Detailed Action
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This is the initial office action that has been issued in response to patent application, 17/069,869, filed on 10/14/2020. Claims 1-21, as originally filed, are currently pending and have been considered below. Claim 1, 8 and 15 are independent claim.

Priority
No priority claimed.

Drawings
The drawings filed on 10/14/2020 are accepted by the examiner.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claim 1-21 are rejected under 35 U.S.C. 103 as being unpatentable over Mahaffey (US Patent Application No 2015/0188949 A1) in view of Hulick,JR (US Patent Application Publication No. 2019/0132289 A1). 

Regarding Claim 1, Mahaffey discloses a method for a computer system to perform context-aware network policy enforcement, wherein the method comprises: 
detecting a request for a client device to access a destination server, wherein the client device resides in a first network and the destination server in a second network (Mahaffey, Fig-4, ¶[0060], gateway between client and server. Packets flow over internet 418, 420 and 422. ¶[0064], a connection can be made from San Francisco to San Jose and it may go through Washington DC where there’s a peering point. Fig-7, ¶[0161], computing device may connect to various remote destinations via a network); 
extracting, from the request, connection information identifying a connection to be established for the client device to access the destination server (Mahaffey, Fig-7, ¶[0161], computing device may connect to various remote destinations via a network. User may be at home, coffee shop or airport. ¶[0166], if the user is in a coffee shop connected to a public Wi-Fi access point, a VPN may be desired to preserve the privacy and security of information being communicated. ¶[0275], configuration and establishment of the secure network connection may occur dynamically and based on the computing device’s current context); 
mapping the connection information to contextual information associated with the client device or a user operating the client device, or both (Mahaffey, ¶[0277], the policies may include several rules that define events, situations and conditions that trigger the automatic configuration and creation of a secure network connection. A policy may indicate if the computing device leaves or enters a particular geographical region, a SNC connection should be used for any outgoing network access request. ¶[0282], a secure network connection may be established between server and computing device in response to receiving the credentials from the computing device); 
based on the contextual information, applying one or more network policies to determine whether to allow or deny access by the client device to the destination server (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information); and 
Mahaffey does not explicitly teach the following limitation that Hulick, JR. teaches:
in response to determination to allow the access, generating and sending a first response to allow establishment of the connection; but otherwise generating and sending a second response to block establishment of the connection (Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection). 
Mahaffey in view of Hulick, JR. are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “context-aware firewall and security of computing devices”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Mahaffey in view of Hulick, JR to include the idea of enrolling and authenticating a user in an authentication system via a user’s mobile computing device.

Regarding Claim 2, Mahaffey in view of Hulick, JR. discloses the method of claim 1, wherein mapping the connection information to the contextual information comprises: 
based on the connection information, determining identification information associated with the client device or the user, both the connection information and the identification information being obtained from an access gateway prior to detecting the request (Mahaffey, Fig-4, ¶[0061], connection being made over destination. Traffic is flowing through a number of intermediate gateways. ¶[0070], there can be custom IP or TCP headers to specify the sending of a packet to the next gateway in the chain. ¶[0075], if all traffic is running through a local gateway, most traffic may be to, for example, Google; it may proceed Straight to Google and not be deviated from its path and there can be a network policy applied to it. ¶[0078], the gateway knows who the user is and what the user is accessing and is able to perform analytics and access control).

Regarding Claim 3, Mahaffey in view of Hulick, JR. discloses the method of claim 2, wherein mapping the connection information to the contextual information comprises: 
based on identification information associated with the client device or the user, mapping the connection information to the contextual information (Mahaffey, Fig-4, ¶[0093], if there is a gateway on the device, the goal which is traditional network routing: there is a packet, send it; and not, the device has a packet, let's wait for some sort of other event. A feature of the system includes adding context to that routing decision to recognize).
 
Regarding Claim 4, Mahaffey in view of Hulick, JR. discloses the method of claim 1, wherein extracting the connection information comprises:
extracting the connection information that includes layer-3 protocol information or layer-4 protocol information, or both, associated with the connection (Mahaffey, ¶[0177], The system can perform actions such as breaking the existing network connection and establishing a new one at the lowest network layers. ¶[0228], network type may include information indicating whether or not the network connection is secure, information indicating whether or not the network connection is unsecure, an identification of the secure connection service or protocol, an identification of the communication protocol, an identification of the physical network type. Some examples of protocols include Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), Secure Sockets Layer (SSL), Internet Protocol Security (IPsec), Secure Shell (SSH), and OpenVPN).

