Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Examiner’s Reasons for Allowance action is in response to the filing of 07/28/2022. Claims 1 and 9 have been amended and claim 2 has been cancelled per applicants request, therefore claims 1 and 3-20 are presently pending in the application and have been considered as follows.

Allowance
Acknowledgement to applicant’s amendment to claims 1has been noted. The claims have been reviewed, entered and found obviating to previously raised rejection under 35 USC 103. Rejection to claims 1 and 3-7 under 35 USC 103 is hereby withdrawn.

Claims 1 and 3-20 are allowed.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: although the prior art of record (such as Teal (US 20190081983) The configuration of a firewall on an endpoint is secured to prevent changes by unauthorized processes, while permitting changes that are requested by authorized processes. Authorized processes can be stored in a tamper protection cache within a kernel of the operating system of the endpoint and secured with reference to a trust authority external to the operating system. When a process on the endpoint requests a change to the firewall configuration, the requesting process can be checked against the processes listed in the tamper protection cache, and any suitable rules can be applied to limit or prevent changes to firewall configuration. (Abstract)

none of the prior art, alone or in combination, teaches

 Independent Claim 1:  “…receiving, by a computing device and from a first firewall service, a data packet comprising a source application identifier and a destination application identifier; verifying that the data packet originates from a source application indicated by the source application identifier; after verifying that the data packet originates from the source application, determining a firewall rule for processing the data packet; configuring the first firewall service to execute the firewall rule to process the data packet from the source application based on the source application identifier; and sending, by the computing device, the firewall rule to a second firewall service that is associated with a destination application identified by the destination application identifier.”.

Independent Claim 10:  “…receiving, from a sending device, a data packet; determining, from the data packet: a source application identifier associated with a source application, and a destination application identifier associated with a destination application; sending the source application identifier and the destination application identifier to a firewall controller; receiving, from the firewall controller, a firewall rule for processing the data packet, wherein the firewall rule comprises: a processing action for processing the data packet, and a condition for executing the processing action, wherein the condition comprises the source application identifier and the destination application identifier; and sending, via a firewall service and based on the firewall rule, the data packet to the destination application..”.

Independent Claim 14:  “…receiving, by a firewall controller and from a first firewall service, a source application identifier and a destination application identifier; determining a firewall rule for processing a data packet based on the source application identifier and the destination application identifier; and sending the firewall rule to a plurality of firewall services, wherein the plurality of firewall services comprise the first firewall service.”.

Dependent claims are allowed as they depend from an allowable independent claim.



The closest prior art made of record are:
Teal (US 20190081983) The configuration of a firewall on an endpoint is secured to prevent changes by unauthorized processes, while permitting changes that are requested by authorized processes. Authorized processes can be stored in a tamper protection cache within a kernel of the operating system of the endpoint and secured with reference to a trust authority external to the operating system. When a process on the endpoint requests a change to the firewall configuration, the requesting process can be checked against the processes listed in the tamper protection cache, and any suitable rules can be applied to limit or prevent changes to firewall configuration. 
Ratnasingham (US 20190245830) A Software-defined Networking (SDN) controller of data center with application-aware firewall policy enforcement is disclosed. In one example, the SDN controller receives a request to initialize an instance of an application. in response to receiving the request, the SDN controller transmits, to a firewall component positioned between an SDN gateway device of the data center and a network external to the data center, a message. In some examples, the messing includes an application signature corresponding to the instance of the application and an application firewall policy corresponding to the application signature. The message instructs the firewall component to install the application firewall policy for application to network traffic for the instance of the application.
Wighe et al. (US 20180191683) A device may receive a firewall filter entry that includes one or more match conditions associated with filtering network traffic. The device may identify an access control list (ACL) template associated with the firewall filter entry. The ACL template may be associated with a template type. The device may identify one or more rules, for verifying the firewall filter entry, based on the template type associated with the ACL template. The device may verify the firewall filter entry using the one or more rules. The device may determine a hardware resource, for storing the firewall filter entry, based on the template type and based on verifying the firewall filter entry. The device may store the firewall filter entry using the hardware resource of the device.
 Bansal et al. (US 9215214)   Some embodiments of the invention provide a novel method for specifying firewall rules. In some embodiments, the method provides the ability to specify for a particular firewall rule, a set of network nodes (also called a set of enforcement points below) at which the particular firewall should be enforced. To provide this ability, the method of some embodiments adds an extra tuple (referred to below as the AppliedTo tuple) to a firewall rule. This added AppliedTo tuple lists the set of enforcement points at which the firewall rule has to be applied (i.e., enforced). 

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.

Conclusion



Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER C HARRIS whose telephone number is (571)270-7841.  The examiner can normally be reached on Monday through Friday between 8:00 AM to 4:00 PM CST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHRISTOPHER C HARRIS/Primary Examiner, Art Unit 2432