DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/05/2022 has been entered.
 
EXAMINER'S AMENDMENT

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in an interview with “Eric Moore” on 06/13/2022.
The application has been amended as follows: 
1.	(Currently Amended) A method of compliance management, comprising:
	determining, by a compliance component in a network, a proposed configuration change for the network, wherein the network comprises a plurality of computing components;
	prior to modifying the network based on the proposed configuration change:
	receiving, by the compliance component, data indicating a current security posture of the network, wherein the current security posture relates to compliance of the plurality of computing components in the network with applicable security requirements; 
	generating, by the compliance component, a data interchange format object representative of the data indicating the current security posture of the network;
	determining, by the compliance component, based on the data interchange format object, that the proposed configuration change results in an overall network configuration that does not comply with one or more of the applicable security requirements; 
	determining, by the compliance component, a recommendation with respect to the proposed configuration change;
	generating, by the compliance component, a notification relating to the determining that the proposed configuration change results in the overall network configuration that does not comply with the one or more of the applicable security requirements, wherein the recommendation is included in the notification; and
	receiving, by the compliance component, a decision indicating whether to proceed with the proposed configuration change in response to the notification; and
	performing, by the compliance component, an action based on the decision.

2.	(Canceled)

3.	(Canceled) 

4. 	(Currently Amended) The method of claim [[3]]1, wherein the recommendation is determined using machine learning techniques based on historical decisions with respect to historical configuration changes.

5.	(Previously Presented) The method of claim 1, wherein the proposed configuration change is determined based on or more of:
	an alert; or
	a guest introspection operation.

6. 	(Previously Presented) The method of claim 1, wherein determining, based on the data interchange format object, that the proposed configuration change results in the overall network configuration that does not comply with the one or more of the applicable security requirements comprises analyzing an architectural impact of the proposed configuration change on an existing configuration of the network.

7.	(Previously Presented) The method of claim 1, wherein performing the action based on the decision comprises one or more of:
	recording the decision with associated data;
	allowing the proposed configuration change;
	blocking the proposed configuration change; or
	making one or more additional configuration changes.

8.	(Currently Amended) A non-transitory computer-readable medium comprising instructions that, when executed by one or more processors of a computing system, cause the computing system to perform a method of compliance management, the method comprising:
	determining, by a compliance component in a network, a proposed configuration change for the network, wherein the network comprises a plurality of computing components;
	prior to modifying the network based on the proposed configuration change:
	receiving, by the compliance component, data indicating a current security posture of the network, wherein the current security posture relates to compliance of the plurality of computing components in the network with applicable security requirements; 
	generating, by the compliance component, a data interchange format object representative of the data indicating the current security posture of the network;
	determining, by the compliance component, based on the data interchange format object, that the proposed configuration change results in an overall network configuration that does not comply with one or more of the applicable security requirements; 
	determining, by the compliance component, a recommendation with respect to the proposed configuration change;
	generating, by the compliance component, a notification relating to the determining that the proposed configuration change results in the overall network configuration that does not comply with the one or more of the applicable security requirements, wherein the recommendation is included in the notification; and
	receiving, by the compliance component, a decision indicating whether to proceed with the proposed configuration change in response to the notification; and
	performing, by the compliance component, an action based on the decision.

9.	(Canceled)

10.	(Canceled)

11. 	(Currently Amended) The non-transitory computer-readable medium of claim [[10]]8, wherein the recommendation is determined using machine learning techniques based on historical decisions with respect to historical configuration changes.

12.	(Previously Presented) The non-transitory computer-readable medium of claim 8, wherein the proposed configuration change is determined based on or more of:
	an alert; or
	a guest introspection operation.

13. 	(Previously Presented) The non-transitory computer-readable medium of claim 8, wherein determining, based on the data interchange format object, that the proposed configuration change results in the overall network configuration that does not comply with the one or more of the applicable security requirements comprises analyzing an architectural impact of the proposed configuration change on an existing configuration of the network.