Regarding Claim 5, Mahaffey in view of Hulick, JR. the method of claim 4, wherein extracting the connection information comprises: 
extracting the connection information that includes (a) a source address associated with an interface of an access gateway capable of acting as an intermediary between the client device and the destination server and (b) a source port number selected by the access gateway for the connection (Mahaffey, ¶[0266], the first type of connection may be point-to-point tunneling protocol. The second type of connection may be a layer 2 tunneling protocol). 

Regarding Claim 6, Mahaffey in view of Hulick, JR. discloses the method of claim 1, wherein applying the one or more network policies comprises at least one of the following: 
applying the one or more network policies based on the contextual information that includes one or more of the following: hardware information associated with the client device; software information associated with the client device; a state associated with the client device; a location associated with the client device or the user; a login name associated with the user; and a role associated with the user (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection); and
in response to determination to allow the access, initiating a context-aware security scan for the connection based on the contextual information (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (I,e. is a success), then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection). 

Regarding Claim 7, Mahaffey in view of Hulick, JR. discloses the method of claim 1, wherein generating and sending the first response or the second response comprises: 
generating and sending the first response or second response to a firewall engine that is located along a datapath leading to the destination server to facilitate establishment of the connection based on the first response or blocking of the connection based on the second response (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection). 

Regarding Claim 8, Mahaffey discloses a non-transitory computer-readable storage medium that includes a set of instructions which, in response to execution by a processor of a computer system, cause the processor to perform context-aware network policy enforcement, wherein the method comprises: 
detecting a request for a client device to access a destination server, wherein the client device resides in a first network and the destination server in a second network (Mahaffey, Fig-4, ¶[0060], gateway between client and server. Packets flow over internet 418, 420 and 422. ¶[0064], a connection can be made from San Francisco to San Jose and it may go through Washington DC where there’s a peering point. Fig-7, ¶[0161], computing device may connect to various remote destinations via a network); 
extracting, from the request, connection information identifying a connection to be established for the client device to access the destination server (Mahaffey, Fig-7, ¶[0161], computing device may connect to various remote destinations via a network. User may be at home, coffee shop or airport. ¶[0166], if the user is in a coffee shop connected to a public Wi-Fi access point, a VPN may be desired to preserve the privacy and security of information being communicated. ¶[0275], configuration and establishment of the secure network connection may occur dynamically and based on the computing device’s current context); 
mapping the connection information to contextual information associated with the client device or a user operating the client device, or both (Mahaffey, ¶[0277], the policies may include several rules that define events, situations and conditions that trigger the automatic configuration and creation of a secure network connection. A policy may indicate if the computing device leaves or enters a particular geographical region, a SNC connection should be used for any outgoing network access request. ¶[0282], a secure network connection may be established between server and computing device in response to receiving the credentials from the computing device); 
based on the contextual information, applying one or more network policies to determine whether to allow or deny access by the client device to the destination server (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information); and 
Mahaffey does not explicitly teach the following limitation that Hulick,JR teaches:
in response to determination to allow the access, generating and sending a first response to allow establishment of the connection; but otherwise generating and sending a second response to block establishment of the connection (Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection).
Mahaffey in view of Hulick,JR. are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “context-aware firewall and security of computing devices”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Mahaffey in view of Hulick, JR to include the idea of enrolling and authenticating a user in an authentication system via a user’s mobile computing device.

Regarding Claim 9, Mahaffey in view of Hulick, JR. discloses the non-transitory computer-readable storage medium of claim 8, wherein mapping the connection information to the contextual information comprises: 
based on the connection information, determining identification information associated with the client device or the user, both the connection information and the identification information being obtained from an access gateway prior to detecting the request (Mahaffey, Fig-4, ¶[0061], connection being made over destination. Traffic is flowing through a number of intermediate gateways. ¶[0070], there can be custom IP or TCP headers to specify the sending of a packet to the next gateway in the chain. ¶[0075], if all traffic is running through a local gateway, most traffic may be to, for example, Google; it may proceed Straight to Google and not be deviated from its path and there can be a network policy applied to it. ¶[0078], the gateway knows who the user is and what the user is accessing and is able to perform analytics and access control).
 
