DETAILED ACTION
	This application has been examined. Claims 21-35,37-42 are pending. Claims 1-20,36 are cancelled.
 
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions.  
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 2/17/2022 has been entered.
 
Response to Arguments
Applicant's arguments filed 2/17/2022 have been fully considered but they are moot in view of the new grounds for rejection.   

Lappas-Nguyen-Renzi disclosed (re. Claim 21) {v) a third permission authorizing the specified task management software (Renzi-Paragraph 493, based upon the user's approval, a generic controller installer is packaged and deployed to the client system which the user has decided to protect ) to operate on the second computing hardware (Renzi-Paragraph 174, Paragraph 306, Low-level policies are detailed rules for the operation of specific devices or network connections.  ) 

(b) executing the specified network management software on the first
computing hardware ( Lappas-Column 7 Lines 35-40 , front-end manager 110 of some embodiments allows users the ability to specify a desired software configuration (e.g., to specify operating systems, anti-virus protection, anti-spam protection, applications, etc.) to operate in conjunction with the specified hardware configuration , Column 17 Lines 35-40 , a server can have different applications running on it ,Column 37 Lines 55-60, server icon 2725 displays a symbol 2735 that indicates that the web server is operating on a windows operating system) based on the first permission authorizing the specified network
management software to operate on the first computing hardware and the second permission authorizing the specified network management software to collect information from the computing network: (Renzi-Paragraph 295,Policy Implementer includes a number of items that collectively provide the requisite functionality to deliver an implementation of an automated breach detection, data collection, and/or enforcement mechanism required for some sliver of an issue-specific or system-specific policy and provides traceability sufficient to meet appropriate program-level policies)


(c) executing the specified task management software on the second
computing hardware based on the third permission authorizing the specified task management software to operate on the second computing hardware: (Lappas-Column Lines, The load balancer icon is a graphical representation of the load balancer. The status identifier indicates 1810 whether the load balancer is running )

(d) the network management arrangement at least one processor detecting a failure event associated with the specified network management software; (Lappas-Column 37Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  

(e) the network management arrangement at least one processor determining a failure condition associated with the detected failure event (Lappas-Column 37Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  and further determining a remediation action for restoring network management arrangement operating functionality; (Lappas- Column 36 Lines 45-65 , providing the reconfiguration functionality,   as illustrated in FIG. 39C, to reassign and physically allocate the web server on the failing node to a different functional node with sufficient resources to service the reassigned and reallocated components. In FIG. 39C, the web server on failing nodes 3910 is reconfigured to be assigned and allocated to the functional node 3920, Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  and

(f) the task management software at least one processor performing the determined at least one remediation mitigation action in response to the determined failure condition to thereby restore the operating functionality of the network management arrangement. (Lappas- Column 36 Lines 45-65 , providing the reconfiguration functionality,   as illustrated in FIG. 39C, to reassign and physically allocate the web server on the failing node to a different functional node with sufficient resources to service the reassigned and reallocated components. In FIG. 39C, the web server on failing nodes 3910 is reconfigured to be assigned and allocated to the functional node 3920, Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  


The Applicant presents the following argument(s) [in italics]:
 	… In Lappas, the RBAC controls what the user can request, not what the back end can do. Accordingly, what the Office Action equates in Lappas to a “trust domain” does not include network management software and does not manage the network.  …
The Examiner respectfully disagrees with the Applicant.
Lappas Column 7 Lines 35-40 disclosed wherein front-end manager 110  allows users the ability to specify a desired software configuration (e.g., to specify operating systems, anti-virus protection, anti-spam protection, applications, etc.) to operate in conjunction with the specified hardware configuration )  
The Applicant Remarks appear to imply wherein the front end and back end are operated separately and independently such that the RBAC implemented by the front end ultimately has no control over what is implemented on the back end.  The Examiner does not agree with the Applicant characterization of the prior art. 
The Lappas deployment manager provision and allocate an array of hardware nodes 140 to multiple users according to the RBAC front-end. Lappas Column 8 Lines 105 disclosed wherein a logical assignment for a user-specified configuration is considering (1) the unallocated resources of the hardware nodes, (2) the behavioral characteristics of the specified configuration, (3) the individual characteristics associated with each user.

The Applicant presents the following argument(s) [in italics]:
 	… the Office Action does not explain how Lappas’ user permissions could be modified to use Renzi’s “policy implementer” as part of the claimed “trust domain.” …It does not answer how Lappas’ user permissions should be modified to use Renzi’s “policy implementer”.     …
The Examiner respectfully disagrees with the Applicant. 
The Examiner notes wherein the Lappas RBAC front-end user permissions may be used as input to the Renzi policy implementer such that the Renzi command and control system would connect the point solution results to appropriate people such as security administrators and/or Chief Security Officers (CSOs). Furthermore the Lappas RBAC front-end user permissions may be used as input to the Renzi policy implementer for managing the installed agents. (Renzi-Figure 2,Paragraph 527)

The Applicant presents the following argument(s) [in italics]:
 	…  Lappas, Nguyen and Renzi cannot be combined in the manner the Examiner alleges to obtain applicant’s claimed subject matter… It is not clear how either Nguyen or Renzi could be used to modify Lappas’ web server platform or why one skilled
in the art would have made any such modification.  …
The Examiner respectfully disagrees with the Applicant. 
The Examiner does not agree that Lappas, Nguyen and Renzi cannot be combined to obtain applicant’s claimed subject matter. The Examiner note that the combination of the elements from the prior art does not cause the individual prior art disclosures and components to be inoperable. 

