Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 6, 7, 8, 9, 10, 11 and 12 is/are rejected under 35 U.S. C. 102(a)(2) as being unpatentable over HAMANO (JP 2004248185 A).
Regarding Claim 1: 
HAMANO discloses: 
	A network management device for managing a network including a plurality of edge routers and a plurality of intermediate routers connected between the plurality of edge routers, the network management device comprising: a memory; and a processor coupled to the memory and configured to: calculate respective communication routes of traffic to be forwarded from each of the plurality of edge routers to an attack target device that receives an attack from an outside of the network, set a communication route of traffic to a second router such that the communication routes merge at a first router, and instruct the first router to suppress forwarding of traffic of the attack (¶22: “The communication device 1 detects a suspected DDoS attack packet addressed to the DDoS attack protection target server 201 by monitoring a communication packet flowing between the edge router 101 and the server accommodation IP network N1, and transmits the communication packet addressed to the DDoS attack protection target server 201. A routing setting change instruction packet (from the first router) for routing to the communication device 2 (second router) is transferred to the edge routers 102, 103, and 104, and the edge routers 102, 103, and 104 transfer a communication packet to the DDoS attack protection target server 201 to the communication device 2. Change the routing settings to route to. As a result, all communication packets addressed to the DDoS attack defense target server 201 from the DDoS attack terminals 202 and 203 and the legitimate service using terminal 204 are collected in the communication device 2”), wherein, the processor selects the first router and the second router so as to satisfy a condition regarding a load of forward processing of traffic in the network and not to allow the traffic to loop from among the plurality of edge routers and the plurality of intermediate routers on the basis of a connection relationship between the plurality of edge routers and the plurality of intermediate routers (¶20: In accordance with the received routing setting change instruction, the edge routers 102, 103, and 104 change the routing setting so that a communication packet that matches the traffic profile of the suspected DDoS attack packet is not routed to the communication device 2 (intermediate router)).

Regarding Claim 6: 
	The network management device according to claim 1, wherein the condition is that the first router is one of the plurality of edge routers (¶22: “The communication device 1 (first router) detects a suspected DDoS attack packet addressed to the DDoS attack protection target server 201 by monitoring a communication packet flowing between the edge router 101 and the server accommodation IP network N1, and transmits the communication packet addressed to the DDoS attack protection target server 201. A routing setting change instruction packet for routing to the communication device 2 (first router) is transferred to the edge routers 102, 103, and 104, and the edge routers 102, 103, and 104 (plurality of edge routers) transfer a communication packet to the DDoS attack protection target server 201 to the communication device 2.”).
Regarding Claim 7: 
HAMANO discloses:
	The network management device according to claim 1, wherein the condition is that a setting amount for suppressing traffic by the first router is equal to or less than a threshold value (¶22: “The communication device 1 detects a suspected DDoS attack packet addressed to the DDoS attack protection target server 201 by monitoring a communication packet flowing between the edge router 101 and the server accommodation IP network N1, and transmits the communication packet addressed to the DDoS attack protection target server 201. A routing setting change instruction packet (from the first router) for routing to the communication device 2 (second router) is transferred to the edge routers 102, 103, and 104, and the edge routers 102, 103, and 104 transfer a communication packet to the DDoS attack protection target server 201 to the communication device 2. Change the routing settings to route to. As a result, all communication packets addressed to the DDoS attack defense target server 201 from the DDoS attack terminals 202 and 203 and the legitimate service using terminal 204 are collected in the communication device 2”). 
	If the first router reaches a certain threshold in traffic the router will then forward the packets to a plurality of edge devices using a second router.  
Regarding Claim 8: 
HAMANO discloses: 
The network management device according to claim 1, wherein the processor is configured to select the first router and the second router by giving priority to the number of the second routers (¶22: “A routing setting change instruction packet for routing to the communication device 2 (second router) is transferred to the edge routers 102, 103, and 104, and the edge routers 102, 103, and 104 transfer a communication packet to the DDoS attack protection target server 201 to the communication device 2. Change the routing settings to route to. As a result, all communication packets addressed to the DDoS attack defense target server 201 from the DDoS attack terminals 202 and 203 and the legitimate service using terminal 204 are collected in the communication device 2”) 

