Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

DETAILED ACTION
This communication is in response to Application No. 17/035,656 filed on 28 September 2020.  	Claims 1-34 are presented for examination.

Drawings
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they do not include the following reference sign(s) mentioned in the description: head end 1804 (paragraph 0081), access router 1806 (paragraph 0081), dense wavelength division multiplexing (DWDM) network 1808 (paragraph 0081), primary distribution cabinet 1810 (paragraph 0081), optical line terminal 1812 (paragraph 0081), single fiber coupling 1814 (paragraph 0081), secondary distribution cabinet 1816 (paragraph 0081), 1:64 splitter 1818 (paragraph 0081), single fibers 1820 (paragraph 0081), S-ONU 1822 (paragraph 0081), ports 1999 (paragraph 0082), L3 (layer 3) link aggregation group (LAG) 1997 (paragraph 0082), connection 1995 (paragraph 0082), bi-directional optical subassembly (BOSA) on-board transceiver 1993 (paragraph 0082), (SoC) 1991 (paragraph 0082), RJ45 port 1979 (paragraph 0082), high-speed data gateway 1977 (paragraph 0082), set-top boxes 1975 (paragraph 0082), laptops 1971 (paragraph 0082), televisions 1973 (paragraph 0082), internal integrated voice gateway 1983 (paragraph 0082), RJ11 voice ports 1981 (paragraph 0082), analog telephones 1969 (paragraph 0082), analog telephones 1967 (paragraph 0082), RJ45 port 1989 (paragraph 0082), switch 1987 (paragraph 0082), and analog telephone adapters (ATAs) 1985 (paragraph 0082). 
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they include the following reference character(s) not mentioned in the description: 804 (FIG. 8), 806 (FIG. 8), 808 (FIG. 8), 810 (FIG. 8), 812 (FIG. 8), 814 (FIG. 8), 816 (FIG. 8), 818 (FIG. 8), 820 (FIG. 8), 822 (FIG. 8), 999 (FIG. 9), 997 (FIG. 9), 995 (FIG. 9), 993 (FIG. 9), 991 (FIG. 9), 979 (FIG. 9), 977 (FIG. 9), 975 (FIG. 9), 971 (FIG. 9), 973 (FIG. 9), 983 (FIG. 9), 981 (FIG. 9), 969 (FIG. 9), 967 (FIG. 9), 989 (FIG. 9), 987 (FIG. 9), and 985 (FIG. 9).  	Corrected drawing sheets in compliance with 37 CFR 1.121(d), or amendment to the specification to add the reference character(s) in the description in compliance with 37 CFR 1.121(b) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Allowable Subject Matter
Claims 5, 6, 19, 20, 25, 26, 28, 33, and 34 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-4, 7-24, and 27 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Independent Claims 1, 21, and 27 recite: 	selecting one or more network tests for a network, wherein the selected one or more network tests simulate an attempt to establish an anomalous network configuration;  	generating a network configuration update based on the selected one or more network tests;  	issuing the network configuration update to a network-based device;  	monitoring a performance of the network for establishment of the anomalous network configuration in response to the network configuration update; and  	revising a configuration of the network based on the monitored performance of the network, to mitigate the establishment of the anomalous network configuration.  	This judicial exception is not integrated into a practical application because the claim does not provide an inventive concept, recites conventional concepts, and the claim as a whole does not amount to significantly more. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the judicial exception is not applied or used in some meaningful way and generally links the use of selecting tests for a network operation environment. For instance, dependent claim 9 states “wherein the one or more tests and corresponding mitigation tasks are managed via a management console by an administrator or other user.” Thus, Examiner argues that selecting tests, generating an update, issuing an update, monitoring network performance, and revising network configurations are primary functions of a network administrator.
Claims 2-4, 7-20, and 22-24 fail to cure the deficiencies of their parent claim(s) and, therefore, inherit the rejections.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3, 4, 8-11, 14, 15, 17, 21, 23, 24, 27, 29, 31, and 32 are rejected under 35 U.S.C. 103 as being unpatentable over US PGPUB 2018/0248905 A1 to Côté et al (hereafter Cote) and US Patent 11,100,217 B1 to Natanzon et al.
