DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This is a reply to the amendment filed on 06/13/2022, in which, claim(s) 1-7 are pending. Claim(s) 1, 6, and 7 are amended. No claim(s) are cancelled or newly added.

Response to Arguments
Drawings Objection: 
The Drawings objection have been withdrawn in view of the replacement sheet of drawings filed on 06/13/2022.

Specification Objection: 
Applicant’s arguments with respect to specification objection have been considered. The specification objection have been withdrawn in view of the amendment to the specification (the abstract).

Claim Objection: 
Applicant’s arguments with respect to objection of claim(s) 1 and 6 have been considered. The objection of claim(s) 1 and 6 have been withdrawn in view of the amendment to claim.

Claim Rejections - 35 U.S.C. § 101:
Applicants’ arguments with respect to claim(s) 6-7 have been fully considered and are persuasive.  The rejection of 35 USC §101 regarding claim(s) 6-7 have been withdrawn in view of the amendment to claim. 

Claim Rejections - 35 U.S.C. § 102 and 35 U.S.C. § 103:
Applicant’s arguments with respect to the rejection of claim(s) 1-7 have been considered but are moot in view of the new ground(s) of rejection.

Applicant is encouraged to schedule an interview with the Examiner prior to the next communication to compact prosecution of the case.

Claim Objections
Claim 1 is objected to because of the following informalities:  
Claim 1 last limitation “between the first and the second port” should be “between a first port and a second port” since the term “first port” and “second port” appears the very first time in the claim.  
Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-7 are rejected under 35 U.S.C. 103 as being unpatentable over Kelson et al. (US 2014/0337614 A1, cited by the applicant in the 05/06/2020 IDS) in view of Kumar et al. (US 2017/0346854 A1).
Regarding Claim 1, Kelson discloses A method of monitoring traffic, the method being carried out by a router acting as a gateway between a first and second network ([0036], “a security gateway configured as a transparent bridge or router”), the method comprising: 
after establishment of a transmission control protocol (TCP) connection between a first device on the first network and a second device on the second network ([0033], “HTTP clients are often executed on client end stations that are located outside of the LAN of the security gateway and web application servers”, [0036], “a security gateway configured as a transparent bridge or router, such that the security gateway is not an end point of the encryption layer connections and thus does not terminate the encryption layer connections or the underlying transport layer (e.g., Transmission Control Protocol (TCP)) connections”), the router comprising a first processor and a second processor ([0030], “one or more processors”): 
on the first processor ([0030], “one or more processors”): 
receiving a plurality of data packets sent from the first device over the TCP connection ([0063], “receipt of the packets, allowing the HTTP client 110A to continue sending additional packets”); 
sending a TCP acknowledgement (ACK) packet to the first device in response to each data packet of the plurality of data packets ([0063], “send one or more acknowledgements 303 (e.g., an ACK packet used in TCP) to acknowledge receipt of the packets”); 
storing said data packets without sending them to the second device ([0071], “unmodified messages transmitted by the HTTP client 110A and stored by the security gateway 140 in a first hash storage location”); 
examining at least part of the plurality of the stored data packets in order to determine whether to block or allow the TCP connection ([0063], “for the security gateway 140 to examine additional packets of the connection to make a determination”); 
in the event that it is determined to allow the TCP connection: sending each of the stored data packets to the second device ([0103], “if the plaintext record is allowable (i.e., accepted at 922), processing will continue 924 based upon the connection mode 924 of the encryption layer connection”); 
in the event that it is determined to block the TCP connection: sending a TCP reset (RST) message to each of the first and second devices in order to close the TCP connection ([0103], “if the decision modules have determined that the plaintext record should not be sent, the encryption layer connection is to be blocked 918 and the security gateway 140 will transmit reset messages to both the HTTP client 110A at 920A and to the WAS 130A at 920B”); 
Kelson does not explicitly teach but Kumar teaches
in the event that it is determined to allow the TCP connection, handling subsequent data packets of the TCP connection by forwarding data packets between the first and the second port via the second processor ([0154], “This allows AIPR 1 708 to determine that it is not the final waypoint AIPR and therefore also allows AIPR 1 708 to determine the forward association parameters to use for forwarding session-related packets”, [0174], “a first port number assigned by the session manager 1908 for receiving subsequent packets of this session… in combination with a second port number assigned by the session manager 1908 for transmitting the lead packet and subsequent packets”),
Kelson and Kumar are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Kumar with the disclosure of Kelson. The motivation/suggestion would have been to secure session communications between a first network and a second network (Kumar, Abstract).

Regarding Claim 2, the combined teaching of Kelson and Kumar teaches
wherein the router has a first processor and a second processor, and wherein the steps of claim 1 are performed on the first processor (Kelson, [0030], “one or more processors”, [0033], [0036], [0063]), and comprising, in the event that it is determined to allow the TCP connection, handling subsequent data packets of the TCP connection via the second processor (Kumar, [0154], [0174]).  

