Detailed Action
Claims 1-19 are presented for examination.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
Figures 1-31, 33-43, 45, 47-49, 51- 52 are objected to because they are illegible or otherwise blurry.  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Claim Rejections - 35 USC § 101
 	35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


    	Claims 1-20 are rejected under 35 USC 101 because the claimed invention is directed to non-statutory subject matter. The claims do not fall within at least one of the four categories of patent eligible subject matter because they recite “software per se”.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-3, 5-10, 12-16 and 18-19 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-17 of copending Application No. 17/219363.  Although the claims at issue are not identical, they are not patentably distinct from each other because claims in the copending application anticipate the claims in the instant application.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-19 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Johnson et al (US Pub. No. 2018/0309789).

Re Claim 1. Johnson discloses a network system comprising: a business application; a plurality of security systems for the business application; an integrated platform connecting the security systems for the business application (i.e. …the present disclosure relates to methods and systems for implementing a secure migratable architecture having improved flexibility, performance, security, and availability……..a system includes an enterprise security management configuration server. The server includes a programmable circuit and a memory storing computer-executable instructions that, when executed by the programmable circuit, cause the enterprise security management configuration server to: receive network concordance data at the enterprise security management configuration tool from a plurality of nodes within an enterprise network) [Johnson, para.0004-0006], (i.e. the enterprise security management tool, or configuration tool, described herein also provides advantages in terms of defining coordinated policies not just for similarly situated endpoints, but for cooperative endpoints, such as user devices, database servers, and associated web servers. In some such example embodiments, the enterprise security management tool can form “solutions” either automatically or by manual manipulation of graphical elements representing such endpoints. Such solutions may correspond, for example, to a collection of functionally interrelated endpoints for which it may be desirable to coordinate security settings) [Johnson, para.0050-0051] and a user interface for the integrated platform that provides access and control for each of the security systems as the integrated platform (i.e. user interface features provide additional guidance and simplicity to a user of the enterprise security management tool. For example, although specific affinity levels or solutions might be automatically defined, manipulation of a graphical user interface to adjust interrelationships among nodes, to group or ungroup similarly situated nodes, to create or decouple solutions, or other movements, can be defined to counteract an otherwise automated or default configuration, such that the manual adjustment is persisted through subsequent manipulations of nodes. Furthermore, the automated and manual manipulations of nodes can represent changes to security settings that are propagated, via underlying metadata, to a security settings file that can be imported into an enterprise security database for purposes of provisioning an enterprise network………….Users of such endpoints in this context may be associated with the enterprise and may be afforded access to computing resources at the endpoints 106; in such cases, different users may have different access rights to data or resources included in the enterprise. Accordingly, users are, via a management system, separated into defined communities of interest (COIs) which allows for common access rights to a group of users. The common access rights may be, in a corporate context, access rights associated with a particular department or project) [Johnson, para.0051, para.0056].

Re Claims 8 and 15. These claims recite features similar to features in claim 1, therefore they are rejected in a similar manner. Johnson further discloses the additional features recited in claim 8: a computer system [Johnson, para.0005] wherein the user interface comprises a topology explorer system landscape[Johnson, para.0112]  and the features recited in claim 15: a method [Johnson, para.0006] and displaying a topology explorer system landscape map for the integration platform that displays the security systems and communications between the security systems for the integration platform (i.e. This initial topology displays a plurality of individual nodes, which correspond to individual computing systems within an enterprise network, as well as a plurality of channels which represent specific communication flows among nodes and with external systems (e.g., from network data, including a source, destination, port information, security information (if any), and other information captured in network monitoring data logs that might be collected by agents as a part of concordance data.) [Johnson, para.0112, Fig. 11.].

Re Claims 2 and 9. Johnson discloses the features of claims 1 and 8, Johnson further discloses: further comprising: a topology explorer system landscape map displaying the security systems and communications between the security systems (i.e. This initial topology displays a plurality of individual nodes, which correspond to individual computing systems within an enterprise network, as well as a plurality of channels which represent specific communication flows among nodes and with external systems (e.g., from network data, including a source, destination, port information, security information (if any), and other information captured in network monitoring data logs that might be collected by agents as a part of concordance data) [Johnson, para.0112, Fig. 11].