The Applicant presents the following argument(s) [in italics]:
 	…  The network monitoring mechanisms of Nguyen and Renzi do not seem to be applicable to Lappas’ website hosting services and platform.  …
The Examiner respectfully disagrees with the Applicant. 
The network monitoring mechanisms of Nguyen and Renzi are readily applicable to Lappas’ website hosting services and platform

The Applicant presents the following argument(s) [in italics]:
 	… Lappas, Nguyen and Renzi cannot be combined in the manner the Examiner alleges to address the problem applicant is solving, namely: support[ing] flexible trust configurations so as to allow monitoring and management of a given network by a plurality of entities (e.g. IT departments, ISPs or network support companies) without
permitting all to have full access to the network and related data. …
The Examiner respectfully disagrees with the Applicant. 
 The Lappas deployment manager provisions and allocates an array of hardware nodes 140 to multiple users according to the RBAC front-end. Lappas Column 8 Lines 105 disclosed wherein a logical assignment for a user-specified configuration is considering (1) the unallocated resources of the hardware nodes, (2) the behavioral characteristics of the specified configuration, (3) the individual characteristics associated with each user.
 	  Renzi Paragraph 467-Paragraph 475 disclosed a protection service, and a process of sanctioning of customized protection services and deployment of sanctioned/licensed protection services on devices.

The Applicant presents the following argument(s) [in italics]:
 	…  Lappas’ control mechanism is not a permission… Lappas’ approach will not work on a platform on which the network manager doesn’t control everything.
Lappas also does not include security credentials effective for managing the deployment, only for access to the configuration manager. The configuration is passed from the configuration manager to the backend deployment manager, which has rights on all the hardware. Because Lappas software has rights to execute on all hardware, there is no distributed trust issue…
The Examiner respectfully disagrees with the Applicant. 
The Examiner does not agree with the characterization of the prior art.  Lappas does not allow users/ software  to execute on all hardware.
Lappas Column 2 Lines 50-55,Column 25 Lines 1-25 disclosed wherein the front-end manager requires security credentials effective for managing the deployment, such as username and password wherein there are different users that specify different configurations that utilize different amounts of resources. The front-end logic provides access to the set of controls based on a role associated with the specified username.  

Priority
	 This application claims benefits of priority from Provisional Application 61/104426 filed October 10, 2008. 
	The effective date of the claims described in this application is October 10, 2008.
  
Specification
The specification is objected to as failing to provide proper antecedent basis for the claimed subject matter.  See 37 CFR 1.75(d)(1) and MPEP § 608.01(o).  Correction of the following is required:  
Claims 22 recite limitations regarding wherein ‘ the at least one specification further specifies a further network management software ’.
The claim or claims must conform to the invention as set forth in the remainder of the specification and the terms and phrases used in the claims must find clear support or antecedent basis in the description so that the meaning of the terms in the claims may be ascertainable by reference to the description.




	 Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

Claims 21-22,28-33,35 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Lappas (US Patent 8046694) further in view of Nguyen (USPGPUB 2010/0082803) further in view of Renzi (USPGPUB 2007/0180490).
In regard to Claim 21
Lappas disclosed wherein deployment manager 150 automatedly allocates the logical assignment across one or more of the physical hardware nodes 140. The deployment manager 150 acts as a virtualization manager to emulate the single server configuration as if it existed on a single hardware node, even though the deployment manager 150 may physically leverage the resources of multiple nodes to implement the single configuration.
Lappas Column 36 Lines 45-65 disclosed providing the reconfiguration functionality,   as illustrated in FIG. 39C, to reassign and physically allocate the web server on the failing node to a different functional node with sufficient resources to service the reassigned and reallocated components. In FIG. 39C, the web server on failing nodes 3910 is reconfigured to be assigned and allocated to the functional node 3920.
Lappas disclose (re. Claim 21) a method comprising:
(a)    deploying as part of a computing network comprising first and second computing hardware and at least one processor, (Lappas- deployment manager 150 automatedly allocates the logical assignment across one or more of the physical hardware nodes 140 )  a network management arrangement including at the least one processor , a network management software, task management software and at least one specification that defines membership and/or privileges associated with at least one trust domain, (Lappas-Column 6 Lines 40-55, user account with associated server configuration and usage information , Column 10 Lines 60-64,servers organized into several tiers, where each tier represents a layer in a server configuration) comprising plural objects including the  first network management software and the task manager software,  the at least one specification specifying at least:
a first  management software, (Lappas-Column 7 Lines 35-40 , front-end manager 110 of some embodiments allows users the ability to specify a desired software configuration (e.g., to specify operating systems, anti-virus protection, anti-spam protection, applications, etc.) to operate in conjunction with the specified hardware configuration ) that collects operational metrics from the computing network and manages the computer network in response to collected operational metrics, the at least one specification specifying:
 a first permission authorizing a network management software to operate on the first computing hardware (Lappas-Column 10 Lines 20-30, grid of hardware nodes 140 include several distinct physical servers or clusters of servers… a first grouping or cluster of nodes are used to implement the load balancing servers  )    (Lappas-Column 7 Lines 35-40 , front-end manager 110 of some embodiments allows users the ability to specify a desired software configuration (e.g., to specify operating systems, anti-virus protection, anti-spam protection, applications, etc.) to operate in conjunction with the specified hardware configuration )
a task manager software, (Lappas-Column 10 Lines 20-30, a first grouping or cluster of nodes implement the load balancing servers  , Column 10 Lines 60-64,servers organized into several tiers, where each tier represents a layer in a server configuration. In other words, each tier represents a logical application layer (such as a load balancing layer, a web server layer, an application server layer, a database server layer) )  that manages tasks the first network management software performs and
second computing hardware upon which the task manager software is authorized
to operate; (Lappas-Column 10 Lines 20-30, grid of hardware nodes 140 include several distinct physical servers or clusters of servers… a second grouping of cluster of nodes are used to implement other server components (e.g., web servers, database servers)  
(b)    executing the specified first  management software  on the specified first computing hardware; ( Lappas-Column 7 Lines 35-40 , front-end manager 110 of some embodiments allows users the ability to specify a desired software configuration (e.g., to specify operating systems, anti-virus protection, anti-spam protection, applications, etc.) to operate in conjunction with the specified hardware configuration , Column 17 Lines 35-40 , a server can have different applications running on it ,Column 37 Lines 55-60, server icon 2725 displays a symbol 2735 that indicates that the web server is operating on a windows operating system) 
(c)    executing the specified task manager software on the specified second computing hardware;(Lappas-Column Lines, The load balancer icon is a graphical representation of the load balancer. The status identifier indicates 1810 whether the load balancer is running ) 
(d)    detecting a failure event associated with the specified first  management software; (Lappas-Column 36 Lines 30-45, in the event of a node failure, the particular component or functionality provided by the failing node will be lost )
(e)    determining a failure condition associated with the detected failure event; (Lappas-Column 37Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  and
(f)  (Lappas- Column 36 Lines 45-65 , providing the reconfiguration functionality,   as illustrated in FIG. 39C, to reassign and physically allocate the web server on the failing node to a different functional node with sufficient resources to service the reassigned and reallocated components. In FIG. 39C, the web server on failing nodes 3910 is reconfigured to be assigned and allocated to the functional node 3920, Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  
 	While Lappas substantially disclosed the claimed invention Lappas does not disclose (re. Claim 21 ) specifying a first network management software and executing the specified first network management software.
 	While Lappas  substantially disclosed the claimed invention Lappas  does not disclose (re. Claim 21) a second permission authorizing the specified network management software to collect information from the computing network

