DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Notice of Imported Citations
The notice of imported citations submitted on June 28, 2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claim 53 is objected to because of the following informalities:  On line 3 of the claim, it is recited “via a firwall service” that is an inadvertent typographical error.  Appropriate correction is required.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that use the word “means” or “step” but are nonetheless not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph because the claim limitation(s) recite(s) sufficient structure, materials, or acts to entirely perform the recited function.  Such claim limitation(s) is/are: “computing device configured to receive/send/receive/permit/send” and “DNS server configure to receive/send” in claims 11, 37, and 53; “computing device configured to determine” in claim 12; “computing device configured to send” in claim 13; “computing device configured to receive” in claim 15; “computing device configured to generate” in claim 16; “computing device configured to determine” in claim 17; “computing device configured to send” in claim 18; “computing device configured to receive” in claim 19; “computing device configured to receive” in claim 20; “computing device configured to determine” in claim 38; “computing device configured to block” in claim 39; “computing device configured to determine” in claim 40; “computing device configured to receive/determine/block” in claim 54; “computing device configured to permit” in claim 55; and “computing device configured to reject” in claim 56.
Because this/these claim limitation(s) is/are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are not being interpreted to cover only the corresponding structure, material, or acts described in the specification as performing the claimed function, and equivalents thereof.
If applicant intends to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to remove the structure, materials, or acts that performs the claimed function; or (2) present a sufficient showing that the claim limitation(s) does/do not recite sufficient structure, materials, or acts to perform the claimed function.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-60 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10,951,582.  Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the instant application are anticipated by the patented claims in that the claims of the patent contain all of the limitations of the instant application.  Claims 1-60 of the instant application therefore are not patentably distinct from the earlier filed patented claims, and as such, is unpatentable for obvious-type double patenting.
17/166,816
1. An apparatus comprising: one or more processors; and a memory storing processor-executable instructions that, when executed by the one or more processors, cause the apparatus to: receive a domain name system (DNS) request comprising a uniform resource locator (URL); send, to a DNS server, the DNS request; receive a response to the DNS request, wherein the response comprises an internet protocol (TP) address corresponding to the URL and a time-to-live; permit, based on generating a firewall rule, access to the IP address until the time-to-live expires; and send, to a source of the DNS request, the response.  
2. The apparatus of claim 1, wherein the DNS request identifies the DNS server, and wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to determine that the DNS server is included in a white list of one or more DNS servers.  
3. The apparatus of claim 2, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to send, to the DNS server and based on a determination that the DNS server is included in the white list of one or more DNS servers, the DNS request.  
4. The apparatus of claim 1, wherein the source of the DNS request comprises a process executed on a user device.  
5. The apparatus of claim 1, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to receive, by a proxy service executed on a user device, the DNS request.  
6. The apparatus of claim 1, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to generate the firewall rule via a firewall service.  
7. The apparatus of claim 1, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to determine that the URL is included in a white list of one or more URLs.  
8. The apparatus of claim 7, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to send, to the DNS server and based on determining that the URL is included in the white list of one or more URLs, the DNS request.  
9. The apparatus of claim 1, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to receive, by a process executed in a virtual machine, the DNS request.  
10. The apparatus of claim 1, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to receive, by a hypervisor associated with a virtual machine, the DNS request.  
11. A system comprising: a computing device configured to: receive a domain name system (DNS) request comprising a uniform resource locator (URL), send, to a DNS server, the DNS request, receive a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to-live, permit, based on generating a firewall rule, access to the IP address until the time-to-live expires, and 3ATTORNEY DOCKET NO.: 26141.0298U2APPLICATION NO.: 17/166,816 send, to a source of the DNS request, the response; and the DNS server configured to: receive the DNS request, and send the response to the DNS request.  
12. The system of claim 11, wherein the DNS request identifies the DNS server, and wherein the computing device is further configured to determine that the DNS server is included in a white list of one or more DNS servers.  
13. The system of claim 12, wherein the computing device is further configured to send to the DNS request based on determining that the DNS server is included in the white list of one or more DNS servers.  
14. The system of claim 11, wherein the source of the DNS request comprises a process executed on a user device.  
15. The system of claim 11, wherein the computing device is further configured to receive, by a proxy service executed on a user device, the DNS request.  
16. The system of claim 11, wherein the computing device is further configured to generate the firewall rule via a firewall service.  
17. The system of claim 11, wherein the computing device is further configured to determine that the URL is included in a white list of one or more URLs.  
18. The system of claim 17, wherein the computing device is further configured to send the DNS request to the DNS server based on determining that the URL is included in the white list of one or more URLs.  