Regarding Claim 10, Mahaffey in view of Hulick, JR. discloses the non-transitory computer-readable storage medium of claim 9, wherein mapping the connection information to the contextual information comprises: 
based on identification information associated with the client device or the user, mapping the connection information to the contextual information (Mahaffey, Fig-4, ¶[0093], if there is a gateway on the device, the goal which is traditional network routing: there is a packet, send it; and not, the device has a packet, let's wait for some sort of other event. A feature of the system includes adding context to that routing decision to recognize).

Regarding Claim 11, Mahaffey in view of Hulick, JR. discloses the non-transitory computer-readable storage medium of claim 8, wherein extracting the connection information comprises: 
extracting the connection information that includes layer-3 protocol information or layer-4 protocol information, or both, associated with the connection (Mahaffey, ¶[0177], The system can perform actions such as breaking the existing network connection and establishing a new one at the lowest network layers. ¶[0228], network type may include information indicating whether or not the network connection is secure, information indicating whether or not the network connection is unsecure, an identification of the secure connection service or protocol, an identification of the communication protocol, an identification of the physical network type. Some examples of protocols include Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), Secure Sockets Layer (SSL), Internet Protocol Security (IPsec), Secure Shell (SSH), and OpenVPN).

Regarding Claim 12, Mahaffey in view of Hulick, JR. discloses the non-transitory computer-readable storage medium of claim 11, wherein extracting the connection information comprises: 
extracting the connection information that includes (a) a source address associated with an interface of an access gateway capable of acting as an intermediary between the client device and the destination server and (b) a source port number selected by the access gateway for the connection (Mahaffey, ¶[0266], the first type of connection may be point-to-point tunneling protocol. The second type of connection may be a layer 2 tunneling protocol).

Regarding Claim 13, Mahaffey in view of Hulick, JR. discloses the non-transitory computer-readable storage medium of claim 8, wherein applying the one or more network policies comprises at least one of the following: 
applying the one or more network policies based on the contextual information that includes one or more of the following: hardware information associated with the client device; software information associated with the client device; a state associated with the client device; a location associated with the client device or the user; a login name associated with the user; and a role associated with the user (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection); and
in response to determination to allow the access, initiating a context-aware security scan for the connection based on the contextual information (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection). 

Regarding Claim 14, Mahaffey in view of Hulick, JR. discloses the non-transitory computer-readable storage medium of claim 8, wherein generating and sending the first response or the second response comprises: 
generating and sending the first response or second response to a firewall engine that is located along a datapath leading to the destination server to facilitate establishment of the connection based on the first response or blocking of the connection based on the second response (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection). 

Regarding Claim 15, Mahaffey discloses a computer system, comprising: 
a processor configured to implement a network policy enforcer (Mahaffey, Fig-2); and
a non-transitory computer-readable medium to store (a) multiple network policies and (b) instructions executable by the processor to cause the network policy enforcer (Mahaffey, Fig-2) to perform the following: 
detect a request for a client device to access a destination server, wherein the client device resides in a first network and the destination server in a second network (Mahaffey, Fig-4, ¶[0060], gateway between client and server. Packets flow over internet 418, 420 and 422. ¶[0064], a connection can be made from San Francisco to San Jose and it may go through Washington DC where there’s a peering point. Fig-7, ¶[0161], computing device may connect to various remote destinations via a network); 
extract, from the request, connection information identifying a connection to be established for the client device to access the destination server (Mahaffey, Fig-7, ¶[0161], computing device may connect to various remote destinations via a network. User may be at home, coffee shop or airport. ¶[0166], if the user is in a coffee shop connected to a public Wi-Fi access point, a VPN may be desired to preserve the privacy and security of information being communicated. ¶[0275], configuration and establishment of the secure network connection may occur dynamically and based on the computing device’s current context); 
map the connection information to contextual information associated with the client device or a user operating the client device, or both (Mahaffey, ¶[0277], the policies may include several rules that define events, situations and conditions that trigger the automatic configuration and creation of a secure network connection. A policy may indicate if the computing device leaves or enters a particular geographical region, a SNC connection should be used for any outgoing network access request. ¶[0282], a secure network connection may be established between server and computing device in response to receiving the credentials from the computing device); 
based on the contextual information, apply one or more of the multiple network policies to determine whether to allow or deny access by the client device to the destination server (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information); and 
Mahaffey does not explicitly teach the following limitation that Hulick, JR teaches:
in response to determination to allow the access, generate and send a first response to allow establishment of the connection; but otherwise generate and send a second response to block establishment of the connection (Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection).
Mahaffey in view of Hulick, JR. are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “context-aware firewall and security of computing devices”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Mahaffey in view of Hulick, JR to include the idea of enrolling and authenticating a user in an authentication system via a user’s mobile computing device.