Regarding Claim 9: 
HAMANO discloses: 
The network management device according to claim 1, wherein the processor is configured to select the first router by giving priority to a level of performance of the forward processing of traffic (¶22: The communication device 1 (first router) detects a suspected DDoS attack packet addressed to the DDoS attack protection target server 201 by monitoring a communication packet flowing between the edge router 101 and the server accommodation IP network N1, and transmits the communication packet addressed to the DDoS attack protection target server 201). 
Regarding Claim 10: 
HAMANO discloses: 
The network management device according to claim 1, wherein the processor is configured to select the first router and the second router based on the communication routes and a connection relationship between the plurality of edge routers and the plurality of intermediate routers (¶20: In accordance with the received routing setting change instruction, the edge routers 102, 103, and 104 change the routing setting so that a communication packet that matches the traffic profile of the suspected DDoS attack packet is not routed to the communication device 2 (intermediate second router). ¶22: “The communication device 1 detects a suspected DDoS attack packet addressed to the DDoS attack protection target server 201 by monitoring a communication packet flowing between the edge router 101 and the server accommodation IP network N1, and transmits the communication packet addressed to the DDoS attack protection target server 201. A routing setting change instruction packet (from the first intermediate router) for routing to the communication device 2 (second router) is transferred to the edge routers 102, 103, and 104, and the edge routers 102, 103, and 104 transfer a communication packet to the DDoS attack protection target server 201 to the communication device 2. Change the routing settings to route to. As a result, all communication packets addressed to the DDoS attack defense target server 201 from the DDoS attack terminals 202 and 203 and the legitimate service using terminal 204 are collected in the communication device 2).

Regarding Claim 11: 
HAMANO discloses: 
A method for managing a network including a plurality of edge routers and a plurality of intermediate routers connected between the plurality of edge routers, the method comprising: calculating respective communication routes of traffic to be forwarded from each of the plurality of edge routers to an attack target device that receives an attack from an outside of the network; setting the communication route of traffic to a second router such that the communication routes merge at a first router (¶22: ““The communication device 1 detects a suspected DDoS attack packet addressed to the DDoS attack protection target server 201 by monitoring a communication packet flowing between the edge router 101 and the server accommodation IP network N1, and transmits the communication packet addressed to the DDoS attack protection target server 201. A routing setting change instruction packet (from the first intermediate router) for routing to the communication device 2 (second router) is transferred to the edge routers 102, 103, and 104, and the edge routers 102, 103, and 104 transfer a communication packet to the DDoS attack protection target server 201 to the communication device 2. Change the routing settings to route to. As a result, all communication packets addressed to the DDoS attack defense target server 201 from the DDoS attack terminals 202 and 203 and the legitimate service using terminal 204 are collected in the communication device 2”); instructing the first router to suppress forwarding of traffic of the attack; and selecting the first router and the second router so as to satisfy a condition regarding a load of forward processing of traffic in the network and not to allow the traffic to loop from among the plurality of edge routers and the plurality of intermediate routers on the basis of a connection relationship between the plurality of edge routers and the plurality of intermediate routers (¶20: “: In accordance with the received routing setting change instruction, the edge routers 102, 103, and 104 change the routing setting so that a communication packet that matches the traffic profile of the suspected DDoS attack packet is not routed to the communication device 2 (intermediate second router).”).

Regarding Claim 12: 
A network system, comprising: a plurality of edge routers; a plurality of intermediate routers; and a management device configured to: calculate respective communication routes of traffic to be forwarded from each of the plurality of edge routers to an attack target device that receives an attack from an outside of the network set a communication route of traffic to a second router such that the communication routes merge at a first router (¶22: “The communication device 1 detects a suspected DDoS attack packet addressed to the DDoS attack protection target server 201 by monitoring a communication packet flowing between the edge router 101 and the server accommodation IP network N1, and transmits the communication packet addressed to the DDoS attack protection target server 201. A routing setting change instruction packet (from the first intermediate router) for routing to the communication device 2 (second router) is transferred to the edge routers 102, 103, and 104, and the edge routers 102, 103, and 104 transfer a communication packet to the DDoS attack protection target server 201 to the communication device 2. Change the routing settings to route to. As a result, all communication packets addressed to the DDoS attack defense target server 201 from the DDoS attack terminals 202 and 203 and the legitimate service using terminal 204 are collected in the communication device 2”), and instruct the first router to suppress forwarding of traffic of the attack, wherein, the processor selects the first router and the second router so as to satisfy a condition regarding a load of forward processing of traffic in the network and not to allow the traffic to loop from among the plurality of edge routers and the plurality of intermediate routers on the basis of a connection relationship between the plurality of edge routers and the plurality of intermediate routers (¶20 In accordance with the received routing setting change instruction, the edge routers 102, 103, and 104 change the routing setting so that a communication packet that matches the traffic profile of the suspected DDoS attack packet is not routed to the communication device 2 (second device) (step 312).).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: 
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention
is not identically disclosed as set forth in section 102, if the differences between the claimed
invention and the prior art are such that the claimed invention as a whole would have been obvious
before the effective filing date of the claimed invention to a person having ordinary skill in the art
to which the claimed invention pertains. Patentability shall not be negated by the manner in which
the invention was made.