Regarding Claim 1, Cote discloses a method comprising:  	selecting one or more network tests for a network (0032, 0041, and 0069 provides for selecting independent testing datasets for a network), wherein the selected one or more network tests simulate an attempt to establish an anomalous network configuration (0032, 0045, and 0056 provides for wherein the Machine Learning testing 212 receive inputs from simulator 204 in an attempt to determine an anomaly dataset 208 for the network);  	generating a network configuration update based on the selected one or more network tests (0038 and 0144 provides for generating an updated configuration of the network 120 based on the simulated performance monitoring data); and 	issuing the network configuration update to a network-based device (0144 provides for issuing configuration changes of the network device associated with the anomaly). 	Cote doesn’t explicitly disclose monitoring a performance of the network for establishment of the anomalous network configuration in response to the network configuration update; and revising a configuration of the network based on the monitored performance of the network, to mitigate the establishment of the anomalous network configuration. 	Natanzon, in a similar field of endeavor, discloses monitoring a performance of the network for establishment of the anomalous network configuration in response to the network configuration update (FIG. 2 step 204 and col. 9 lines 5-14 provides for performing security threat testing, i.e. monitoring a performance of the network, for potential vulnerabilities); and  	revising a configuration of the network based on the monitored performance of the network (col. 9 lines 15-50 provides for validating/revising the configuration based on the tests), to mitigate the establishment of the anomalous network configuration (Examiner interprets this to be intended use). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Natanzon for proactively managing cyber security threats by testing various configuration updates. The configuration update testing of Natanzon, when implemented with the abnormal behavior network of the Cote system, will allow one of ordinary skill in the art to test configurations, in order to validate its impact on the network device. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the configuration update testing of Natanzon with the abnormal behavior network of the Cote system the desirable purpose of detecting abnormal behavior in a network.
Regarding Claim 3, the Cote/Natanzon system discloses the method of claim 1, further comprising monitoring a security performance of the network over time (Cote, 0029 provides for security alarms supported by a network element).
Regarding Claim 4, the Cote/Natanzon system discloses the method of claim 3, wherein the revising of the configuration of the network is based on the monitored security performance (Natanzon, Abstract provides for security threats). 	Same motivation as independent claim 1.
Regarding Claim 8, the Cote/Natanzon system discloses the method of claim 1, wherein the network is a deployed network carrying both test and operational network traffic (Cote, FIG. 2 provides for ML testing 212 and Normal dataset 206) and the attempt to establish an anomalous network configuration is simulated to test and improve a security of the network while maintaining normal operation of the network (Natanzon, col. 7, lines 46-56 provides for simulating a test on a second instance with a disaster recovery environment). 	Same motivation as independent claim 1.
Regarding Claim 9, the Cote/Natanzon system discloses the method of claim 1, wherein the one or more tests and corresponding mitigation tasks are managed via a management console by an administrator or other user (Natanzon, col. 9 lines 4-14 provides for requiring direct input or oversight by an administrator of the production environment). 	Same motivation as independent claim 1.
Regarding Claim 10, the Cote/Natanzon system discloses the method of claim 1, wherein a reception by a simulation receiver of certain network traffic associated with one of the tests is indicative of malicious or erroneous network traffic not being properly mitigated by the network (Natanzon, col. 9 lines 4-50 provides for a reception by a virtual machine/simulation receiver of certain network traffic associated with one of the tests is not validated/verifies, i.e. is indicative of malicious or erroneous network traffic not being properly mitigated). 	Same motivation as independent claim 1.
Regarding Claim 11, the Cote/Natanzon system discloses the method of claim 1, wherein the selection of the tests includes specification of variables (Cote, 0051 provides for a type of anomaly for each classifier 218), the variables including one or more of a specific Internet Protocol (IP) address of a router that is a target of an attack, one or more Border Gateway Protocol (BGP) session configuration parameters, an identification of a type of attack that should be rejected (Cote, 0051 provides for a type of anomaly for each classifier 218), an identification of a network route that should be rejected, one or more Internet Protocol (IP) packets on an Internet containing one or more addresses not allocated by an Internet Assigned Numbers Authority or another authorized agency, and one or more reserved Autonomous System Numbers (ASNs).
Regarding Claim 14, the Cote/Natanzon system discloses the method of claim 1, further comprising checking a health of the network to determine if a simulated network attack caused an outage or other type of failure of the network (Natanzon, col. 3 lines 1-10 provides for testing various configuration updates to mitigate potential risks). 	Same motivation as independent claim 1.
Regarding Claim 15, the Cote/Natanzon system discloses the method of claim 1, further comprising analyzing the performance of the network to determine which network configuration updates were detected and mitigated and which network configuration updates were inadvertently accepted (Natanzon, col. 3 lines 1-10 provides for testing various configuration updates to mitigate potential risks). 	Same motivation as independent claim 1.