19. The system of claim 11, wherein the computing device is further configured to receive, by a process executed in a virtual machine, the DNS request.  
20. The system of claim 11, wherein the computing device is further configured to receive, by a hypervisor associated with a virtual machine, the DNS request.  
21. One or more computer-readable media storing processor-executable instructions that, when executed by at least one processor, cause the at least one processor to: receive a domain name system (DNS) request comprising a uniform resource locator (URL); send, to a DNS server, the DNS request; receive a response to the DNS request, wherein the response comprises an internet protocol (TP) address corresponding to the URL and a time-to-live; permit, based on generating a firewall rule, access to the IP address until the time-to-live expires; and send, to a source of the DNS request, the response.  
22. The one or more computer-readable media of claim 21, wherein the DNS request identifies the DNS server, and wherein the processor-executable instructions further cause the at least one processor to determine that the DNS server is included in a white list of one or more DNS servers.  
23. The one or more computer-readable media of claim 21, wherein the processor- executable instructions that cause the at least one processor to send the DNS request further cause the at least one processor to send the DNS request based on determining that the DNS server is included in the white list of one or more DNS servers.  
24. The one or more computer-readable media of claim 21, wherein the source of the DNS request comprises a process executed on a user device.  
25. The one or more computer-readable media of claim 21, wherein the processor- executable instructions that cause the at least one processor to receive the DNS request5ATTORNEY DOCKET NO.: 26141.0298U2APPLICATION NO.: 17/166,816 further cause the at least one processor to receive the DNS request from a proxy service executed on a user device.  
26. The one or more computer-readable media of claim 21, wherein the processor- executable instructions further cause the at least one processor to generate the firewall rule via a firewall service.  
27. The one or more computer-readable media of claim 21, wherein the processor- executable instructions further cause the at least one processor to determine that the URL is included in a white list of one or more URLs.  
28. The one or more computer-readable media of claim 21, wherein the processor- executable instructions that cause the at least one processor to send the DNS request further cause the at least one processor to send the DNS request based on determining that the URL is included in the white list of one or more URLs.  
29. The one or more computer-readable media of claim 21, wherein the processor- executable instructions that cause the at least one processor to receive the DNS request further cause the at least one processor to receive the DNS request based on a process executed in a virtual machine.  
30. The one or more computer-readable media of claim 21, wherein the processor- executable instructions that cause the at least one processor to receive the DNS request further cause the at least one processor to receive the DNS request from a hypervisor associated with a virtual machine.  
31. An apparatus comprising: one or more processors; and a memory storing processor-executable instructions that, when executed by the one or more processors, cause the apparatus to:6ATTORNEY DOCKET NO.: 26141.0298U2 APPLICATION NO.: 17/166,816receive, by a proxy service executed on a user device, a domain name system (DNS) request; send, to a DNS server via a firewall service, the DNS request; receive, from the DNS server, a response to the DNS request; and send, to the firewall service, instructions to generate a rule permitting access to an internet protocol (TP) address until a time-to-live indicated in the response.  
32. The apparatus of claim 31, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to determine a port associated with the rule.  
33. The apparatus of claim 31, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to block, by the firewall service, DNS requests not sent by the proxy service.  
34. The apparatus of claim 31, wherein the time-to-live comprises at least one of: a time duration, a time value, or a date.  
35. The apparatus of claim 31, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to: determine, by the proxy service, that another DNS request is not associated with a white list; and send, based on the another DNS request, an error indication.  
36. The apparatus of claim 35, wherein the white list identifies one or more allowed DNS servers or one or more allowed domain names associated with the another DNS request.  
37. A system comprising: a computing device configured to: receive, from a proxy service executed on a user device, a domain name system (DNS) request, 7ATTORNEY DOCKET NO.: 26141.0298U2APPLICATION NO.: 17/166,816send, to a DNS server via a firewall service, the DNS request, receive, from the DNS server, a response to the DNS request, and send, to the firewall service, instructions to generate a rule permitting access to an internet protocol (TP) address until a time-to-live indicated in the response; and the DNS server configured to: receive the DNS request, and send the response to the DNS request.  
38. The system of claim 37, wherein the computing device is further configured to determine a port associated with the rule.  
39. The system of claim 37, wherein the computing device is further configured to block, via the firewall service, DNS requests not sent by the proxy service.  
40. The system of claim 37, wherein the time-to-live comprises at least one of: a time duration, a time value, or a date.  
41. The system of claim 37, wherein the computing device is further configured to: determine that another DNS request is not associated with a white list; and send, based on the another DNS request not being associated with the white list, an error indication.  
42. The system of claim 41, wherein the white list identifies one or more allowed DNS servers or one or more allowed domain names associated with the another DNS request.  