Regarding Claim 16, Mahaffey in view of Hulick, JR. discloses the computer system of claim 15, wherein the instructions for mapping the connection information to the contextual information cause the network policy enforcer to: 
based on the connection information, determine identification information associated with the client device or the user, both the connection information and the identification information being obtained from an access gateway prior to detecting the request (Mahaffey, Fig-4, ¶[0061], connection being made over destination. Traffic is flowing through a number of intermediate gateways. ¶[0070], there can be custom IP or TCP headers to specify the sending of a packet to the next gateway in the chain. ¶[0075], if all traffic is running through a local gateway, most traffic may be to, for example, Google; it may proceed Straight to Google and not be deviated from its path and there can be a network policy applied to it. ¶[0078], the gateway knows who the user is and what the user is accessing and is able to perform analytics and access control). 

Regarding Claim 17, Mahaffey in view of Hulick, JR. discloses the computer system of claim 16, wherein the instructions for mapping the connection information to the contextual information cause the network policy enforcer to: 
based on identification information associated with the client device or the user, map the connection information to the contextual information (Mahaffey, Fig-4, ¶[0093], if there is a gateway on the device, the goal which is traditional network routing: there is a packet, send it; and not, the device has a packet, let's wait for some sort of other event. A feature of the system includes adding context to that routing decision to recognize).

Regarding Claim 18, Mahaffey in view of Hulick, JR. discloses the computer system of claim 15, wherein the instructions for extracting the connection information cause the network policy enforcer to: 
extract the connection information that includes layer-3 protocol information or layer-4 protocol information, or both, associated with the connection (Mahaffey, ¶[0177], The system can perform actions such as breaking the existing network connection and establishing a new one at the lowest network layers. ¶[0228], network type may include information indicating whether or not the network connection is secure, information indicating whether or not the network connection is unsecure, an identification of the secure connection service or protocol, an identification of the communication protocol, an identification of the physical network type. Some examples of protocols include Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), Secure Sockets Layer (SSL), Internet Protocol Security (IPsec), Secure Shell (SSH), and OpenVPN). 

Regarding Claim 19, Mahaffey in view of Hulick, JR. discloses the computer system of claim 18, wherein the instructions for extracting the connection information cause the network policy enforcer to: 
extract the connection information that includes (a) a source address associated with an interface of an access gateway capable of acting as an intermediary between the client device and the destination server and (b) a source port number selected by the access gateway for the connection (Mahaffey, ¶[0266], the first type of connection may be point-to-point tunneling protocol. The second type of connection may be a layer 2 tunneling protocol).

Regarding Claim 20, Mahaffey in view of Hulick, JR. discloses the  computer system of claim 15, wherein the instructions for applying the one or more network policies cause the network policy enforcer to perform at least one of the following: 
apply the one or more network policies based on the contextual information that includes one or more of the following: hardware information associated with the client device; software information associated with the client device; a state associated with the client device; a location associated with the client device or the user; a login name associated with the user; and a role associated with the user (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection); and
in response to determination to allow the access, initiate a context-aware security scan for the connection based on the contextual information (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success) , then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection).

Regarding Claim 21, Mahaffey in view of Hulick, JR. discloses the computer system of claim 15, wherein the instructions for generating and sending the first response or the second response cause the network policy enforcer to: 
generate and send the first response or second response to a firewall engine that is located along a datapath leading to the destination server to facilitate establishment of the connection based on the first response or blocking of the connection based on the second response (Mahaffey, ¶[0311]-¶[0314], contextual information identifies actions, activities and locations associated with a user. ¶[0316], at least one policy may be identified based on the retrieved contextual information. ¶[0325]- ¶[0329], the security policy is applied using the collected contextual information. Hulick, JR. Fig-8, ¶[0122]- ¶[0123], agent process may determine the application context and apply it to firewall policies. Agent process may review whitelist/blacklist for node name and if the node name fails, the agent process may block the connection. On the other hand, if the application context is not to be denied by the firewall (i . e . is a success), then the techniques may allow the connection. An explicit notification may be returned to the application 610 in the event of a blocked outbound connection).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-Form 892).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WASIKA NIPA whose telephone number is (571)272-8923.  The examiner can normally be reached on M-F, 8 am to 5 pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/WASIKA NIPA/           Primary Examiner, Art Unit 2433