts traffic flow based on the specific switch port to which a device is connected, in response to login of the host H1, host address translation table will be used to translate the address for all subsequent traffic originated at Host H1) and ingresses at the port F1[col1 ln 66-67, col 2 ln 1, col 6 ln 20-32 ]), obtaining from the sampled traffic a source identifier associated with the endpoint device and a destination identifier associated with a target device (i.e. each FCF is assigned a respective domain like domain 11, domain 22, and domain 33 (fig. 3), and after the FIP login process, Host H1 is assigned an allotted fiber channel ID (FCID) and MAC address like FCID: 11-F1-00 and MAC: H1-FCOE-MAC1, a host address translation table is formed that contains a mapping of the host's FCID, FCOE MAC addresses, , when the Host H1 is logged in to FCF1, it extracts the ID of the Host H1 (endpoint device identifier) and the destination address associated with the target devices T1, T2 or T3 [col 6 ln 61-63, col 7 ln 36-43, 58-67 & col 8 ln 1-7]), and using the source identifier and the destination identifier to determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic (i.e. the FCF1 to which Host H1 is connected, examines the source address (FCID) and the destination address for target device (T1, T2 or T3), and if finds that the traffic is intended for a target device which has not been assigned the zone, the FCF1 restricts traffic flow based on the determination [col 5 ln 61-67 & col 6 ln1-32])”).
 	Subbiah et al. is short of expressly teaching “obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port” and  “determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic”.
	Miyauchi discloses an information processing apparatus of a storage system with the following features: regarding claim 14, obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic (Fig. 5, a block diagram illustrating functions of the server of the second embodiment, see teachings in [0068-0076 & 0079-0081] summarized as “obtaining sampled traffic that originates at the endpoint device and ingresses at the switch port; determine that the sampled traffic comprises a second traffic that is intended for a second target device that has not been assigned to the one or more zones, performing one or more actions to restrict the second traffic (i.e. system comprising of server 100 (host device) coupled to a fibre channel switch 200 coupled to a storage apparatus 300 (target device), server data controller 111 of the server 100 performs transmission and reception of data with the storage apparatus 300 having a storage region allocated to the server 100 by the fibre channel physical port 112 or a virtual port set at the fibre channel physical port 112, wherein a hardware configuration of the fibre channel switch 200 (fig. 4) has a CPU 201, host bus adapters 202a, 202b, 202c, and 202d, a switch card 203, a table storage memory 204, a port monitoring unit 205, a LAN port 206, a service processor 207, and a bus 208, and each of the host bus adapters 202a, 202b, 202c, and 202d monitors its communication port and acquires a frame of the server 100 at  the ingress port ports, as  port monitoring unit 205 monitors the communication ports of the host bus adapters 202a, 202b, 202c, and 202d and detects the occurrence of anomaly and trouble in the communication ports and communication passages connected, as a result the data communicated by the host device 100, received at the fibre channel physical port 212a is not transmitted or restricted and the host device 100 is not allowed to use a storage region which is not allocated or assigned to it)”). 
It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Subbiah et al. by using the features as taught by Miyauchi in order to provide a more effective and efficient system that is capable of obtaining sampled traffic ingresses at the switch port and restricting traffic to target device. The motivation of using these functions is that it is more cost effective and dynamic.

Claims 3, 13 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Subbiah et al. (US 10,230,688 B1) in view of Miyauchi (US 2013/0212209 A1) as applied to claims 1, 8 and 14 above, and further in view of Dhanadevan et al. (US 2019/0319846 A1).

