DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is responsive to the RCE filed on 07/13/22 and the Amendment filed on 06/17/22.  Accordingly, claims 1-21 are currently pending.
Claim Objections
Claims 4, 5 and 21 are objected to because of the following informalities, and appropriate correction is required.
Claim 4, line 4, recites the limitation “the at least one ACL rule”.  It appears, and hereafter assumes, that the limitation is changed to “at least one of the ACL rules”.
Claim 5, line 3, recites the limitation “the at least one ACL rule”.  It appears, and hereafter assumes, that the limitation is changed to “at least one of the ACL rules”.
Claim 21 recites the limitation “the memory of the”.  It appears, and hereafter assumes, that the limitation is changed to “the memory”.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 6-11, 14-17 and 20-21 are rejected under 35 U.S.C. 103 as being unpatentable over Kim et al (2019/0182154) previously cited, in view of Wang et al  (2014/0029617), newly cited.
-Regarding claim 1, Kim et al teaches a network device (“first HFE 515”, [0066]), the network device comprising: one or more computer processors (“at least one processing unit”, [0138]); a memory (“storage”, [0138]) and a computer-readable storage medium (“computer-readable medium”, [0138]) comprising instructions (“set of instructions”, [0138]) for controlling the one or more computer processors to perform a method (see figure 5) configured to: 
receive, via a source end point ((505), figure 5), a plurality of ACL rules, each rule ((Act/Fwd, Dig1, ACL Rule), figure 17) included in each corresponding packet of received packets (“data packets”, [0005]), each rule comprising: 
a first portion (ACL Rule) as packet-identifying information to identify the packet,  in a manner that it is a rule for determining whether the packet can be forwarded (permitted) or not forwarded (dropped) (see “if the header values of the packet do not match those required by the ACL rule, then the process 1600 drops (at 1615) the packet, then ends. Otherwise, the process continues (at 1645) processing the packet (e.g., performing other actions and/or forwarding the packet”, [0128]), and 
a second portion (Act/Fwd), as indications of one or more actions to be performed on the identified packet,  in a manner that, for illustration, a second portion (*/3, */3, */2, */3) (see (545) of  figure 5) indicates an action of outputting the packet to an egress port (3) of the network device to be performed by the network device on the packet (see figure 5 and “Each data packet sent through the network includes the inner packet (e.g., a payload, as well as traditional L2-L4 headers) as well as the packet header generated by the network endpoint that specifies the path for the packet through the network. In some embodiments, this path includes an ingress port field and egress port field for each forwarding element along the path of the packet”, [0063]),
wherein the plurality of ACL rules are received from a controller from a controller (“network controllers 305”, [0052]) that is separate from the network device, in such a way that the network device receives the ACL rules from the source end point, that  derives/extracts  the ACL rules from a transient traffic data policies (“transient network policy”, [0057]) which in turn, are based on a stationary traffic and data polices (“stationary network topology”, [0053]) received by the source end point from the controller in a particular situation when the transient traffic data policies are not updated and so, are the same as stationary traffic and data policies, due to transient changes that have not occurred in the data network, (see “The master controller is also responsible for distributing the topology to new network endpoints”, [0053], “ the network endpoints 315 store the transient network topology”, [0052], “The transient network topology includes the most up-to-date changes to the actual network”, [0057], “The transient network topology is based on the stationary network topology”, [0057], and “To send data packets through the network, the network endpoints 315 use the control plane to generate packet headers that specify paths through the HFEs 310 for the data packets according to the transient network topology”, [0058]);
program (with the instructions) to obtain and process the plurality of ACL rules in the network device,  wherein  the second portion (Act/Fwd) of only ACL rules of permitted  packets, among the plurality of ACL rules, among the plurality of ACL rules whose packet identifying information targets data packets that originates  from a computer (being the source end point) that is deemed to be local to the network device, are further processed for routing the permitted packets, (see [0128]); and 
send at least some of the ACL rules (e.g., referred to rules (*/3, */2, */3) (see [2] 1/3, */3, */2, */3) of  figure 5) in the plurality of ACL rules to a peer network device (520), (see figure 5).
Kim et al does not teach a feature that the memory stores the ACL rules, and that the method is configured to: program, in a hardware forwarding table of the memory of the network device, the only ACL rules, as claimed.
In analogous art, Wang et al teaches that forwarding data (“at least a portion of the packet filtering and/or rule data”, claim 10) can be stored in a hardware forwarding table of  a  memory (“forwarding table in the memory”, claim 10) and later retrieved for processing the data when needed, (referred to  “employing the packet filtering and/or rule data in the forwarding table to determine whether a received packet belongs to a classified packet flow”, claim 10 ),  (see [0021, 0024, 0032, 0036], claim 10).
Accordingly, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al and Wang et al and arrived at the claimed feature, in such a way that in the device, the memory would comprise a hardware forwarding table, wherein the plurality of ACL rules including the only ACL rules would be selectively programmed with the instructions to be stored in the hardware forwarding table of the memory for later retrieval when needed to be processed in the network device. One skilled in the art would have been motivated to make such a combination because by doing so, the ACL rules could be provided, when needed, from the hardware forwarding table of the memory for processing, as taught by Wang et al.