While Lappas  substantially disclosed the claimed invention Lappas  does not disclose (re. Claim 21) deploying software that collects operational metrics from the computing network and manages the computer network in response to collected operational metrics.

 	Nguyen Paragraph 38 disclosed flexible compliance system may deploy the lightweight software agent described herein to execute on various computer systems within the organization. In addition, this step may include providing notifications to end users and enforcement systems, forced patching, isolating a system from the network, handling exceptions (e.g., systems that have a legitimate reason for non-compliance), and taking measures to prevent reoccurrences. In block 270, the process repeats in a continues series of reviewing policies and standards, reviewing industry guidelines, updating baseline requirements, re-evaluating the organization's environment, and ensure compliance of computer systems and other resources within the organization.
 	Nguyen Paragraph 25 disclosed wherein health verification component 150 can be part of the agent component 140 or a separate component. The agent deployment component 130 may provide the health verification component 150 with rules from the rule data store 110 that the health verification component 150 is expected to validate against a computer system. The health verification component 150 compares the computer system to each compliance rule to determine whether the computer system satisfies the compliance rule.
 	Nguyen disclosed (re. Claim 21 ) specifying a first network management software and executing the specified first network management software.( Nguyen- Paragraph 25, health verification component 150 can be part of the agent component 140 or a separate component. The agent deployment component 130 may provide the health verification component 150 with rules from the rule data store 110 that the health verification component 150 is expected to validate against a computer system. The health verification component 150 compares the computer system to each compliance rule to determine whether the computer system satisfies the compliance rule ) 

 	Lappas and  Nguyen are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Nguyen into Lappas.  The motivation for the said combination would have been to enable quarantining computer systems or perform other remediation steps to correct identified compliance problems and restore the health of computer systems within the organization. (Nguyen-Paragraph 38)
 	While Lappas-Nguyen substantially disclosed the claimed invention Lappas-Nguyen does not disclose (re. Claim 21) a second permission authorizing the first network management software to collect information from the computing network

While Lappas-Nguyen substantially disclosed the claimed invention Lappas-Nguyen does not disclose (re. Claim 21) deploying software that collects operational metrics from the computing network and manages the computer network in response to collected operational metrics.
Renzi Paragraph 295 disclosed wherein Policy Implementer includes a number of items that collectively provide the requisite functionality to deliver an implementation of an automated breach detection, data collection, and/or enforcement mechanism required for some sliver of an issue-specific or system-specific policy and provides traceability sufficient to meet appropriate program-level policies.
Renzi disclosed (re. Claim 21)  a second permission authorizing the first network management software to collect information from the computing network  (Renzi-Paragraph 295,Policy Implementer includes a number of items that collectively provide the requisite functionality to deliver an implementation of an automated breach detection, data collection, and/or enforcement mechanism required for some sliver of an issue-specific or system-specific policy and provides traceability sufficient to meet appropriate program-level policies)

Renzi disclosed (re. Claim 21) deploying software that collects operational metrics from the computing network (Renzi-Paragraph 295,Policy Implementer includes a number of items that collectively provide the requisite functionality to deliver an implementation of an automated breach detection, data collection, and/or enforcement mechanism required for some sliver of an issue-specific or system-specific policy and provides traceability sufficient to meet appropriate program-level policies) 
 and manages the computer network in response to collected operational metrics.(Renzi-Paragraph 695, reactions may trigger rules for deploying new software or updating existing software, new provisioning of the network, alteration or blocking of the network configuration, or a large number of other Defensive Reactions or Enforcement Actions. The workflow associated with the breach's initiation of an Alert or an Action is performed by the Workflow facility utilizing the AutoFunctions function ) 
 	Lappas,Nguyen and Renzi are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Renzi into Lappas-Nguyen.  The motivation for the said combination would have been to enable a coalescence facility to reduce the number of rows in the database and results in efficiency during the storing of data during high-speed data collection.(Renzi-Paragraph 699-700)