Subbiah et al. and Miyauchi disclose the claimed limitations as described in paragraph 6 above. Subbiah et al. and Miyauchi do not expressly disclose the following features: regarding claim 3, wherein the step of obtaining the sampled traffic comprises monitoring one or more ports of the endpoint device; regarding claim 13, wherein the step of obtaining the sampled traffic comprises monitoring one or more ports of the endpoint device; regarding claim 16, wherein the step of obtaining the sampled traffic comprises monitoring one or more ports of the endpoint device.
Dhanadevan et al. disclose a method and system for automatically updating of zoning information in a SAN with the following features: regarding claim 3, wherein the step of obtaining the sampled traffic comprises monitoring one or more ports of the endpoint device (Fig. 1, a block diagram of an example computing environment for automatically updating zoning information in a SAN, see teachings in [0012, 0016 & 0027] summarized as “computing environment 100 may include a host device 102, a network switching device (FC switch) 104, and a target device 106 wherein the host device 102 communicatively coupled to target device 106 via the network switching device 104, detection engine 120 may continuously or periodically monitor the port on network switching device 104 where host device 102 had logged in through WWPN-A, detection engine 120 may now actively listen for any new host login at the port”); regarding claim 13, wherein the FC switch monitors one or more ports of the endpoint device to obtain the sampled traffic (Fig. 1, a block diagram of an example computing environment for automatically updating zoning information in a SAN, see teachings in [0012, 0016 & 0027] summarized as “computing environment 100 may include a host device 102, a network switching device (FC switch) 104, and a target device 106 wherein the host device 102 communicatively coupled to target device 106 via the network switching device 104, detection engine 120 may continuously or periodically monitor the port on network switching device 104 where host device 102 had logged in through WWPN-A, detection engine 120 may now actively listen for any new host login at the port”); regarding claim 16, wherein the step of obtaining the sampled traffic comprises monitoring one or more ports of the endpoint device (Fig. 1, a block diagram of an example computing environment for automatically updating zoning information in a SAN, see teachings in [0012, 0016 & 0027] summarized as “computing environment 100 may include a host device 102, a network switching device (FC switch) 104, and a target device 106 wherein the host device 102 communicatively coupled to target device 106 via the network switching device 104, detection engine 120 may continuously or periodically monitor the port on network switching device 104 where host device 102 had logged in through WWPN-A, detection engine 120 may now actively listen for any new host login at the port”).
	It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Subbiah et al. with Miyauchi by using the features as taught by Dhanadevan et al. in order to provide a more effective and efficient system that is capable of monitoring one or more ports of the endpoint device. The motivation of using these functions is that it is more cost effective and dynamic.

Claims 4, 12 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Subbiah et al. (US 10,230,688 B1) in view of Miyauchi (US 2013/0212209 A1) as applied to claims 1, 8 and 14 above, and further in view of Obulisami et al. (US 2018/0343197 A1).

Subbiah et al. and Miyauchi disclose the claimed limitations as described in paragraph 6 above. Subbiah et al. and Miyauchi do not expressly disclose the following features: regarding claim 4, wherein the one or more actions comprise configuring access control list (ACL) entries such as to deny permission to one or more ports of the endpoint device to access the second target device; regarding claim 12, wherein the processor configures an access control list (ACL) such as to deny permission to one or more ports of the endpoint device to access the second target device; regarding claim 17, wherein the one or more actions comprise configuring access control list (ACL) entries such as to deny permission to one or more ports of the endpoint device to access the second target device.
Obulisami et al. disclose a method and system for providing link level fault tolerance for fibre channel with the following features: regarding claim 4, wherein the one or more actions comprise configuring access control list (ACL) entries such as to deny permission to one or more ports of the endpoint device to access the second target device (Fig. 2, a schematic view illustrating an embodiment of a link aggregation FCoE system, see teachings in [0030-0034] summarized as “FSB device 220 may each be a Fibre Channel switch device that is configured to snoop FIP packets during discovery and login in order to implement dynamic data integrity mechanisms by using Access Control Lists (ACLs) for denying or allowing to ensure that only valid FCoE traffic is allowed through the port of host device; regarding claim 12, wherein the processor configures an access control list (ACL) such as to deny permission to one or more ports of the endpoint device to access the second target device (Fig. 2, a schematic view illustrating an embodiment of a link aggregation FCoE system, see teachings in [0030-0034] summarized as “FSB device 220 may each be a Fibre Channel switch device that is configured to snoop FIP packets during discovery and login in order to implement dynamic data integrity mechanisms by using Access Control Lists (ACLs) for denying or allowing to ensure that only valid FCoE traffic is allowed through the port of host device; regarding claim 17, wherein the one or more actions comprise configuring access control list (ACL) entries such as to deny permission to one or more ports of the endpoint device to access the second target device (Fig. 2, a schematic view illustrating an embodiment of a link aggregation FCoE system, see teachings in [0030-0034] summarized as “FSB device 220 may each be a Fibre Channel switch device that is configured to snoop FIP packets during discovery and login in order to implement dynamic data integrity mechanisms by using Access Control Lists (ACLs) for denying or allowing to ensure that only valid FCoE traffic is allowed through the port of host device.
It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Subbiah et al. with Miyauchi by using the features as taught by Obulisami et al. in order to provide a more effective and efficient system that is capable of configuring access control list entries such as to deny permission to one or more ports. The motivation of using these functions is that it is more cost effective and dynamic.

