DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 3/29/2021 are accepted.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 3/29/2021, 10/28/2021, 1/31/2022, and 3/8/2022 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Terminal Disclaimer
The terminal disclaimer filed on 7/26/2022 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of U.S. Patents 10,630,698 and 10,979,441 has been reviewed and is accepted.  The terminal disclaimer has been recorded.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.  
Authorization for this examiner’s amendment was given in an emailed examiner’s amendment from Thomas Bassolino (Reg. No. 65,946) received on 7/26/2022.
The application has been amended as follows:
Please replace Claim 19 with the following:
19.  	(Currently amended) A system for network access control based on traffic monitoring and vulnerability detection using process related information, the system including a processor and a memory, the system comprising:
a process interceptor executing on a host coupled to an enterprise network and configured to determine process information for a process executing on the host and configured to allow or block a connection request from the process based on an authorization decision received from a remote resource;
an intrusion preventor coupled to the enterprise network, the intrusion preventor configured to evaluate the process and provide a verification report describing known vulnerabilities associated with the process based on the process information, connection information, and network packet information; and
 	a pattern matcher coupled to the enterprise network, the pattern matcher configured to receive the verification report from the intrusion preventor, to match the verification report with the process information for the process from the host based on a signature identification code in the verification report, and to transmit an authorization decision to the process interceptor regarding allowing or blocking of the connection request from the process executing on the host.

Please replace Claim 20 with the following:
20.	(Currently amended) The system of claim 19 further comprising an application process information database coupled to the pattern matcher and configured to store a plurality of verification reports from the intrusion preventor for use by the pattern matcher in evaluating connection requests from hosts within the enterprise network.

Allowable Subject Matter
Claims 1-20 are allowed.
The following is an examiner’s statement of reasons for allowance:
Regarding Claims 1, 11, and 19, although the closest prior art of record (such as Kapoor et al., (US 20120240185 A1), Korsunsky et al., (US 20110238855 A1), and Curt Yasm: "Prelude as a Hybrid IDS Framework", 1 January 2009 (2009-01-01), XP055251951, Retrieved from the Internet: URL:https://www.sans.org/reading-room/whitepapers/awareness/prelude-hybrid-ids-framework-33048)) teaches A method for network access control based on traffic monitoring and vulnerability detection using process related information, the method comprising: detecting at a pattern matching unit a connection request to a network device from a process executing on a host; receiving at the pattern matching unit, from a process intercepting unit executing on the host, process information for the process executing on the host; transmitting by the pattern matching unit to an intrusion prevention unit the process information for the process, connection information for the connection request, and network packet information for a packet associated with the connection request.
However, none of the prior art, alone or in combination teaches identifying by the intrusion prevention unit intrusive activity associated with a vulnerability specific to the process based on the process information, the connection information, and the network packet information, transmitting a verification report from the intrusion prevention unit to the pattern matching unit a verification report indicative of a vulnerability associated with activity by the process; and transmitting an authorization decision from the pattern matching unit to the process intercepting unit on the host regarding allowing or blocking of the connection request based on the verification report in view of other limitations of the independent claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW J STEINLE whose telephone number is (571)272-9923. The examiner can normally be reached M-F 10am-6pm CT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/ANDREW J STEINLE/Primary Examiner, Art Unit 2497