43. One or more computer-readable media storing processor-executable instructions that, when executed by at least one processor, cause the at least one processor to: receive, from a proxy service executed on a user device, a domain name system (DNS) request; send, to a DNS server via a firewall service, the DNS request; receive, from the DNS server, a response to the DNS request; and8ATTORNEY DOCKET NO.: 26141.0298U2 APPLICATION NO.: 17/166,816send, to the firewall service, instructions to generate a rule permitting access to an internet protocol (IP) address until a time-to-live indicated in the response.  
44. The one or more computer-readable media of claim 43, wherein the processor- executable instructions further cause the at least one processor to determine a port associated with the rule.  
45. The one or more computer-readable media of claim 43, wherein the processor- executable instructions further cause the at least one processor to block, via the firewall service, DNS requests not sent by the proxy service.  
46. The one or more computer-readable media of claim 43, wherein the time-to-live comprises at least one of: a time duration, a time value, or a date.  
47. The one or more computer-readable media of claim 43, wherein the processor- executable instructions further cause the at least one processor to: determine that another DNS request is not associated with a white list; and send, based on the another DNS request not being associated with the white list, an error indication.  
48. The one or more computer-readable media of claim 47, wherein the white list identifies one or more allowed DNS servers or one or more allowed domain names associated with the another DNS request.  
49. An apparatus comprising: one or more processors; and a memory storing processor-executable instructions that, when executed by the one or more processors, cause the apparatus to: receive, from a user device via a firewall service, a domain name system (DNS) request comprising a uniform resource locator (URL); send, to a DNS server, the DNS request;9ATTORNEY DOCKET NO.: 26141.0298U2 APPLICATION NO.: 17/166,816receive, from the DNS server, a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to- live period for a DNS entry associated with the IP address and the URL; send, to the user device, the response; and generate a firewall rule permitting access to the IP address until an expiration of the time- to-live period.  
50. The apparatus of claim 49, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to: receive another DNS request via the firewall service; determine that the another DNS request was not received from a proxy service; and block, based on determining that the another DNS request was not received from the proxy service, the another DNS request.  
51. The apparatus of claim 49, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to permit access to the IP address by network traffic originating from a process executed on the user device.  
52. The apparatus of claim 49, wherein the processor-executable instructions, when executed by the one or more processors, further cause the apparatus to reject, by the firewall service, network traffic to the IP address from a service other than a process executed on the user device.  
53. A system comprising: a computing device configured to: receive, from a user device via a firewall service, a domain name system (DNS) request comprising a uniform resource locator (URL), send, to a DNS server, the DNS request, receive, from the DNS server, a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to-live period for a DNS entry associated with the IP address and the URL, 10ATTORNEY DOCKET NO.: 26141.0298U2 APPLICATION NO.: 17/166,816 send, to the user device, the response, and generate a firewall rule permitting access to the IP address until an expiration of the time- to-live period; and the DNS server configured to: receive the DNS request, and send the response to the DNS request.  
54. The system of claim 53, wherein the computing device is further configured to: receive another DNS request via the firewall service; determine that the another DNS request was not received from a proxy service; and block the another DNS request.  
55. The system of claim 53, wherein the computing device is further configured to permit access to the IP address by network traffic originating from a process executed on the user device.  
56. The system of claim 53, wherein the computing device is further configured to reject, by the firewall service, network traffic to the IP address from a service other than a process executed on the user device.  
57. One or more computer-readable media storing processor-executable instructions that, when executed by at least one processor, cause the at least one processor to: receive, by a firewall service, from a user device, a domain name system (DNS) request comprising a uniform resource locator (URL); send, to a DNS server, the DNS request; receive, from the DNS server, a response to the DNS request, wherein the response comprises an internet protocol (TP) address corresponding to the URL and a time-to-live period for a DNS entry associated with the IP address and the URL; send, to the user device, the response; and generate a firewall rule permitting access to the IP address until an expiration of the time-to-live period 11ATTORNEY DOCKET NO.: 26141.0298U2 APPLICATION NO.: 17/166,816  
58. The one or more computer-readable media of claim 57, wherein the processor- executable instructions, when executed by the at least one processor, further cause the at least one processor to: receive another DNS request via the firewall service; determine that the another DNS request was not received from a proxy service; and block, based on determining that the another DNS request was not received from the proxy service the another DNS request.  
59. The one or more computer-readable media of claim 57, wherein the processor- executable instructions further cause the at least one processor to permit access to the IP address by network traffic originating from a process executed on the user device.  
60. The one or more computer-readable media of claim 57, wherein the processor executable instructions further cause the at least one processor to reject, via the firewall service, network traffic to the IP address from a service other than a process executed on the user device.
U.S. Patent 10,951,582
1. A method comprising: receiving a domain name system (DNS) request comprising a uniform resource locator (URL); sending, to a DNS server, the DNS request; receiving a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to-live; permitting, based on generating a firewall rule, access to the IP address until the time-to-live expires; and sending, to a source of the DNS request, the response.  