Lappas-Nguyen-Renzi disclosed (re. Claim 21) {v) a third permission authorizing the specified task management software (Renzi-Paragraph 493, based upon the user's approval, a generic controller installer is packaged and deployed to the client system which the user has decided to protect ) to operate on the second computing hardware (Renzi-Paragraph 174, Paragraph 306, Low-level policies are detailed rules for the operation of specific devices or network connections.  ) 

(b) executing the specified network management software on the first
computing hardware ( Lappas-Column 7 Lines 35-40 , front-end manager 110 of some embodiments allows users the ability to specify a desired software configuration (e.g., to specify operating systems, anti-virus protection, anti-spam protection, applications, etc.) to operate in conjunction with the specified hardware configuration , Column 17 Lines 35-40 , a server can have different applications running on it ,Column 37 Lines 55-60, server icon 2725 displays a symbol 2735 that indicates that the web server is operating on a windows operating system) based on the first permission authorizing the specified network
management software to operate on the first computing hardware and the second permission authorizing the specified network management software to collect information from the computing network: (Renzi-Paragraph 295,Policy Implementer includes a number of items that collectively provide the requisite functionality to deliver an implementation of an automated breach detection, data collection, and/or enforcement mechanism required for some sliver of an issue-specific or system-specific policy and provides traceability sufficient to meet appropriate program-level policies)


(c) executing the specified task management software on the second
computing hardware based on the third permission authorizing the specified task management software to operate on the second computing hardware: (Lappas-Column Lines, The load balancer icon is a graphical representation of the load balancer. The status identifier indicates 1810 whether the load balancer is running )

(d) the network management arrangement at least one processor detecting a failure event associated with the specified network management software; (Lappas-Column 37Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  

(e) the network management arrangement at least one processor determining a failure condition associated with the detected failure event (Lappas-Column 37Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  and further determining a remediation action for restoring network management arrangement operating functionality; (Lappas- Column 36 Lines 45-65 , providing the reconfiguration functionality,   as illustrated in FIG. 39C, to reassign and physically allocate the web server on the failing node to a different functional node with sufficient resources to service the reassigned and reallocated components. In FIG. 39C, the web server on failing nodes 3910 is reconfigured to be assigned and allocated to the functional node 3920, Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  and

(f) the task management software at least one processor performing the determined at least one remediation mitigation action in response to the determined failure condition to thereby restore the operating functionality of the network management arrangement. (Lappas- Column 36 Lines 45-65 , providing the reconfiguration functionality,   as illustrated in FIG. 39C, to reassign and physically allocate the web server on the failing node to a different functional node with sufficient resources to service the reassigned and reallocated components. In FIG. 39C, the web server on failing nodes 3910 is reconfigured to be assigned and allocated to the functional node 3920, Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  


In regard to Claim 22
 	Lappas-Nguyen-Renzi disclosed (re. Claim 22) the at least one specification further specifies a second network management software; ( Nguyen- Paragraph 25, health verification component 150 can be part of the agent component 140 or a separate component. The agent deployment component 130 may provide the health verification component 150 with rules from the rule data store 110 that the health verification component 150 is expected to validate against a computer system. The health verification component 150 compares the computer system to each compliance rule to determine whether the computer system satisfies the compliance rule ) and performing the at least one mitigation action includes the specified second network management software performing a network management task previously performed by the first network management software. (Lappas-Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  
In regard to Claim 28
 	Lappas-Nguyen-Renzi disclosed (re. Claim 28) wherein: determining the failure condition includes determining one or more network points of failure. (Nguyen-Paragraph 16, agent described herein running on the computer system may carry out automated remediation steps associated with the violated rule. For example, a rule that checks whether antivirus software is installed may specify automated remediation steps that download and install an antivirus software package used by the organization, Paragraph 25, the compliance rule may specify a registry key value, file version, or other computer system attribute that the health verification component 150 detects to determine if the rule is satisfied)  
In regard to Claim 29
 	Lappas-Nguyen-Renzi disclosed (re. Claim 29) wherein the at least one mitigation action includes the task manager software instantiating one or more additional network management software instances responsive to the determined one or more network points of failure.(Lappas-Column 9 Lines 50-65 , data analyzer directs the scheduler to automatically add a web server to the user configuration to assist in the processing and therefore remedy the failure. Alternatively, if a web server of a particular configuration does not respond to user requests within a specified latency duration, the data analyzer directs the scheduler to automatically add a web server (i.e., a new component)   Column 37 Lines 10-15, when a component of a failing node is reallocated to a functional node, the software components associated with that failing node are similarly reallocated to the functional node) 
In regard to Claim 30
 	Lappas-Nguyen-Renzi disclosed (re. Claim 30) in response to the detected failure event, the task manager software instantiating one or more network collection software instances  (Lappas-Column 37 Lines 10-15, when a component of a failing node is reallocated to a functional node, the software components associated with that failing node are similarly reallocated to the functional node) and configuring the one or more network collection software instances to determine the failure condition comprising one or more network points of failure. (Nguyen-Paragraph 16, agent described herein running on the computer system may carry out automated remediation steps associated with the violated rule. For example, a rule that checks whether antivirus software is installed may specify automated remediation steps that download and install an antivirus software package used by the organization, Paragraph 25, the compliance rule may specify a registry key value, file version, or other computer system attribute that the health verification component 150 detects to determine if the rule is satisfied)  
In regard to Claim 31
 	Lappas-Nguyen-Renzi disclosed (re. Claim 31) wherein determining the failure event comprises determining one or more of: failure of the first network management software; and/or failure of the first and/or second computing hardware; (Lappas-Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  
 and/or the first and/or second computing hardware failing to respond to a ping; and/or a loss of network connectivity with the first network management software; and/or a segmentation of a network or sub-network the first and/or second computing hardware uses to communicate.
In regard to Claim 32
 	Lappas-Nguyen-Renzi disclosed (re. Claim 32) one or more additional computing hardwares operate on the network or sub-network, (Lappas- deployment manager 150 automatedly allocates the logical assignment across one or more of the physical hardware nodes 140 ) and the method further includes determining the segmentation by determining at least one or more of the following: computing hardware operating on the network or sub-network fails to responds to a network query, (Lappas-Column 9 Lines 50-65 ,   if a web server of a particular configuration does not respond to user requests within a specified latency duration, the data analyzer directs the scheduler to automatically add a web server (i.e., a new component)   Column 37 Lines 10-15, when a component of a failing node is reallocated to a functional node, the software components associated with that failing node are similarly reallocated to the functional node) and/or failure of a collection unit group or a collection unit comprising a collection unit group, and/or an absence of a heartbeat signal generated by the first network management software; and/or
a failure event recorded at the first network management software.
In regard to Claim 33
 	Lappas-Nguyen-Renzi disclosed (re. Claim 33) wherein determining the failure condition comprises determining one or more of:a failure of at least one aspect of the first network management software, and/or a failure of at least an aspect of the first computing hardware, (Lappas-Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  and/or a loss of a communication connection with the first network management software.