-Regarding claim 2, Kim et al teaches that the computer (505) is deemed to be local to the network device (115) when the computer is on a route (being the routing path) that is directly connected to the network device (see figure 5).
-Regarding claim 3, Kim et al teaches that the device is configured to communicate with a spine switch (being the source end point), wherein the source end point can be a gateway (see “the network endpoints include network gateways”, [0056]), the spine switch having stored therein the plurality of ACL rules from the controller (see “the network endpoints 315 store the transient network topology”, [0052] and “To send data packets through the network, the network endpoints 315 use the control plane to generate packet headers that specify paths through the HFEs 310 for the data packets according to the transient network topology”, [0058]),  wherein the network device receives the plurality of ACL rules from the controller via the spine switch (as explained above for claim 1).
-Regarding claim 4, Kim et al in view of Wang et al   teaches that the device can be configured to: determine, via a counter “[1]”(appeared in ([1] */3, */3, */2, */3) (see (545) of  figure 5 of Kim et al)),  whether a source address (“source and/or destination IP addresses”/”source and/or destination MAC addresses”, [0127] of Kim et al) in the ACL rules identifies a directly connected route, (see [0064, 0127] of Kim et al) ; determine, via a counter “[1]”(appeared in ([1] */3, */3, */2, */3) (see (545) of  figure 5 of Kim et al)),  whether the source address in the ACL rules is local to the network device; and  program (with the instructions) to store the ACL rules in the hardware forwarding table of the memory of the network device, (as expressed above  in claim 1), in response to determining/knowing  (at the time of receiving the ACL rules) that the source address identifies a directly connected route and is local to the network device, (as in response to the reception of the ACL rules) (see [0127, 0128] of Kim et al).
-Regarding claim 6, Kim et al in view of Wang et al  teaches that the device is configurable to: to collect information (e.g.,  information “[3] 2/1, 3/1, 3/1 Path Failure” received from (520), figure 6A of Kim et al) relating to ACL rules programmed in the hardware forwarding table of the memory of the network device that have been triggered (by a failure event “the connection between the HFEs 525 and 530 is currently down”, [0070] of Kim et al, e.g., when a network device in the routing path leaves the network), and providing, via the source end point as being capable to communicate with the controller, the collected information to the controller, the network device receiving, via the source end point, updated ACL rules from the controller in response to providing the collected information to the controller, (as the controller capable of distribute ACL rules to the source end point which in turn, distribute the ACL rules to the network device), (see “This enables the path failure packet 600 to traverse the reverse path back to the network endpoint 505, which updates its stored network topology to remove the connection between the HFEs 525 and 530”, [0071] of Kim et al, and “The stationary topology stored by the network controller is updated regularly as forwarding elements and/or network endpoints join and leave the network 300”, [0052] of Kim et al, and “these controllers may also help with maintaining the network state (e.g., by regularly verifying that the HFEs are present in the network”, [0053] of Kim et al).
-Regarding claim 7, Kim et al teaches that at least some (“ACL rule”, [0127]) of the ACL rules in the plurality of ACL rules are based on device classes (“type of values used in the ACL rules (e.g., source and/or destination IP addresses”, [0127]) of computers (being the source end point and the destination end point) connected to the network device, (see [0127]).
-Regarding claim 21, in Kim et al in view of Wang et al, Kim et al does not teach whether the memory comprises a content addressable memory, as claimed.
Wang et al further teaches that the hardware forwarding table of the memory is a content addressable memory “MMIO address space”, (see [0036]).
For further application, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al and Wang et al, to implement Kim et al in view of Wang et al, as further taught by Wang et al, and arrived at the claimed feature, in such a way that in the device, the hardware forwarding table of the memory would be  a content addressable memory.  One skilled in the art would have been motivated to make such a combination because by doing so, the ACL rules could be provided, when needed, from the hardware forwarding table of the memory for processing, as taught by Wang et al.
