DETAILED ACTION
In replay to applicant communication filed on September 03, 2020 and telephonic interview conducted on August 25, 2022, claims 1-2, 4-8, 10-14, and 16-17 have been amended. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims 3, 9, and 15 have been cancelled.
Claims 1-2, 4-8, 10-14, and 16-17 are pending.


EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with applicant representative, Christopher Bolten (Reg. No. 61,531) on August 25, 2022. 

Please replace the claim set filed on September 03, 2020 with the following claims:

1. 	A method for firewall configuration comprising: 
receiving, at a processing device, input defining a firewall policy for a firewall managing access to a subnet of network components deployed within a communications network, the firewall policy including a firewall configuration for the firewall and a network component configuration for a network component of the subnet of network components; 
executing, using the processing device and a virtual network component, first instructions associated with the firewall configuration; 
executing, using the processing device and the virtual network component, second instructions associated with the network component configuration; 
determining, based on the execution of the first instructions, that the firewall configuration is valid, wherein determining that the firewall configuration is valid comprises capturing first data corresponding to the firewall configuration and verifying that the first data satisfies a first rule; 
determining, based on the execution of the second instructions, that the network component configuration is valid, wherein determining that the network component configuration is valid comprises capturing second data corresponding to the network component configuration and verifying that the second data satisfies a second rule; 
automatically configuring, using the processing device, the firewall configuration at the firewall and the network component configuration at the network component in response to determining that the firewall configuration and the network component configuration are valid; and 
activating, using the processing device, the firewall within the communications network to manage traffic to and from the subnet.

2. 	The method of claim 1, wherein the virtual network component is a replica of the network component.

3. 	(Canceled)	

4. 	The method of claim 1, wherein the firewall policy is implemented at the firewall and the network component for a finite period of time associated with a user request.

5. 	The method of claim 1, wherein the firewall policy is implemented at the firewall and the network component at a time associated with a user request.

6. 	The method of claim 1, wherein the firewall policy includes at least one of a set of source ports for outgoing network traffic, a set of destination ports for incoming network traffic, and at least one protocol for defining rules of communication of the network traffic when transmitting the network traffic to and from the subnet.

7. 	A system for firewall configuration comprising: 
a subnet of network components deployed within a communications network, the subnet accessible through a firewall; 
at least one processor; and 
non-transient computer-readable media communicably coupled to the at least one processor having instructions stored thereon that, when executed by the at least one processor, cause the at least one processor to: 
receive input defining a firewall policy for a firewall managing access to a subnet of network components deployed within a communications network, the firewall policy including a firewall configuration for the firewall and a network component configuration for a network component of the subnet of network components; 
execute, using a virtual network component, first instructions associated with the firewall configuration; 
execute, using the virtual network component, second instructions associated with the network component configuration; 
determine, based on the execution of the first instructions, that the firewall configuration is valid, wherein to determine that the firewall configuration is valid comprises the instructions further causing the at least one processor to capture first data corresponding to the firewall configuration and verify that the first data satisfies a first rule; 
determine, based on the execution of the second instructions, that the network component configuration is valid, wherein to determine that the network component configuration is valid comprises the instructions further causing the at least one processor to capture second data corresponding to the network component configuration and verify that the second data satisfies a second rule; 
automatically configure the firewall configuration at the firewall and the network component configuration at the network component in response to determining that the firewall configuration and the network component configuration are logically valid; and 
activate the firewall within the communications network to manage traffic to and from the subnet.

8. 	The system of claim 7, wherein the virtual network component is a replica of the network component.

9. 	(Canceled)	

10. 	The system of claim 7, wherein the firewall policy is implemented at the firewall and the network component for a finite period of time associated with a user request.

11. 	The system of claim 7, wherein the firewall policy is implemented at the firewall and the network component at a time associated with a user request.

12. 	The system of claim 7, wherein the firewall policy includes at least one of a set of source ports for outgoing network traffic, a set of destination ports for incoming network traffic, and at least one protocol for defining rules of communication of the network traffic when transmitting the network traffic to and from the subnet.

13. 	A non-transitory computer-readable medium for firewall configuration including instructions, executable by a processor, the instructions comprising: 
receiving input defining a firewall policy for a firewall managing access to a subnet of network components deployed within a communications network, the firewall policy including a firewall configuration for the firewall and a network component configuration for a network component of the subnet of network components; 
executing, using a virtual network component, first instructions associated with the firewall configuration; 
executing, using the virtual network component, second instructions associated with the network component configuration; 
determining, based on the execution of the first instructions, that the firewall configuration is valid, wherein determining that the firewall configuration is valid comprises capturing first data corresponding to the firewall configuration and verifying that the first data satisfies a first rule; 
determining, based on the execution of the second instructions, that the network component configuration is valid, wherein determining that the network component configuration is valid comprises capturing second data corresponding to the network component configuration and verifying that the second data satisfies a second rule; 
automatically configuring the firewall configuration at the firewall and the network component configuration at the network component in response to determining that the firewall configuration and the network component configuration are logically valid; and 
activating the firewall within the communications network to manage traffic to and from the subnet.

14. 	The non-transitory computer-readable medium of claim 13, wherein the virtual network component is a replica of the network component.

15. 	(Canceled)	

16. 	The non-transitory computer-readable medium of claim 13, wherein the firewall policy is implemented at the firewall and the network component for a finite period of time associated with a user request.

17. 	The non-transitory computer-readable medium of claim 13, wherein the firewall policy includes at least one of a set of source ports outgoing network traffic, a set of destination ports for incoming network traffic, and at least one protocol for defining rules of communication of the network traffic when transmitting the network traffic to and from the subnet.

Allowable Subject Matter
Claims 1-2, 4-8, 10-14, and 16-17 are allowed. The following is an examiner’s statement of reasons for allowance:
The primary reason for allowance of the independent claims are the combined limitations of 

receiving, at a processing device, input defining a firewall policy for a firewall managing access to a subnet of network components deployed within a communications network, the firewall policy including a firewall configuration for the firewall and a network component configuration for a network component of the subnet of network components; executing, using the processing device and a virtual network component, first instructions associated with the firewall configuration; executing, using the processing device and the virtual network component, second instructions associated with the network component configuration; determining, based on the execution of the first instructions, that the firewall configuration is valid, wherein determining that the firewall configuration is valid comprises capturing first data corresponding to the firewall configuration and verifying that the first data satisfies a first rule; determining, based on the execution of the second instructions, that the network component configuration is valid, wherein determining that the network component configuration is valid comprises capturing second data corresponding to the network component configuration and verifying that the second data satisfies a second rule; automatically configuring, using the processing device, the firewall configuration at the firewall and the network component configuration at the network component in response to determining that the firewall configuration and the network component configuration are valid; and activating, using the processing device, the firewall within the communications network to manage traffic to and from the subnet.

The prior art disclosed by Basak (US Pub. No. 2010/0333165) and Hampel (US Pub. No. 2016/0350549) are found as the closest prior arts to the claimed features of the invention. Basak discloses the system and method of controlling the flow of packets between networks. In addition, Hampel discloses the system and method of implementing access control functionality by systems-on-chip (SoC). However, the cited arts fail to teach the limitations disclosed above. The dependent claims are allowed as per dependency nature of the allowed independent claims. 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TESHOME HAILU whose telephone number is (571)270-3159. The examiner can normally be reached M-F 8 a.m. - 5 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/TESHOME HAILU/Primary Examiner, Art Unit 2434