In regard to Claim 35
 	Lappas-Nguyen-Renzi disclosed (re. Claim 35) wherein: determining the failure condition comprises determining a re-instatement associated with the first network management software, (Lappas- Column 37 Lines 10-15, when a component of a failing node is reallocated to a functional node, the software components associated with that failing node are similarly reallocated to the functional node) and the re-instatement comprises one or more of: correction of a network segmentation; and/or re-instantiation of the first network management software; (Lappas- Column 37 Lines 10-15, when a component of a failing node is reallocated to a functional node, the software components associated with that failing node are similarly reallocated to the functional node) and/or reboot/recovery of the first computing hardware.

Claims 23-24,26-27,37-38,41-42 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Lappas (US Patent 8046694) further in view of Nguyen (USPGPUB 2010/0082803) further in view of Renzi (USPGPUB 2007/0180490) further in view of Dorland (USPGPUB 2004/0221026).
In regard to Claim 23
 	Lappas-Nguyen-Renzi disclosed (re. Claim 23) wherein: the specification further specifies a second network management software; and the method further includes performing the at least one mitigation action .(Lappas-Column 37 Lines 45-55 , During a hardware node failure, these images are retrieved and reallocated to one or more functional nodes with unused or unallocated resources  )  
 	The Examiner notes that Lappas disclosed a load balancing layer, a web server layer, an application server layer, a database server layer, which are equivalent to separate individual task managers. However Lappas does not explicitly disclose assigning and re-assigning of tasks.
 	While Lappas-Nguyen substantially disclosed the claimed invention Lappas-Nguyen does not disclose (re. Claim 23)  the task manager software assigning, to the second network management software, at least one network management task previously performed by the first network management software.
   	Dorland Paragraph 47 disclosed wherein subprocess 220 includes transferring information between the first and second portions of the database via the peer-to-peer interface. For example, information can be transferred from the data storage 126 to the data storage 116 via the interfaces 165, 163 over the communication link 156. The information can be transferred to a) respond to a request entered via the GUI 119, b) complete delegation of a task from the e-manager 122 to the e-manager 112.
 	Dorland Paragraph 50 disclosed wherein the second e-manager manages and monitors the set of devices/processes it received from the first e-manager. Later, when the first e-manager comes back on line, it sends an alert message, for example an "IAmLive" message, so the second e-manager. In response, the second e-manager sends current management information to the first e-manager and stops managing the devices/processes, and the first e-manager resumes managing the devices/processes it had earlier handed off to the second e-manager.
 	Dorland disclosed (re. Claim 23)  the task manager software (Dorland-Paragraph 19, Each of the e-managers can collect and process management data relating to the operation and associated tasks for which it is responsible )  assigning, to the second network management software, at least one network management task previously performed by the first network management software. (Dorland- Paragraph 47, information can be transferred from the data storage 126 to the data storage 116 via the interfaces 165, 163 over the communication link 156. The information can be transferred to a) respond to a request entered via the GUI 119, b) complete delegation of a task from the e-manager 122 to the e-manager 112, Dorland-Paragraph 50, the second e-manager manages and monitors the set of devices/processes it received from the first e-manager. Later, when the first e-manager comes back on line, it sends an alert message, for example an "IAmLive" message, so the second e-manager. In response, the second e-manager sends current management information to the first e-manager and stops managing the devices/processes, and the first e-manager resumes managing the devices/processes it had earlier handed off to the second e-manager..)