2. The method of claim 1, wherein the DNS request identifies the DNS server, and wherein the method further comprises determining that the DNS server is included in a white list of one or more DNS servers.  


3. The method of claim 2, wherein sending the DNS request comprises sending, to the DNS server and based on determining that the DNS server is included in the white list of one or more DNS servers, the DNS request.  

4. The method of claim 1, wherein the source of the DNS request comprises a process executed on a user device.  

5. The method of claim 1, further comprising receiving, by a proxy service executed on a user device, the DNS request.  


6. The method of claim 1, wherein generating the firewall rule comprises generating, via a firewall service, the firewall rule.  


7. The method of claim 1, further comprising determining that the URL is included in a white list of one or more URLs.  


8. The method of claim 7, wherein sending the DNS request comprises sending, to the DNS server and based on determining that the URL is included in the white list of one or more URLs, the DNS request.  


9. The method of claim 1, further comprising receiving, by a process executed in a virtual machine, the DNS request.  


10. The method of claim 1, further comprising receiving, by a hypervisor associated with a virtual machine, the DNS request.  




1. A method comprising: receiving a domain name system (DNS) request comprising a uniform resource locator (URL); sending, to a DNS server, the DNS request; receiving a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to-live; permitting, based on generating a firewall rule, access to the IP address until the time-to-live expires; and sending, to a source of the DNS request, the response.  


2. The method of claim 1, wherein the DNS request identifies the DNS server, and wherein the method further comprises determining that the DNS server is included in a white list of one or more DNS servers.  
3. The method of claim 2, wherein sending the DNS request comprises sending, to the DNS server and based on determining that the DNS server is included in the white list of one or more DNS servers, the DNS request.  
4. The method of claim 1, wherein the source of the DNS request comprises a process executed on a user device.  
5. The method of claim 1, further comprising receiving, by a proxy service executed on a user device, the DNS request.  

6. The method of claim 1, wherein generating the firewall rule comprises generating, via a firewall service, the firewall rule.  
7. The method of claim 1, further comprising determining that the URL is included in a white list of one or more URLs.  

8. The method of claim 7, wherein sending the DNS request comprises sending, to the DNS server and based on determining that the URL is included in the white list of one or more URLs, the DNS request.  
9. The method of claim 1, further comprising receiving, by a process executed in a virtual machine, the DNS request.  
10. The method of claim 1, further comprising receiving, by a hypervisor associated with a virtual machine, the DNS request.  


1. A method comprising: receiving a domain name system (DNS) request comprising a uniform resource locator (URL); sending, to a DNS server, the DNS request; receiving a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to-live; permitting, based on generating a firewall rule, access to the IP address until the time-to-live expires; and sending, to a source of the DNS request, the response.  


