Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

DETAILED ACTION
This is a reply to the application filed on 08/10/2020, in which, claim(s) 1-18 are pending. Claims 1 and 11, are independent. 

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/13/2021, has been reviewed. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the information disclosure statement.

Drawings
The drawings filed on 08/10/2020 are accepted by The Examiner.

EXAMINER’S AMENDMENT
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner's amendment was given in a telephone interview with Attorney George B. F. Yee (Reg. No. 37,478) on 06/08/2022 and followed up on 06/28/2022. 

The application has been amended as follows:

Please replace claim 1 with:
1. (Currently amended) A method of authenticating an intra network device between inter network devices of a network comprising:
provisionally authenticating an intra network device of a network through an authentication agent executing on a processor of a switch device with a plurality of switch device ports, the intra network device authenticated to communicate with remaining network devices of the network through a first switch device port of the plurality of switch device ports through a physical link coupling the first switch device port to the intra network device, the provisionally authenticating comprising:
while a second switch device port of the plurality of switch device ports to the network device remains blocked, preventing the intra network device from communicating with the remaining network devices through the second switch device port, intercepting one or more authentication packets from the intra network device through the second switch device port, the authentication packets directed to an authentication host device by the intra network device for authenticating the intra network device to communicate with the remaining network devices at the second switch device port; and
forwarding the authentication packets intercepted from the intra network device to the authentication host device for authentication of the intra network device at the second switch device port; [[and]]
in response to receiving an acknowledgment from the authentication host device of the authentication of the intra network device to communicate with the remaining network devices at the second switch device port, removing blocking of the second switch device port to allow communication of non-authentication packets between the intra network device and the remaining network devices at the second switch device port; and
maintaining associations between authenticated intra network devices of the network, including the intra network device, and corresponding switch ports of the switch in a forwarding table.

Please replace claim 4 with:
4. (Currently Amended) The method of claim 1, further comprising in response to receiving [[an]] the acknowledgment from [[an]] the authentication host device of authentication of the intra network device at the second switch device port, updating an association in an forwarding table between the intra network device and the first switch device port to an association between the intra network device and the second switch device port.

Please cancel claim 5;

Please replace claim 10 with:
10. (Currently Amended) The method of claim 9, further comprising performing the removing [[the]] of blocking at the second switch device port only in response to the authentication notification from [[of]] the intra network device at the second switch device port to prevent network device packet loss.

Please replace claim 11 with:
11. (Currently amended) An inter network device for authenticating an [[inter]] intra network device of a network, the inter network device including a plurality of inter network device ports and comprising:
memory configured to store a program code; and
a processor that when executing the program code causes the inter network device to provisionally authenticate [[an]] the intra network device at a second inter network device port of the plurality of inter network device ports, while the intra network device is already authenticated at a first inter network device port of the plurality of inter network device port, using an authentication agent by causing the inter network device to:
while blocking the second inter network device port from communicating with remaining network devices of the network at the second inter network device port, intercept one or more authentication packets from the intra network device at the second inter network device port, the authentication packets directed to an authentication host by the intra network device for authenticating the intra network device to communicate with the remaining network devices, [[and]]
in response to the inter network device ing the authentication packets, forward the authentication packets to the authentication host for authentication of the intra network device at the second inter network device port, and
in response to receiving an acknowledgment from the authentication host of the authentication of the intra network device to communicate with the remaining network devices at the second inter network device port, remove the blocking to allow communication of non-authentication packets between the intra network device and the remaining network devices at the second inter network device port.




Allowable Subject Matter
Claims 1-4, and 6-18 are allowed.
The following is an examiner's statement of reasons for allowance:

Independent Claim(s) and their respective dependent claims are allowable over prior arts since the prior arts taken individually or in combination fails to particular discloses, fairly suggest or render obvious the following italic limitations:

In claim 1:
“in response to receiving an acknowledgment from the authentication host device of the authentication of the intra network device to communicate with the remaining network devices at the second switch device port, removing blocking of the second switch device port to allow communication of non-authentication packets between the intra network device and the remaining network devices at the second switch device port.” in combination with other limitations recited as specified in the independent claim(s). 

In claim 11:
“in response to receiving an acknowledgment from the authentication host of the authentication of the intra network device to communicate with the remaining network devices at the second inter network device port, remove the blocking to allow communication of non-authentication packets between the intra network device and the remaining network devices at the second inter network device port.” in combination with other limitations recited as specified in the independent claim(s). 

The closest prior art made of record are:
Gilde et al. (US 2013/0091534 A1, cited by the applicant in the 12/13/2021 IDS) teaches enabling enforcement of access control on a network. Access control may grant or deny permission to a given device user, device or node, for accessing a resource and may protect resources by limiting access to only authenticated and authorized users and/or devices.
Da Silva Peixoto et al. (US 2019/0104127 A1) teaches a smart process control switch can implement a lockdown routine to lockdown its communication ports exclusively for use by devices having known physical addresses, enabling the smart process control switch to prevent new, potentially hostile, devices from communicating with other devices to which the smart process control switch is connected.
Suzuki et al. (US 2011/0197011 A1) teaches a storage apparatus and interface expansion authentication method capable of changing the connection configuration of the interfaces.
Hemaraju et al. (US 2019/0334894 A1) teaches a method for switch authentication which includes receiving, at a network device, an authentication message intended for a user from an authentication server, wherein the network device is registered with the authentication server as a source device for the user. The authentication message may be a change of authentication message and the authentication server may be a change of authorization server. The authentication message may be an instruction to perform one of: an action to Quarantine the user, an action to elevate Access by moving the user to a different VLAN; an action to Re-authenticate a user device associated with the user; an action to bounce a port accessible by the user device; or an action to block access of the user device.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497