Regarding Claim 17, the Cote/Natanzon system discloses the method of claim 1, further comprising analyzing a processor utilization, a memory utilization (Cote, 0029 provides for memory usage), or both of a network-based device of the network as an indication of an unsuccessful mitigation of a network attack (Natanzon, col. 9 lines 52-65 provides for unsuccessfully testing for various configuration updates), an erroneous configuration of the network, or both.
Regarding Claim 21, similar rejection where the method of claim 1 teaches the apparatus of claim 21.
Regarding Claim 23, similar rejection where the method of claim 3 teaches the apparatus of claim 23.
Regarding Claim 24, similar rejection where the method of claim 4 teaches the apparatus of claim 24.
Regarding Claim 27, similar rejection where the method of claim 1 teaches the non-transitory computer readable medium of claim 27.
Regarding Claim 29, similar rejection where the method of claim 1 teaches the networked computing system of claim 29.
Regarding Claim 31, similar rejection where the method of claim 3 teaches the networked computing system of claim 31.
Regarding Claim 32, similar rejection where the method of claim 4 teaches the networked computing system of claim 32.

Claims 2, 22, and 30 is rejected under 35 U.S.C. 103 as being unpatentable over the Cote/Natanzon system as applied to claims 1, 21, and 29 above, and further in view of US Patent 10,516,694 B1 to Gupta et al.
Regarding Claim 2, the Cote/Natanzon system discloses the method of claim 1. 	The Cote/Natanzon system doesn’t explicitly disclose wherein the revised configuration mitigates malicious use of protected network addresses. 	Gupta, in a similar field of endeavor, discloses wherein a revised configuration mitigates malicious use of protected network addresses (col. 4 line 63 – col. 5 line 20 and col. 11 lines 33-45 provides for wherein configurations of attack mitigator 118 devices manage traffic destined for a protected network address). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gupta for traffic destined for a protected network address. The protected network address traffic of Gupta, when implemented with the abnormal behavior network of the Cote/Natanzon system, will allow one of ordinary skill in the art to route traffic to attack mitigators, in order to implement hierarchical attack mitigation techniques. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the protected network address traffic of Gupta with the abnormal behavior network of the Cote/Natanzon system for the desirable purpose of mitigating network attacks.
Regarding Claim 22, similar rejection where the method of claim 2 teaches the apparatus of claim 22.
Regarding Claim 30, similar rejection where the method of claim 2 teaches the networked computing system of claim 30.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over the Cote/Natanzon system as applied to claim 1 above, and further in view of US PGPUB 2018/0046811 A1 to Andriani.
Regarding Claim 7, the Cote/Natanzon system discloses the method of claim 1. 	The Cote/Natanzon system doesn’t explicitly disclose wherein the network configuration update is a Border Gateway Protocol (BGP) advertisement that includes an address from at least one of a private address space, a multicast address space, and an address space unauthorized for routing on the Internet. 	Andriani, in a similar field of endeavor, discloses wherein the network configuration update is a Border Gateway Protocol (BGP) advertisement (0286 provides for BGP updates) that includes an address from at least one of a private address space (0052, 0055, and 0286 provides for traffic from an a private network under control of the organization through unique IP addresses), a multicast address space, and an address space unauthorized for routing on the Internet. 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Andriani for routing traffic in a private network under control of an organization. The private network of Andriani, when implemented with the abnormal behavior network of the Cote/Natanzon system, will allow one of ordinary skill in the art to re-route traffic using BGP updates, in order to implement perform DDOS testing. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the private network of Andriani with the abnormal behavior network of the Cote/Natanzon system for the desirable purpose of testing networks.

Claims 12 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over the Cote/Natanzon system as applied to claim 1 above, and further in view of US PGPUB 2021/0135982 A1 to Chaturmohta et al.