2. The method of claim 1, wherein the DNS request identifies the DNS server, and wherein the method further comprises determining that the DNS server is included in a white list of one or more DNS servers.  


3. The method of claim 2, wherein sending the DNS request comprises sending, to the DNS server and based on determining that the DNS server is included in the white list of one or more DNS servers, the DNS request.  



4. The method of claim 1, wherein the source of the DNS request comprises a process executed on a user device.  
5. The method of claim 1, further comprising receiving, by a proxy service executed on a user device, the DNS request.  



6. The method of claim 1, wherein generating the firewall rule comprises generating, via a firewall service, the firewall rule.  


7. The method of claim 1, further comprising determining that the URL is included in a white list of one or more URLs.  



8. The method of claim 7, wherein sending the DNS request comprises sending, to the DNS server and based on determining that the URL is included in the white list of one or more URLs, the DNS request.  


9. The method of claim 1, further comprising receiving, by a process executed in a virtual machine, the DNS request.  




10. The method of claim 1, further comprising receiving, by a hypervisor associated with a virtual machine, the DNS request.  




11. A method comprising: receiving, by a proxy service executed on a user device, a domain name system (DNS) request; sending, to a DNS server via a firewall service, the DNS request; receiving, from the DNS server, a response to the DNS request; and sending, to the firewall service, instructions to generate a rule permitting access to an internet protocol (IP) address until a time-to-live indicated in the response.  




12. The method of claim 11, further comprising determining a port associated with the rule.  



13. The method of claim 11, further comprising blocking, by the firewall service, DNS requests not sent by the proxy service.  



14. The method of claim 11, wherein the time-to-live comprises at least one of: a time duration, a time value, or a date.  
15. The method of claim 11, further comprising: determining, by the proxy service, that another DNS request is not associated with a white list; and sending, based on the another DNS request, an error indication.  


16.  The method of claim 15, wherein the white list identifies one or more allowed DNS servers or one or more allowed domain names associated with the another DNS request.  
11. A method comprising: receiving, by a proxy service executed on a user device, a domain name system (DNS) request; sending, to a DNS server via a firewall service, the DNS request; receiving, from the DNS server, a response to the DNS request; and sending, to the firewall service, instructions to generate a rule permitting access to an internet protocol (IP) address until a time-to-live indicated in the response.  



12. The method of claim 11, further comprising determining a port associated with the rule.  

13. The method of claim 11, further comprising blocking, by the firewall service, DNS requests not sent by the proxy service.  

14. The method of claim 11, wherein the time-to-live comprises at least one of: a time duration, a time value, or a date.  
15. The method of claim 11, further comprising: determining, by the proxy service, that another DNS request is not associated with a white list; and sending, based on the another DNS request, an error indication.  

16.  The method of claim 15, wherein the white list identifies one or more allowed DNS servers or one or more allowed domain names associated with the another DNS request.  
11. A method comprising: receiving, by a proxy service executed on a user device, a domain name system (DNS) request; sending, to a DNS server via a firewall service, the DNS request; receiving, from the DNS server, a response to the DNS request; and sending, to the firewall service, instructions to generate a rule permitting access to an internet protocol (IP) address until a time-to-live indicated in the response.  



12. The method of claim 11, further comprising determining a port associated with the rule.  



13. The method of claim 11, further comprising blocking, by the firewall service, DNS requests not sent by the proxy service.  


14. The method of claim 11, wherein the time-to-live comprises at least one of: a time duration, a time value, or a date.  

15. The method of claim 11, further comprising: determining, by the proxy service, that another DNS request is not associated with a white list; and sending, based on the another DNS request, an error indication.  



16.  The method of claim 15, wherein the white list identifies one or more allowed DNS servers or one or more allowed domain names associated with the another DNS request.  

17. A method comprising: receiving, by a firewall service, from a user device, a domain name system (DNS) request comprising a uniform resource locator (URL); sending, to a DNS server, the DNS request; receiving, from the DNS server, a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to-live period for a DNS entry associated with the IP address and the URL; sending, to the user device, the response; and generating a firewall rule permitting access to the IP address until an expiration of the time-to- live period.  



18. The method of claim 17, further comprising: receiving, by the firewall service, another DNS request; determining that the another DNS request was not received from a proxy service; and blocking the another DNS request.  