14.	(Previously Presented) The non-transitory computer-readable medium of claim 8, wherein performing the action based on the decision comprises one or more of:
	recording the decision with associated data;
	allowing the proposed configuration change;
	blocking the proposed configuration change; or
	making one or more additional configuration changes.

15.	(Currently Amended) A system comprising one or more processors and a memory comprising instructions that, when executed by the one or more processors, cause the system to perform a method of compliance management, the method comprising:
	determining, by a compliance component in a network, a proposed configuration change for the network, wherein the network comprises a plurality of computing components;
	prior to modifying the network based on the proposed configuration change:
	receiving, by the compliance component, data indicating a current security posture of the network, wherein the current security posture relates to compliance of the plurality of computing components in the network with applicable security requirements; 
	generating, by the compliance component, a data interchange format object representative of the data indicating the current security posture of the network;
	determining, by the compliance component, based on the data interchange format object, that the proposed configuration change results in an overall network configuration that does not comply with one or more of the applicable security requirements; 
	determining, by the compliance component, a recommendation with respect to the proposed configuration change;
	generating, by the compliance component, a notification relating to the determining that the proposed configuration change results in the overall network configuration that does not comply with the one or more of the applicable security requirements, wherein the recommendation is included in the notification; and
	receiving, by the compliance component, a decision indicating whether to proceed with the proposed configuration change in response to the notification; and
	performing, by the compliance component, an action based on the decision.

16.	(Canceled)

17.	(Canceled)

18. 	(Currently Amended) The system of claim [[17]]15, wherein the recommendation is determined using machine learning techniques based on historical decisions with respect to historical configuration changes.

19.	(Previously Presented) The system of claim 15, wherein the proposed configuration change is determined based on or more of:
	an alert; or
	a guest introspection operation.

20. 	(Previously Presented) The system of claim 15, wherein determining, based on the data interchange format object, that the proposed configuration change results in the overall network configuration that does not comply with the one or more of the applicable security requirements comprises analyzing an architectural impact of the proposed configuration change on an existing configuration of the network.

Allowable Subject Matter
Claims 1, 4-8, 11-15 and 18-20 are allowed over cited references.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
This communication warrants no examiner’s reason for allowance, as applicant’s reply makes evident the reason for allowance, satisfying the record as whole as required by rule 37 CFR 1.104 (e). In this case, the substance of applicant’s remarks in the Amendment filed on 05/05/2022 with respect to the amended claim limitations along with the interview held on 6/13/2022 point out the reason claims are patentable over the prior art of record. Thus, the reason for allowance is in all probability evident from the record and no statement for examiner’s reason for allowance is necessary (see MPEP 13202.14).
	
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
	Ganesh et al. (US 20170331669 A1) is one of the most pertinent art in the field of invention and discloses, virtualizing a network management protocol (NMP). A network element offloads processes for communicating in the NMP to a virtualization engine (e.g., a backend virtualization proxy for the network element). The network element transmits a message containing a NMP request to the virtualization engine using service function chaining (SFC) by inserting service plane protocol data (e.g., a network service header (NSH)) into the message (e.g., an impregnated request). The virtualization engine expropriates, from the network element, processes for communicating in the NMP and can, thereby, reduce the computational resources used by the network element for communicating in the NMP. The virtualization engine generates a NMP response to the NMP request. The virtualization engine transmits a different message containing the NMP response to the network element using SFC by inserting service plane protocol data into the message (e.g., an impregnated response).
	Shahbazi et al. US 20060224742 A1 is yet another one of the most pertinent art in the field of invention and discloses, security systems and methods for mobile network-based data environments. The present invention provides an integration of security, mobile computing, wireless and IT infrastructure management technology, to create a new level of automation and enforcement to enable the transparent application of mobile security across an enterprise, while embracing end user "transparency" and "ease of use" and empowering IT administration.
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TAUQIR HUSSAIN whose telephone number is (571)270-1247.  The examiner can normally be reached on M-F 7:00 - 8:00 with IFP.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian J Gillis can be reached on 571 272-7952.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/Tauqir Hussain/Primary Examiner, Art Unit 2446