Claims 2 and 4 are rejected under 35 U.S.C 103 as be unpatentable over HAMANO (JP 2004248185 A) in view of Wang (US 2018/0234297 A1). 
Regarding Claim 2: 
HAMANO does not disclose the following limitation “wherein the condition is that the load of forward processing of traffic of the first router is equal to or less than a threshold value”
Wang discloses: 
The network management device according to claim 1, wherein the condition is that the load of forward processing of traffic of the first router is equal to or less than a threshold value (¶41: “If the packet is at or below the threshold for the matching rule, or there is no matching rule for the packet, the software policing module 202 forwards the packet to the CPU 226.”). 
Given the teaching of Wang, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages by integrating a bandwidth utilization rate threshold value in order to forward traffic between a first router and a second router. One of ordinary skill in the art would have been motivated to do so because Tang recognizes that by implementing this feature a processor can be configured to forward the packet of a first router to a second router as long as the second router is below a utilization rate. This method ensures that a first router can transfer packets to a second router without slowing down the communication process of the overall communication network (¶41“If the packet is at or below the threshold for the matching rule, or there is no matching rule for the packet, the software policing module 202 forwards the packet to the CPU 226.”)).
Regarding Claim 4: 
HAMANO does not disclose the following limitation “wherein the condition is that a band use rate of a link between the first router and the second router is equal to or less than a threshold value”
Wang discloses: 
The network management device according to claim 1, wherein the condition is that a band use rate of a link between the first router and the second router is equal to or less than a threshold value (¶41“If the packet is at or below the threshold for the matching rule, or there is no matching rule for the packet, the software policing module 202 forwards the packet to the CPU 226.”)).
Given the teaching of Wang, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages by integrating a bandwidth utilization rate threshold value between a first router and a second router. One of ordinary skill in the art would have been motivated to do so because Tang recognizes that by implementing this feature a processor can be configured to forward the packet of a first router to a second router as long as the second router is below a utilization rate. This method ensures that a first router can transfer packets to a second router without slowing down the communication process (¶41).

Claims 3 is rejected under 35 U.S.C 103 as be unpatentable over HAMANO (JP 2004248185 A) in view of Waful (US 10724867 B1). 
Regarding Claim 3: 
	HAMANO does not disclose the following limitation “wherein the condition is that a distance between the first router and the second router is equal to or less than a threshold value”
	Waful discloses:
The network management device according to claim 1, wherein the condition is that a distance between the first router and the second router is equal to or less than a threshold value (Column 11, Line 33 and Column 12, Line 16). 
Given the teaching of Waful, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages by integrating a distance threshold value between a first router and a second router. One of ordinary skill in the art would have been motivated to do so because Waful recognizes that by implementing this feature a first router and a second router are within a certain distance in order to ensure that the signal strength and the router position of each router are within an effective communication range value (Column 11, Line 33 and Column 12, Line 16). 

 Claims 5 is rejected under 35 U.S.C 103 as be unpatentable over HAMANO (JP 2004248185 A) in view of Mi (US 2019/0173901 A1).
Regarding Claim 5: 
HAMANO does not disclose the following limitation “wherein the condition is that an increase amount of a distance from the second router to the attack target device is equal to or less than a threshold value by the setting of the communication route to the second router”
Mi discloses the following limitation
The network management device according to claim 1, wherein the condition is that an increase amount of a distance from the second router to the attack target device is equal to or less than a threshold value by the setting of the communication route to the second router (¶60: ”When the attack protection request is a traffic filtering request, because the traffic needs to be filtered or cleaned, it may be set that the next-hop address points to a traffic attack processing system (for example, a DDoS cleaning system). The DDoS cleaning system may filter and/or redirect network traffic to protect legitimate traffic and/or discard ill-purposed requests. In this case, the next-hop address may be an address or an interface address of the traffic attack processing system (for example, the DDoS cleaning system). In this way, the border router may divert, after receiving routing information, the traffic of the target network address to the traffic attack processing system to filter or clean the traffic. ¶61: For example, when the address of the DDoS cleaning system is 2.2.2.2, it may be set that the next-hop address is 2.2.2.2.”).
Given the teaching of Mi, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of integrating the methodology of redirecting an infected packet from one edge device to another. One of ordinary skill in the art would have been motivated to do so because Mi recognizes that by implementing this feature a DDoS cleaning system can be configured to filter out and clean up an infected packet before sending it over to another edge device. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAAD ABDULLAH whose telephone number is 571-272-1531. The examiner can normally be reached on Monday-Friday 9am-5pm EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, LYNN FIELD can be reached on 571-272-2092.
Information regarding the status of an application may be obtained from the Patent Application Information
Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or
Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more
information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the
Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like
assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-
786-9199 (IN USA OR CANADA) or 571-272-1000.
/SAAD AHMAD ABDULLAH/Examiner, Art Unit 2431                                                                                                                                                                                                        
/SHIN-HON (ERIC) CHEN/Primary Examiner, Art Unit 2431