Regarding Claim 3, the combined teaching of Kelson and Kumar teaches
in the event that it is determined to block the TCP connection, sending a substitute response to the first device via the TCP connection prior to sending the TCP RST message, the substitute response containing one or more data packets using the same application layer protocol as the stored data packets (Kelson, [0079], “If the values do not match, the security gateway 140 may cause the handshake and encrypted connection to be aborted by, in various embodiments, transmitting reset packets or by computing a purposefully incorrect hash value (515B) to be sent to the WAS 130A (as substitute response), causing it to reject the establishment of the connection”).

Regarding Claim 4, the combined teaching of Kelson and Kumar teaches
in the event that it is determined to block the TCP connection, discarding the stored data packets (Kelson, [0103], “if the decision modules have determined that the plaintext record should not be sent, the encryption layer connection is to be blocked”, therefore discard the stored data packets).

Regarding Claim 5, the combined teaching of Kelson and Kumar teaches
following sending of the TCP 35RST message, preventing forwarding of any further data packets between the first and second device (Kelson, [0103], “if the decision modules have determined that the plaintext record should not be sent, the encryption layer connection is to be blocked 918 and the security gateway 140 will transmit reset messages to both the HTTP client 110A at 920A and to the WAS 130A at 920B” to prevent forwarding of any further data packets).

Regarding Claim 6, Kelson teaches A router comprising: 
a first port configured to connect to a first network; a second port configured to connect to a second network ([0035], “port”, Fig. 3, 1st port to client, 2nd port to Web server); 
a first hardware processor and a second hardware processor ([0030], “one or more processors”); 
a hardware memory unit for storing data ([0030], “memory”); 
the first hardware processor ([0030], “one or more processors”) configured to: 
after establishment of a transmission control protocol (TCP) connection between a first device on the first network and a second device on the second network ([0033], “HTTP clients are often executed on client end stations that are located outside of the LAN of the security gateway and web application servers”, [0036], “a security gateway configured as a transparent bridge or router, such that the security gateway is not an end point of the encryption layer connections and thus does not terminate the encryption layer connections or the underlying transport layer (e.g., Transmission Control Protocol (TCP)) connections”): 
receive a plurality of data packets sent from the first device over the TCP connection ([0063], “receipt of the packets, allowing the HTTP client 110A to continue sending additional packets”); 
send a TCP acknowledgement (ACK) packet to the first device in response to each data packet of the plurality of data packets ([0063], “send one or more acknowledgements 303 (e.g., an ACK packet used in TCP) to acknowledge receipt of the packets”); 
store said data packets in the hardware memory unit without sending them to the second device ([0071], “unmodified messages transmitted by the HTTP client 110A and stored by the security gateway 140 in a first hash storage location”); 
examine the stored data packets in order to determine whether to block or allow the TCP connection ([0063], “for the security gateway 140 to examine additional packets of the connection to make a determination”); 
in the event that it is determined to allow the TCP connection: send each of the stored data packets to the second device ([0103], “if the plaintext record is allowable (i.e., accepted at 922), processing will continue 924 based upon the connection mode 924 of the encryption layer connection”); 
in the event that it is determined to block the TCP connection: send a TCP reset (RST) message to each of the first and second devices in order to close the TCP connection ([0103], “if the decision modules have determined that the plaintext record should not be sent, the encryption layer connection is to be blocked 918 and the security gateway 140 will transmit reset messages to both the HTTP client 110A at 920A and to the WAS 130A at 920B”); 
Kelson does not explicitly teach but Kumar teaches
in the event that it is determined to allow the TCP connection, handle subsequent data packets of the TCP connection by forwarding data packets between the first and the second port via the second hardware processor ([0154], “This allows AIPR 1 708 to determine that it is not the final waypoint AIPR and therefore also allows AIPR 1 708 to determine the forward association parameters to use for forwarding session-related packets”, [0174], “a first port number assigned by the session manager 1908 for receiving subsequent packets of this session… in combination with a second port number assigned by the session manager 1908 for transmitting the lead packet and subsequent packets”),
Kelson and Kumar are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Kumar with the disclosure of Kelson. The motivation/suggestion would have been to secure session communications between a first network and a second network (Kumar, Abstract).

Regarding Claim 7, the combined teaching of Kelson and Kumar teaches
a second hardware processor configured to forward data packets between the first and second port (Kelson, [0030], “one or more processors”, [0033], [0036], [0063]), wherein the router is configured to handle data packets using the second processor for a TCP connection following a determination at the first hardware processor to allow that TCP connection (Kumar, [0154], [0174]).

Conclusion
Applicants are encouraged to take advantage of the After Final Consideration Pilot 2.0 (AFCP 2.0) which authorizes non-production time for consideration of responses filed after a final rejection. The purpose of the pilot is to compact prosecution of the case. The request must include 1) A signed AFCP request form (PTO/SB/434 or equivalent) that includes a statement that applicant is requesting consideration under the AFCP; 2) An amendment to at least one independent claim that does not broaden the scope of the independent claim in any aspect; and 3) A statement that applicant is willing and available to participate in any interview initiated by the examiner concerning the present response.  In the limited amount of non-production time if the examiner’s consideration of a proper AFCP 2.0 request and response does not result in a determination that all pending claims are in condition for allowance, the examiner will request an interview with the applicant to discuss the response. For more info, please visit http://www.uspto.gov/patent/initiatives/after-final-consideration-pilot-20.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497