 	Lappas, Nguyen and  Dorland are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Dorland into Lappas-Nguyen.  The motivation for the said combination would have been to enable scalability of end-to-end management by collecting management data through different surrogate e-managers.(Dorland-Paragraph 27)

In regard to Claim 24
 	Lappas-Nguyen-Renzi disclosed (re. Claim 24) wherein:the first network management software comprises first data management software; (Nguyen-Paragraph 16, agent described herein running on the computer system may carry out automated remediation steps associated with the violated rule. For example, a rule that checks whether antivirus software is installed may specify automated remediation steps that download and install an antivirus software package used by the organization, Paragraph 25, the compliance rule may specify a registry key value, file version, or other computer system attribute that the health verification component 150 detects to determine if the rule is satisfied )  the second network management software comprises second data management software; the method further includes performing the at least one mitigation action in response to determining a failure condition of the first data management software and/or hardware the first data management software is authorized to run on; (Lappas- Column 37 Lines 10-20  ,  when a component of a failing node is reallocated to a functional node, the software components associated with that failing node are similarly reallocated to the functional node ,  Column 40 Lines 10-25  ,  data transfer based plans 4130 specify resource allotment plans based on a second resource (e.g., data transfer).    )  
 	While Lappas-Nguyen substantially disclosed the claimed invention Lappas-Nguyen does not disclose (re. Claim 24) wherein   performing the at least one mitigation action includes at least one of:
(a)    configuring network collection software to cache collected data, and/or
(b)    configuring network collection software to transfer cached data to the second data management software,    and/or
(c)    configuring network collection software to route collected data to the second data management software, and/or
(d)    network collection software attempting to contact the second data management software.
 	Dorland Paragraph 47 disclosed wherein subprocess 220 includes transferring information between the first and second portions of the database via the peer-to-peer interface. For example, information can be transferred from the data storage 126 to the data storage 116 via the interfaces 165, 163 over the communication link 156. The information can be transferred to a) respond to a request entered via the GUI 119, b) complete delegation of a task from the e-manager 122 to the e-manager 112.
 	Dorland disclosed (re. Claim 24) wherein   performing the at least one mitigation action includes at least one of:
(a)    configuring network collection software to cache collected data, and/or
(b)    configuring network collection software to transfer cached data to the second data management software,    and/or
(c)    configuring network collection software to route collected data to the second data management software, (Dorland Paragraph 47 , transferring information between the first and second portions of the database via the peer-to-peer interface. For example, information can be transferred from the data storage 126 to the data storage 116 via the interfaces 165, 163 over the communication link 156 )   and/or
(d)    network collection software attempting to contact the second data management software.

 	Lappas, Nguyen and  Dorland are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Dorland into Lappas-Nguyen.  The motivation for the said combination would have been to enable scalability of end-to-end management by collecting management data through different surrogate e-managers.(Dorland-Paragraph 27)

In regard to Claim 26
 	While Lappas-Nguyen substantially disclosed the claimed invention Lappas-Nguyen does not disclose (re. Claim 26) specifying alternate data management destinations within the at least one specification using a data routing specification template.	
 	 Dorland disclosed (re. Claim 26) specifying alternate data management destinations within the at least one specification using a data routing specification template.(Dorland-Paragraph 33, identifying neighbors of the e-manager, and information identifying one or more "redundant" e-managers, or in other words one or more other e-managers that can assume the e-manager's responsibilities and functions in case of failover ) 
 	Lappas, Nguyen and  Dorland are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Dorland into Lappas-Nguyen.  The motivation for the said combination would have been to enable scalability of end-to-end management by collecting management data through different surrogate e-managers.(Dorland-Paragraph 27)
In regard to Claim 27
 	Lappas-Nguyen-Dorland disclosed (re. Claim 27) performing the at least one mitigation action includes the task manager software commanding the first network management software to delay and/or stop one or more assigned network management tasks.(Dorland-Paragraph 50, The second e-manager confirms that it has received the management information from the first e-manager, the first e-manager shuts down, the second e-manager assumes the management responsibilities of the first e-manager and informs the e-integration manager, which updates its status for the second e-manager. ) 
 	The motivation to combine Dorland into Lappas-Nguyen as stated in Claim 23,24 applies to Claim 27.
 