Re Claims 3, 10 and 16. Johnson discloses the features of claims 2, 8 and 15, Johnson further teaches: wherein the topology explorer system landscape map identifies a security issue and identifies which of the security systems and communications are impacted by the security issue (i.e. FIG. 32 illustrates a portion of the configuration user interface 3100 in which details associated with a plurality of channels connected to the Internet are disclosed. The user interface 3100 includes a channel window 3202 that includes a plurality of listed connections at different ports and using different protocols/ports, as well as status indicators identifying whether the connection to those internet sites are secured (e.g., shown as a green box indicator), not secured (e.g., as seen in the first connection, represented by the open circles), or all blocked (e.g., as seen in the second connection, represented by the closed circle icon). FIG. 32, as well as previous user interface depictions, therefore represent a modeling mode in which channel security can be viewed and modified prior to deployment………………….the configuration user interface 3300 includes, for each solution, and for at least some profiles, one or more status indicators identifying a possible concern regarding either (1) a lack of security or (2) inconsistency among security settings in a particular solution, profile, or project. As seen in this example, four solutions are depicted, with solutions 1 and 4 surrounded by a red dashed line, indicated a possible lack of security within those solutions. … In particular, in some embodiments, an icon modifier in association with the profile (indicated in the example shown by a triangle in the upper right corner) can indicate a number of nodes within the profile that are affected.) [Johnson, para.0151-015., Fig. 32-33].

Re Claims 4, 11 and 17. Johnson discloses the features of claims 3, 10 and 16, Johnson further discloses: wherein the topology explorer system landscape map displays the identified security systems and the communications impacted by the security issue (i.e. In the embodiment shown, the configuration user interface 3300 includes, for each solution, and for at least some profiles, one or more status indicators identifying a possible concern regarding either (1) a lack of security or (2) inconsistency among security settings in a particular solution, profile, or project. As seen in this example, four solutions are depicted, with solutions 1 and 4 surrounded by a red dashed line, indicated a possible lack of security within those solutions. … In particular, in some embodiments, an icon modifier in association with the profile (indicated in the example shown by a triangle in the upper right corner) can indicate a number of nodes within the profile that are affected.) [Johnson, para. 0152, Fig. 33].

Re Claims 5 and 12. Johnson discloses the features of claims 1 and 8, Johnson further discloses: wherein each of the security systems comprise different functionality for risk management for the business application (i.e. a method of assigning security settings to one or more nodes within an enterprise network is disclosed. The method includes importing network concordance data at an enterprise security management configuration tool from a plurality of nodes within an enterprise network, and selecting, in a configuration user interface, an affinitization level selected from a plurality of discrete affinitization levels, each of the discrete affinitization levels corresponding to a different extent to which nodes within an enterprise are grouped into profiles. The method further includes selecting a profile having a plurality of nodes automatically grouped therein based on the selected discrete affinitization level, selecting one or more security settings to be included in a common security policy associated with the selected profile in a sub-region of the configuration user interface displayed in response to selecting the profile, and deploying the common security policy to each of the plurality of nodes.) [Johnson, para. 0007].

Re Claims 6, 13 and 18. Johnson discloses the features of claims 5, 12 and 16, Johnson further discloses: wherein the business application comprises a software application (i.e. enterprise security software 512 and a network agent 524. … The enterprise security software 512 is configured to control security in storage of data at communication of data at the computing system, and between that system and remote systems.) [Johnson, para.0096, 0097, Fig. 3].

Re Claims 7, 14 and 19. Johnson discloses the features of claims 6, 13 and 18, Johnson further discloses: the network system of claim 6, wherein the software application comprises at least one of Customer Relationship Management (CRM), Supplier Relationship Management (SRM), Supply Chain Management (SCM), Product Life-cycle Management (PLM), Human Capital Management (HCM), Integration Platforms, Business Warehouse (BW), Business, Business Intelligence (BI), or enterprise resource planning (ERP) (i.e. The management server 120 provides a universally-accessible access location at which management settings can be viewed, enterprise access attempts logged, license tracking can be managed, and security arrangements defined, including definition of encryption policies, communities of interest, enterprise resources available, and other features) [Johnson, para.0062, this teaches at least an Integrated Platform].


Pertinent prior art made of record, however not relied upon, includes:

Xie et al (US Pub.No.2018/0324219) discloses Systems and methods are described for analyzing, sharing and comparing security configurations. According to one embodiment, a security metric for a network segment of a private network is generated based on determination and analysis of network assets, network topology, and one or more defined security criteria representing security features being implemented by one or more network security devices that form part of the network segment, wherein the scoring metric is a quantitative representation of protection level and/or exposure level of the network segment.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NOURA ZOUBAIR whose telephone number is (571)270-7285. The examiner can normally be reached Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571-272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434