Claims 5, 9 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Subbiah et al. (US 10,230,688 B1) in view of Miyauchi (US 2013/0212209 A1) as applied to claims 1, 8 and 14 above, and further in view of Bharadwaj et al. (US 2017/0187627 A1).

Subbiah et al. and Miyauchi disclose the claimed limitations as described in paragraph 6 above. Subbiah et al. and Miyauchi do not expressly disclose the following features: regarding claim 5, wherein the one or more actions comprise shutting down one or more ports of the endpoint device that sent at least some of the second traffic; regarding claim 9, the FC switch instructs a device coupled to the endpoint device to cause the endpoint device to shut down one or more ports of the endpoint device that sent at least some of the second traffic; regarding claim 18, wherein the one or more actions comprise shutting down one or more ports of the endpoint device that sent at least some of the second traffic.
Bharadwaj et al. disclose a method of monitoring a port connected to a server to detect a traffic flow with the following features: regarding claim 5, wherein the one or more actions comprise shutting down one or more ports of the endpoint device that sent at least some of the second traffic (Fig. 1A, a simplified block diagram of an FC network environment in which a technique for mitigating the effects of slow drain or stuck VMs in accordance with embodiments described herein may be implemented, see teachings in [0014 & 0018] summarized as “the network 10 includes an FC switch 12 interconnecting a server 14 to a target 16, which in the illustrated embodiment comprises a SAN device.  A single I/O connection 18 is provided between the FC switch 12 and the server 14, device is then quarantined form the network by configuring port monitor policies with such actions like disabling port of the server (endpoint) 14 to the fibre channel switch 12”); regarding claim 9, the FC switch instructs a device coupled to the endpoint device to cause the endpoint device to shut down one or more ports of the endpoint device that sent at least some of the second traffic (Fig. 1A, a simplified block diagram of an FC network environment in which a technique for mitigating the effects of slow drain or stuck VMs in accordance with embodiments described herein may be implemented, see teachings in [0014 & 0018] summarized as “the network 10 includes an FC switch 12 interconnecting a server 14 to a target 16, which in the illustrated embodiment comprises a SAN device.  A single I/O connection 18 is provided between the FC switch 12 and the server 14, device is then quarantined form the network by configuring port monitor policies with such actions like disabling port of the server (endpoint) 14 to the fibre channel switch 12”); regarding claim 18, wherein the one or more actions comprise shutting down one or more ports of the endpoint device that sent at least some of the second traffic (Fig. 1A, a simplified block diagram of an FC network environment in which a technique for mitigating the effects of slow drain or stuck VMs in accordance with embodiments described herein may be implemented, see teachings in [0014 & 0018] summarized as “the network 10 includes an FC switch 12 interconnecting a server 14 to a target 16, which in the illustrated embodiment comprises a SAN device.  A single I/O connection 18 is provided between the FC switch 12 and the server 14, device is then quarantined form the network by configuring port monitor policies with such actions like disabling port of the server (endpoint) 14 to the fibre channel switch 12”).
It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Subbiah et al. with Miyauchi by using the features as taught by Bharadwaj et al. in order to provide a more effective and efficient system that is capable of shutting down one or more ports of the endpoint device. The motivation of using these functions is that it is more cost effective and dynamic.
Claims 6-7, 10 and 19-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Subbiah et al. (US 10,230,688 B1) in view of Miyauchi (US 2013/0212209 A1) and Bharadwaj et al. (US 2017/0187627 A1) as applied to claims 1, 8 and 14 above, and further in view of Shanbhag et al. (US 2005/0198523 A1).