19. The method of claim 17, wherein generating the firewall rule comprises permitting access to the IP address by network traffic originating from a process executed on the user device.  


20. The method of claim 17, further comprising rejecting, by the firewall service, network traffic to the IP address from a service other than a process executed on the user device.



17. A method comprising: receiving, by a firewall service, from a user device, a domain name system (DNS) request comprising a uniform resource locator (URL); sending, to a DNS server, the DNS request; receiving, from the DNS server, a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to-live period for a DNS entry associated with the IP address and the URL; sending, to the user device, the response; and generating a firewall rule permitting access to the IP address until an expiration of the time-to- live period.  



18. The method of claim 17, further comprising: receiving, by the firewall service, another DNS request; determining that the another DNS request was not received from a proxy service; and blocking the another DNS request.  
19. The method of claim 17, wherein generating the firewall rule comprises permitting access to the IP address by network traffic originating from a process executed on the user device.  

20. The method of claim 17, further comprising rejecting, by the firewall service, network traffic to the IP address from a service other than a process executed on the user device.

17. A method comprising: receiving, by a firewall service, from a user device, a domain name system (DNS) request comprising a uniform resource locator (URL); sending, to a DNS server, the DNS request; receiving, from the DNS server, a response to the DNS request, wherein the response comprises an internet protocol (IP) address corresponding to the URL and a time-to-live period for a DNS entry associated with the IP address and the URL; sending, to the user device, the response; and generating a firewall rule permitting access to the IP address until an expiration of the time-to- live period.  



18. The method of claim 17, further comprising: receiving, by the firewall service, another DNS request; determining that the another DNS request was not received from a proxy service; and blocking the another DNS request.  





19. The method of claim 17, wherein generating the firewall rule comprises permitting access to the IP address by network traffic originating from a process executed on the user device.  


20. The method of claim 17, further comprising rejecting, by the firewall service, network traffic to the IP address from a service other than a process executed on the user device.



Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 21-30, 43-48, and 57-60 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claims do not fall within at least one of the four categories of patent eligible subject matter because the broadest reasonable interpretation of “a computer-readable media” covers forms of both non-transitory tangible media and transitory propagating signals per se.  See In re Nuijten, 500 F.3d 1346, 1356-57 (Fed. Cir. 2007); Subject Matter Eligibility of Computer Readable Media, Jan. 26, 2010; p. 1.  Therefore, because the broadest reasonable interpretation of the claims covers a signal per se, the Examiner suggests amending the claims to recite that the media is either “non-transitory” or is a “computer-readable media device”. 

Allowable Subject Matter
Claims 1-60 are allowed, however they are currently rejected under obvious-type double patenting requiring the filing of a terminal disclaimer.
The following is a statement of reasons for the indication of allowable subject matter:
The closest prior art teachings of Bloch et al, U.S. Patent 7,849,502 disclose of specifying a time to live when a DNS server responds to a DNS lookup of an IP address, and entries in the list are expired once the time to live is reached, see column 9, lines 29-39.
Ong, US 2018/0124016 is relied upon for disclosing setting expiry times to match time-to-live vales specified by a DNS reply provided with a particular IP address, see paragraph 0041.
As per independent claims 1, 11, and 21, it was not found to be taught in the prior art least for receiving a DNS request and permitting access to an IP address until a time-to-live expires based upon a generated firewall rule.
 As per independent claims 31, 37, and 43, it was not found to be taught in the prior art least for receiving a DNS request and sending instructions to a firewall service to generate a rule permitting access to an IP address until a time-to-live indicated in the response from the DNS server.
As per independent claims 49, 53, and 57, it was not found to be taught in the prior art least for receiving a DNS request and generating a firewall rule permitting access to an IP address until expiration of a time-to-live period.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Gopal et al, US 2021/0314299 is relied upon for disclosing of expiring TTL data for an IP address with a DNS mapping, see paragraph 0086.
Li et al, WO 2021/081712 A1 is relied upon for disclosing of when the time to live of a DNS resource record has not expired, as long as a first condition is satisfied, a query for an IP address corresponding to a domain name is initiated to a DNS server, see abstract.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER A REVAK whose telephone number is (571)272-3794. The examiner can normally be reached 5:30am - 3:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LYNN FEILD can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.








/CHRISTOPHER A REVAK/Primary Examiner, Art Unit 2431