DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Response to Amendment
This is a reply to the request for Continued Examination (RCE) filed on 06/29/2022, in which Claim(s) 2-4, and 6-22 are presented for examination. Claim(s) 2, 6, 10, 11, and 18, are amended. Claim(s) 1, and 5, are cancelled. Claim(s) 22 is newly added.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 06/29/2022 has been entered.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/29/2022 were filed after the mailing date of the notice of allowance on 03/30/2022.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
The closest relevant prior art cited by the applicant are:
Jungck et al. (US 2013/0263247 A1) teaches a packet interceptor/processor apparatus coupled with the network to intercept and process packets flowing over the network. The apparatus applies one or more rules to the intercepted packets which execute one or more functions on a dynamically specified portion of the packet and take one or more actions with the packets. Further, the rules may be dynamically modified by the external devices.
Law et al. (US 2011/0072506 A1) teaches a Unified Threat Management System (UTMS) for securing network traffic in a process control system. The system may comprise network devices configured to receive network traffic related to the process control system and including a ruleset received from an external source. The network devices may also communicate with a perpetual service that proactively supplies the devices with rulesets to meet the latest security threats, threat patterns, and control system vulnerabilities found or predicted to exist within the network.
Demopoulos et al. (US 2010/0257598 A1) teaches an integrated data traffic monitoring system monitoring data traffic received from a communication network and destined for a protected network. The monitoring system collects data from each of the technologies into an event database and, based on the data, automatically generates rules directing one or more of the technologies to prevent subsequent communications traffic from specific sources from entering the protected network.
The above discussed references cited in the IDS do not teach the claimed limitation.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 08/02/2021, 08/02/2021, 08/04/2021, 08/10/2021 and 03/08/2022, has been reviewed. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the information disclosure statement.

Response to Arguments
Double Patenting (DP):
Applicant submitted an Terminal Disclaimer on 11/29/2021 to overcome DP rejection issued in the previous office action. The Terminal Disclaimer has been approved. The DP rejection issued in the previous action has been withdrawn.

Claim Rejections - 35 U.S.C. § 103:
Applicants’ arguments with respect to claims rejected under prior art have been fully considered and are persuasive. The rejection of 35 U.S.C. § 103 have been withdrawn in view of the amendment to claim.

Allowable Subject Matter
Claims 2-4, and 6-22 are allowed.
The following is an examiner's statement of reasons for allowance:
Independent Claim(s) and their respective dependent claims are allowable over prior arts since the prior arts taken individually or in combination fails to particular discloses, fairly suggest or render obvious the following italic limitations:

In regards to claim(s) 2, and 11, the prior art of record (Beauvais et al. (US 2013/0081102 A1; hereinafter Beauvais) in view Horman et al. (US 2012/0311693 A1; hereinafter Horman) further in view of David K. Ahn (US 2011/0055916 A1; hereinafter Ahn) and further in view of Rand et al. (US 2007/0118669 A1; hereinafter Rand)) does not disclose:
“receiving, by a server and from a first malicious host tracker services external to a network protected by at least one packet security gateway, malicious traffic information that comprises a first set of network addresses that have been determined, by the first malicious host tracker service, to be associated with malicious network traffic corresponding to a network threat; 
automatically creating or altering, by the server and based on the first set of network addresses, a first packet filtering rule, of a set of packet filtering rules, that corresponds to the network threat,
receiving, by the server and from a second malicious host tracker service, a second set of network addresses, wherein the second malicious host tracker service is different from the first malicious host tracker service; 
the first set of network addresses does not include at least one second network address of the second set of network addresses; and 
updating, by the server, the first packet filtering rule by modifying the first packet filtering rule to further include the at least one second network address; and 
transmitting, by the server and to the at least one packet security gateway, the updated first packet filtering rule, wherein the at least one packet security gateway is configured to use the updated first packet filtering rule to filter a second packet.” in combination with other limitations recited as specified in the independent claim(s). 

In regards to claim(s) 18, the prior art of record (Beauvais et al. (US 2013/0081102 A1; hereinafter Beauvais) in view Horman et al. (US 2012/0311693 A1; hereinafter Horman) further in view of David K. Ahn (US 2011/0055916 A1; hereinafter Ahn) and further in view of Rand et al. (US 2007/0118669 A1; hereinafter Rand)) does not disclose:
“receive, from a first malicious host tracker services external to a network protected by the at least one packet security gateway, malicious traffic information that comprises a first set of network addresses that have been determined, by the first malicious host tracker service, to be associated with malicious network traffic corresponding to a network threat; 
automatically creating or altering, based on the first set of network addresses, first packet filtering rule, of a set of packet filtering rules, that corresponds to the network threat,
receive, from a second malicious host tracker service, a second set of network addresses, wherein the second malicious host tracker service is different from the first malicious host tracker service; 
the first set of network addresses does not include at least one second network address of the second set of network addresses; 
update the first packet filtering rule by modifying the first packet filtering rule to further include the at least one second network address; and 
cause the at least one packet security gateway to: 
use the first packet filtering rule to filter a first packet; and 
use the updated first packet filtering rule to filter a second packet.” in combination with other limitations recited as specified in the independent claim(s). 

Rather, Beauvais discloses “managing a security policy” (Abstract, [0022-0024], [0034-0036] and [0055]). Similarly, Horman teaches “updating firewall rules in a stateless IPv6 autoconfiguration environment” ([0001], [0013-0014]), Ahn teaches “packet filtering rules” ([0030] and [0048]) and Rand teaches “different malicious host tracker service” ([0053] and [0058]). Accordingly, the claims are allowed.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497