In regard to Claim 37
 	Lappas-Nguyen-Dorland disclosed (re. Claim 37) wherein reassigning includes load balancing between the first and second network collection softwares.(Lappas- Column 10 Lines 15-25, implement the load balancing servers of a configuration ) 
In regard to Claim 38
 	Lappas-Nguyen-Dorland disclosed (re. Claim 38) the load balancing (Lappas- Column 10 Lines 15-25, implement the load balancing servers of a configuration) partially reassigning at least one of the tasks. (Dorland- Paragraph 47, information can be transferred from the data storage 126 to the data storage 116 via the interfaces 165, 163 over the communication link 156. The information can be transferred to a) respond to a request entered via the GUI 119, b) complete delegation of a task from the e-manager 122 to the e-manager 112., Dorland Paragraph 50 , the second e-manager manages and monitors the set of devices/processes it received from the first e-manager. Later, when the first e-manager comes back on line, it sends an alert message, for example an "IAmLive" message, so the second e-manager. In response, the second e-manager sends current management information to the first e-manager and stops managing the devices/processes, and the first e-manager resumes managing the devices/processes it had earlier handed off to the second e-manager.)
In regard to Claim 41
 	Lappas-Nguyen-Dorland disclosed (re. Claim 41) determining a re-instatement associated with the first network management software; (Dorland-Paragraph 50, the second e-manager manages and monitors the set of devices/processes it received from the first e-manager. Later, when the first e-manager comes back on line, it sends an alert message, for example an "IAmLive" message, so the second e-manager. In response, the second e-manager sends current management information to the first e-manager and stops managing the devices/processes, and the first e-manager resumes managing the devices/processes it had earlier handed off to the second e-manager. ) and in response to the determined re-instatement, performing one or more of the following: pushing cached data from the first network management software to a second network management software, and/or deleting duplicated data, and/or
configuring a second network management software to route collected data to the first network management software, (Dorland-Paragraph 50, the second e-manager manages and monitors the set of devices/processes it received from the first e-manager. Later, when the first e-manager comes back on line, it sends an alert message, for example an "IAmLive" message, so the second e-manager. In response, the second e-manager sends current management information to the first e-manager and stops managing the devices/processes, and the first e-manager resumes managing the devices/processes it had earlier handed off to the second e-manager. ) and/or de-instantiating, by the task manager software, at least one additional instance of network collection software and regaining, by the first network management software, performance of at least one task previously performed by the at least one additional instance of the network collection software.
 In regard to Claim 42
 	Lappas-Nguyen-Renzi disclosed (re. Claim 42) a trust domain (Lappas-Column 6 Lines 40-55, user account with associated server configuration and usage information , Column 10 Lines 60-64,servers organized into several tiers, where each tier represents a layer in a server configuration) comprising a collection of cooperative network configuration network collector instances deployed across at least one network, comprising:
 	a first network collector instance disposed on a first network segment; (Nguyen-Paragraph 5, a deployable meta-agent and automated remediation of computer system compliance failures based on configurable compliance rules )  a second network collector instance disposed on a second network segment;
 	 the first and second network collector instances each comprising: network collection software,(Nguyen-Paragraph 38, flexible compliance system may deploy the lightweight software agent ) 
 	at least one hardware computing component upon which the network collection software is authorized to execute, (Lappas- deployment manager 150 automatedly allocates the logical assignment across one or more of the physical hardware nodes 140 )  and
 	at least one network collection specification which specifies information the executing network collection software is authorized to collect from the network; (Nguyen-Paragraph 16, agent described herein running on the computer system may carry out automated remediation steps associated with the violated rule. For example, a rule that checks whether antivirus software is installed may specify automated remediation steps that download and install an antivirus software package used by the organization, Paragraph 25, the compliance rule may specify a registry key value, file version, or other computer system attribute that the health verification component 150 detects to determine if the rule is satisfied )  
 	said first and second network collector instances operating together as a distributed network collector. (Nguyen-Paragraph 38, flexible compliance system may deploy the lightweight software agent )

 	 While Lappas-Nguyen substantially disclosed the claimed invention Lappas-Nguyen does not disclose (re. Claim 42) a task manager instance connected to the network and in communication with the first and second network collector instances, the task manager instance reassigning to the second network collector instance at least one task previously performed by the first network collector instance when the first network collector instance fails.
 	Dorland disclosed (re. Claim 42) a task manager instance (Dorland-Paragraph 19, Each of the e-managers can collect and process management data relating to the operation and associated tasks for which it is responsible )  connected to the network and in communication with the first and second network collector instances, the task manager instance reassigning to the second network collector instance at least one task previously performed by the first network collector instance when the first network collector instance fails. (Dorland- Paragraph 47, information can be transferred from the data storage 126 to the data storage 116 via the interfaces 165, 163 over the communication link 156. The information can be transferred to a) respond to a request entered via the GUI 119, b) complete delegation of a task from the e-manager 122 to the e-manager 112.)
 	Lappas, Nguyen and  Dorland are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Dorland into Lappas-Nguyen.  The motivation for the said combination would have been to enable scalability of end-to-end management by collecting management data through different surrogate e-managers.(Dorland-Paragraph 27)
 	The motivation to combine Dorland into Lappas-Nguyen as stated in Claim 23,24 applies to Claim 42.

Claims 25 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Lappas (US Patent 8046694) further in view of Nguyen (USPGPUB 2010/0082803) further in view of Renzi (USPGPUB 2007/0180490) further in view of Dorland (USPGPUB 2004/0221026) further in view of Lear (US Patent 8260736).
In regard to Claim 25
 	Lappas-Nguyen-Renzi-Dorland substantially disclosed the claimed invention as shown in the rejection for Claim 23 and 24. 	
 	Lappas-Nguyen-Renzi-Dorland disclosed (re. Claim 25)  routing collected network data to the second data management software.  (Dorland-Paragraph 47 , transferring information between the first and second portions of the database via the peer-to-peer interface. For example, information can be transferred from the data storage 126 to the data storage 116 via the interfaces 165, 163 over the communication link 156 )   
  	Lear Figure 10H, Column 38 Lines 5-25 disclosed assessing received sensor and alarm values against predefined sensor and alarm values, then corrective actions are calculated 2722 which includes tasks to eliminate or mitigate the hazardous condition. Corrective action tasks are submitted 2726 and processed by task manager 131 for deconfliction 2000 and monitored 3200 by stability manager 135 for effectiveness in similar manner to that described above in relation to other IDSS processes. Tasks submitted 2726 may include tasks within an effectiveness window (e.g., range) and a method of execution that is based upon the states and modes of the stability and load manager IDSS 135, e.g., tasks selected and prioritized based upon actual conditions. 
 	Lear disclosed (re. Claim 25) temporarily increasing priority.  (Lear-Figure 10H, Column 38 Lines 5-25, assessing received sensor and alarm values against predefined sensor and alarm values, then corrective actions are calculated 2722 which includes tasks to eliminate or mitigate the hazardous condition. Corrective action tasks are submitted 2726 and processed by task manager 131 for deconfliction 2000 and monitored 3200 by stability manager 135 for effectiveness in similar manner to that described above in relation to other IDSS processes. Tasks submitted 2726 may include tasks within an effectiveness window (e.g., range) and a method of execution that is based upon the states and modes of the stability and load manager IDSS 135, e.g., tasks selected and prioritized based upon actual conditions ) 
 	Lappas, Nguyen and Lear are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Lear into Lappas-Nguyen.  The motivation for the said combination would have been to enable a Task Manager 131 which analyzes proposed task priority, impact, availability and compliance with established procedures and/or doctrine. Using these criteria, tasks are de-conflicted (e.g., conflicts between different tasks are resolved and/or tasks are reconciled, and/or conflicts between tasks and doctrine and/or established procedures/limits are resolved and/or reconciled), prioritized, and distributed to the appropriate lower tier Equipment Controller 140-145.(Lear-Column 5 Lines 55-65)

Claims 34 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Lappas (US Patent 8046694) further in view of Nguyen (USPGPUB 2010/0082803) further in view of Renzi (USPGPUB 2007/0180490) further in view of Bornhoevd (US Patent 8131838).