Subbiah et al., Miyauchi and Bharadwaj et al. disclose the claimed limitations as described in paragraph 6 above. Miyauchi discloses the following features: regarding claim 7, wherein the condition comprises at least one of a condition associated with the second traffic or a waiting period (Fig. 5, a block diagram illustrating functions of the server of the second embodiment, see teachings in [0068-0076 & 0079-0081] summarized as “port monitoring unit 205 monitors the communication ports of the host bus adapters 202a, 202b, 202c, and 202d and detects the occurrence of anomaly and trouble in the communication ports with the second traffic”); regarding claim 20, wherein the condition comprises at least one of a condition associated with the second traffic or a waiting period (Fig. 5, a block diagram illustrating functions of the server of the second embodiment, see teachings in [0068-0076 & 0079-0081] summarized as “port monitoring unit 205 monitors the communication ports of the host bus adapters 202a, 202b, 202c, and 202d and detects the occurrence of anomaly and trouble in the communication ports with the second traffic”)
Subbiah et al., Miyauchi and Bharadwaj et al. do not expressly disclose the following features: regarding claim 6, further comprising, in response to a condition, reactivating the one or more ports of the endpoint device that sent at least some of the second traffic; regarding claim 19, further comprising, in response to a condition, reactivating the one or more ports of the endpoint device that sent at least some of the second traffic.
Shanbhag et al. disclose an Isolation switch for fibre channel fabrics in storage                         area networks with the following features: regarding claim 6, further comprising, in response to a condition, reactivating the one or more ports of the endpoint device that sent at least some of the second traffic (Fig. 7, depicts a fabric initialization and login procedure according to the present invention, see teachings in [0056-0057] summarized as “if the switches in fabrics A and B 108A and 108B have not completed fabric initialization at this time, the isolation switch blade 100 is connected to them (i.e. not yet obtained their domain IDs), they may disable the port on which they receive the FLOGI.  Once the domain id has been assigned, they may re-enable the port.  As a result, the enterprise fabrics 108 have an opportunity to quiescent before they respond to the isolation switch blade 100 FLOGIs, since the isolation switch blade 100 is attempting to connect as a device and not as a switch”); regarding claim 10, wherein the FC switch, in response to one of a condition associated with the second traffic or a waiting period, causes the one or more ports of the endpoint device that sent at least some of the second traffic to be reactivated (Fig. 7, depicts a fabric initialization and login procedure according to the present invention, see teachings in [0056-0057] summarized as “if the switches in fabrics A and B 108A and 108B have not completed fabric initialization at this time, the isolation switch blade 100 is connected to them (i.e. not yet obtained their domain IDs), they may disable the port on which they receive the FLOGI.  Once the domain id has been assigned, they may re-enable the port.  As a result, the enterprise fabrics 108 have an opportunity to quiescent before they respond to the isolation switch blade 100 FLOGIs, since the isolation switch blade 100 is attempting to connect as a device and not as a switch”); regarding claim 19, further comprising, in response to a condition, reactivating the one or more ports of the endpoint device that sent at least some of the second traffic (Fig. 7, depicts a fabric initialization and login procedure according to the present invention, see teachings in [0056-0057] summarized as “if the switches in fabrics A and B 108A and 108B have not completed fabric initialization at this time, the isolation switch blade 100 is connected to them (i.e. not yet obtained their domain IDs), they may disable the port on which they receive the FLOGI.  Once the domain id has been assigned, they may re-enable the port.  As a result, the enterprise fabrics 108 have an opportunity to quiescent before they respond to the isolation switch blade 100 FLOGIs, since the isolation switch blade 100 is attempting to connect as a device and not as a switch”).
It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Subbiah et al. with Miyauchi and Bharadwaj et al. by using the features as taught by Shanbhag et al. in order to provide a more effective and efficient system that is capable of shutting down one or more ports of the endpoint device. The motivation of using these functions is that it is more cost effective and dynamic.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED M BOKHARI whose telephone number is (571)270-3115. The examiner can normally be reached Monday through Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kwang B Yao can be reached on 5712723182. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/SYED M BOKHARI/            Examiner, Art Unit 2473
6/11/2022         
/KWANG B YAO/Supervisory Patent Examiner, Art Unit 2473