Regarding Claim 12, the Cote/Natanzon system discloses the method of claim 1. 	The Cote/Natanzon system doesn’t explicitly disclose wherein supported attacks include one or more of an excessive ASN pre-pending attack, an excessively long Autonomous System Number (ASN) path attack, a private Autonomous System Number (ASN) advertisement attack, an invalid Autonomous System Number (ASN) advertisement attack, a route hijacking, an autonomous system (AS) path manipulation, a route leak, an advertisement of a prefix with an invalid Route Origin Authorization (ROA), an advertisement of a prefix longer than /24, and an advertisement of a prefix longer than /48. 	Chaturmohta, in a similar field of endeavor, discloses wherein supported attacks include one or more of an excessive ASN pre-pending attack, an excessively long Autonomous System Number (ASN) path attack, a private Autonomous System Number (ASN) advertisement attack, an invalid Autonomous System Number (ASN) advertisement attack, a route hijacking (0119 provides for route hijack analysis), an autonomous system (AS) path manipulation, a route leak, an advertisement of a prefix with an invalid Route Origin Authorization (ROA), an advertisement of a prefix longer than /24, and an advertisement of a prefix longer than /48. 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Chaturmohta for analyzing a route hijack. The route hijacking analysis of Chaturmohta, when implemented with the abnormal behavior network of the Cote/Natanzon system, will allow one of ordinary skill in the art to redetect hijacked routes, in order to implement perform network testing. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the route hijacking analysis of Chaturmohta with the abnormal behavior network of the Cote/Natanzon system for the desirable purpose of approving healthy routes within a network. 
Regarding Claim 13, the Cote/Natanzon system discloses the method of claim 1. 	The Cote/Natanzon system doesn’t explicitly discloses wherein the revision of the configuration of the network is performed in response to an attack receiver receiving network traffic corresponding to a hijacked route. 	Chaturmohta, in a similar field of endeavor, discloses wherein the revision of the configuration of the network is performed in response to an attack receiver receiving network traffic corresponding to a hijacked route (0041). 	Same motivation as claim 12.

Claim 16 are rejected under 35 U.S.C. 103 as being unpatentable over the Cote/Natanzon system as applied to claim 1 above, and further in view of US PGPUB 2017/0034023 A1 to Nickolov et al.
Regarding Claim 16, the Cote/Natanzon system discloses the method of claim 1, further comprising reporting a result of the one or more tests (Cote, 0073-0074 provides for reporting results). 	The Cote/Natanzon system doesn’t explicitly disclose the report including a description of information being advertised, a type of malicious message that the network did not correctly identify and block, and full routing protocol headers associated with at least one test message. 	Nickolov, in a similar field of endeavor, discloses the report including a description of information being advertised (1057 provides for a vulnerability description), a type of malicious message that the network did not correctly identify and block (1057 provides for vulnerabilities), and full routing protocol headers associated with at least one test message (0530-0534 provides for IP addresses, port, and configuration parameters). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Nickolov for amending a report to include vulnerability description and configuration parameters. The detailed reporting of Nickolov, when implemented with the abnormal behavior network of the Cote/Natanzon system, will allow one of ordinary skill in the art to include additional information in the reporting, in order to communicate network testing results to a system administrator for performance monitoring. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the detailed reporting of Nickolov with the abnormal behavior network of the Cote/Natanzon system for the desirable purpose of reviewing routes within a network.

Claim 18 are rejected under 35 U.S.C. 103 as being unpatentable over the Cote/Natanzon system as applied to claim 1 above, and further in view of US Patent 10,848,423 B1 to Chen et al.
Regarding Claim 18, the Cote/Natanzon system discloses the method of claim 1. 	The Cote/Natanzon system doesn’t explicitly disclose further comprising revising a route filter on a network device to filter a particular malicious advertisement. 	Chen, in a similar field of endeavor, discloses revising a route filter on a network device to filter a particular malicious advertisement (col. 4 lines 1-11 provides for gateway that filters route advertisements). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Chen for filtering advertisements within a system. The advertisement filtering of Chen, when implemented with the abnormal behavior network of the Cote/Natanzon system, will allow one of ordinary skill in the art to send advertisements to respective networks, in order to implement network testing based on a prefix list. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the advertisement filtering of Chen with the abnormal behavior network of the Cote/Natanzon system for the desirable purpose of optimizing network testing.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US PGPUB 2022/0019674 A1 to Frey et al discloses improving cybersecurity defensive intelligence.
US PGPUB 2016/0359872 A1 to Yadav et al discloses simulating network traffic based on policy.
US PGPUB 2019/0334807 A1 to Clark et al discloses monitoring configuration updates after enabling them.
USPGPUB 2017/0244745 A1 to Key et al discloses simulating different types of attacks.
US PGPUB 2021/0099476 A1 to Montgomery et al discloses reviewing threat simulation results.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SCHQUITA GOODWIN whose telephone number is (571)272-5477. The examiner can normally be reached M-F 9am - 5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tonia Dollinger can be reached on (571) 272-4170. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SCHQUITA D GOODWIN/Examiner, Art Unit 2459