In regard to Claim 34
 	Lappas-Nguyen-Renzi-Dorland substantially disclosed the claimed invention as shown in the rejection for Claim 23 and 24.
 	While Lappas-Nguyen substantially disclosed the claimed invention Lappas-Nguyen does not disclose (re. Claim 34) wherein determining the failure condition comprises the first network management software determining a loss of functionality of a network segmentation break point.
  	Bornhoevd Column 24 Lines 5-15 disclosed wherein the core monitor service 148 also includes a ping requestor 808, which is configured to be used by the global monitor service 132a and/or the local monitor service 132b, or any monitor service that stores monitor data in some type of monitor data storage/memory (e.g., the system landscape database 806). The ping requestor 808 may thus be configured to ping devices in the system landscape, thereby to assist in keeping system landscape data of child systems up-to-date, and to detect disconnected devices (and mark the data as `in doubt`).
 	Bornhoevd disclosed (re. Claim 34) wherein determining the failure condition comprises the first network management software determining a loss of functionality of a network segmentation break point.   (Bornhoevd-Figure 5, Figure 8,Column 24 Lines 55-65 , core monitor service 148 also includes a heartbeat transmitter 810, which may be implemented as a service configured to send a heartbeat message to a parent monitor service, so as to indicate that the device (on which the core monitor service 148 is deployed) is still running, Column 25 Lines 30-35, even if the communication channels are unreliable, and heartbeat messages are lost   )  
 	Lappas, Nguyen and  Bornhoevd are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Bornhoevd into Lappas-Nguyen.  The motivation for the said combination would have been to enable receiving monitor data in the heartbeat messages so that relatively-higher tier monitor services may avoid performing at least some polling of lower -tier services, since the upper -tier services may already have the desired monitor data.(Bornhoevd-Column 25 Lines 20-35 ) 

Claims 39-40 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being   unpatentable over Lappas (US Patent 8046694) further in view of Nguyen (USPGPUB 2010/0082803) further in view of Renzi (USPGPUB 2007/0180490) further in view of Dorland (USPGPUB 2004/0221026) further in view of  Vicente (USPGPUB 2009/0089410).
In regard to Claim 39
 	 Lappas-Nguyen-Renzi-Dorland substantially disclosed the claimed invention as shown in the rejection for Claim 23 and 24.
 	While Lappas-Nguyen-Dorland substantially disclosed the claimed invention Lappas-Nguyen-Dorland does not disclose (re. Claim 39) performing the reassigning upon a reliability score associated with the first network management software reaching a threshold value.
 	Vicente Paragraph 6 disclosed identifying criteria that define the stability, performance efficiency, robustness, and other operational metrics of system. Operational properties of the system may be collected and analyzed so a designer or administrator can reorganize the system for optimal performance and efficiency.
 	Vicente disclosed (re. Claim 39) performing the reassigning (Vicente- Paragraph 6, reorganize the system for optimal performance and efficiency )  upon a reliability score associated with the first network management software reaching a threshold value.(Vicente-Paragraph 36, nodes at the core of the network must exhibit high availability (e.g., five nines), demonstrate high reachability capability and extremely low latency. Thus, it is expected that i.) reachability state, ii.) stability state, and iii.) performance state will be the quantitative ordering basis for determining operational rank and superiority , Paragraph 77, use a combined metric to characterize the degree of service dependability)  
 	Lappas, Nguyen and Vicente are analogous art because they both present concepts and practices regarding deployment of specified configurations.  At the time of the claimed invention it would have been obvious to a person of ordinary skill in the networking art to combine Vicente into Lappas-Nguyen.  The motivation for the said combination would have been to enable  identifying criteria that define the stability, performance efficiency, robustness, and other operational metrics of system so a designer or administrator can reorganize the system for optimal performance and efficiency.(Vicente-Paragraph 6)

In regard to Claim 40
 	Lappas-Nguyen-Dorland-Vicente disclosed (re. Claim 40) wherein the reliability score is based on one or more of the following: length of time since a last event that caused a collection unit’s tasks to be failed over, (Vicente-Paragraph 36, nodes at the core of the network must exhibit high availability (e.g., five nines), demonstrate high reachability capability and extremely low latency. Thus, it is expected that i.) reachability state, ii.) stability state, and iii.) performance state will be the quantitative ordering basis for determining operational rank and superiority )   and/or number of failover events within a specified period of time, (Vicente-Paragraph 86, entropy is the desired measure of stability with respect to node m, in terms of the absolute relative dependability during the period of stability state evaluation )  and/or length of time that a collection unit has remained in contact with other collection unit group members during a specified time period. 



Conclusion

Examiner’s Note: In the case of amending the claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Please refer to the enclosed PTO-892 form.
 
 
 Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREG C BENGZON whose telephone number is (571)272-3944.  The examiner can normally be reached on Monday - Friday 8 AM - 4:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached on (571) 272-3964.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


	/GREG C BENGZON/           Primary Examiner, Art Unit 2444