-Regarding claim 8, Kim et al teaches a network device (“first HFE 515”, [0066]), comprising: one or more computer processors (“at least one processing unit”, [0138]); a memory (“storage”, [0138]) and a computer-readable storage medium “computer-readable medium”, [0138]) comprising instructions (“set of instructions”, [0138]) for controlling the one or more computer processors to perform a method (see figure 5) configured to:
receive, via a source end point ((505), figure 5), a plurality of ACL rules, , each rule ((Act/Fwd, Dig1, ACL Rule), figure 17) included in each corresponding packet of received packets (“data packets”, [0005]), each rule comprising: 
a first portion (ACL Rule) as packet-identifying information to identify the packet,  in a manner that it is a rule for determining whether the packet can be forwarded (permitted) or not forwarded (dropped) (see “if the header values of the packet do not match those required by the ACL rule, then the process 1600 drops (at 1615) the packet, then ends. Otherwise, the process continues (at 1645) processing the packet (e.g., performing other actions and/or forwarding the packet”, [0128]), and 
a second portion (Act/Fwd), as indications of one or more actions to be performed on the identified packet,  in a manner that, for illustration, a second portion (*/3, */3, */2, */3) (see (545) of  figure 5) indicates an action of outputting the packet to an egress port (3) of the network device to be performed by the network device on the packet (see figure 5 and “Each data packet sent through the network includes the inner packet (e.g., a payload, as well as traditional L2-L4 headers) as well as the packet header generated by the network endpoint that specifies the path for the packet through the network. In some embodiments, this path includes an ingress port field and egress port field for each forwarding element along the path of the packet”, [0063]),
wherein the plurality of ACL rules are received from a controller from a controller (“network controllers 305”, [0052]) that is separate from the network device, in such a way that the network device receives the ACL rules from the source end point, that  derives/extracts  the ACL rules from a transient traffic data policies (“transient network policy”, [0057]) which in turn, are based on a stationary traffic and data polices (“stationary network topology”, [0053]) received by the source end point from the controller in a particular situation when the transient traffic data policies are not updated and so, are the same as stationary traffic and data policies, due to transient changes that have not occurred in the data network, (see “The master controller is also responsible for distributing the topology to new network endpoints”, [0053], “ the network endpoints 315 store the transient network topology”, [0052], “The transient network topology includes the most up-to-date changes to the actual network”, [0057], “The transient network topology is based on the stationary network topology”, [0057], and “To send data packets through the network, the network endpoints 315 use the control plane to generate packet headers that specify paths through the HFEs 310 for the data packets according to the transient network topology”, [0058]); and 
obtain and process the second portion (Act/Fwd) of  each ACL rule (e.g., a rule “*/3” firstly appeared in (545) of figure 5) in the plurality of ACL rules only when the ACL rule is of a permitted packet of the received packets and the packet identifying information in the ACL rule is associated with a route  (being the routing path) that is directly connected to the network device (see figure 5 and [0063, 0064]).
Kim et al does not teach a feature that in the device, the ACL rule of the plurality of rules is programmed in a hardware forwarding table of the memory of the network device, as claimed.
In analogous art, Wang et al teaches that forwarding data (“at least a portion of the packet filtering and/or rule data”, claim 10) can be stored in a hardware forwarding table of  a  memory (“forwarding table in the memory”, claim 10) and later retrieved for processing the data when needed, (referred to  “employing the packet filtering and/or rule data in the forwarding table to determine whether a received packet belongs to a classified packet flow”, claim 10 ),  (see [0021, 0024, 0032, 0036, claim 10).
Accordingly, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al and Wang et al and arrived at the claimed feature, in such a way that in the device, the memory would comprise a hardware forwarding table, wherein the plurality of ACL rules including the only ACL rules would be selectively programmed with the instructions to be stored in the hardware forwarding table of the memory for later retrieval when needed to be processed in the network device. One skilled in the art would have been motivated to make such a combination because by doing so, the ACL rules could be provided, when needed, from the hardware forwarding table of the memory for processing, as taught by Wang et al.
-Regarding claim 9, Kim et al teaches that the method is configured to: send at least some of the ACL rules (e.g., (*/3, */2, */3) (see [2] 1/3, */3, */2, */3) of figure 5) in the plurality of ACL rules to a peer network device (520) (see figure 5).
-Claim 10 is rejected with similar reasons for claim 4.
            -Claim 11 is rejected with similar reasons for claim 3.
-Regarding claim 14, Kim et al teaches a method in a network switch (“first HFE 515”, [0066]),  the network switch comprising: one or more computer processors (“at least one processing unit”, [0138]); a memory (“storage”, [0138]) and a computer-readable storage medium “computer-readable medium”, [0138]) comprising instructions (“set of instructions”, [0138]) for controlling the one or more computer processors to perform the method, the method comprising: 
receiving, via a source end point ((505), figure 5), a plurality of ACL rules, each rule ((Act/Fwd, Dig1, ACL Rule), figure 17) included in each corresponding packet of received packets (“data packets”, [0005]), each rule comprising: 
a first portion (ACL Rule) as packet-identifying information to identify the packet,  in a manner that it is a rule for determining whether the packet can be forwarded (permitted) or not forwarded (dropped) (see “if the header values of the packet do not match those required by the ACL rule, then the process 1600 drops (at 1615) the packet, then ends. Otherwise, the process continues (at 1645) processing the packet (e.g., performing other actions and/or forwarding the packet”, [0128]), and 
a second portion (Act/Fwd), as indications of one or more actions to be performed on the identified packet,  in a manner that, for illustration, a second portion (*/3, */3, */2, */3) (see (545) of  figure 5) indicates an action of outputting the packet to an egress port (3) of the network device to be performed by the network device on the packet (see figure 5 and “Each data packet sent through the network includes the inner packet (e.g., a payload, as well as traditional L2-L4 headers) as well as the packet header generated by the network endpoint that specifies the path for the packet through the network. In some embodiments, this path includes an ingress port field and egress port field for each forwarding element along the path of the packet”, [0063]),
wherein the plurality of ACL rules are received from a controller from a controller (“network controllers 305”, [0052]) that is separate from the network device, in such a way that the network device receives the ACL rules from the source end point, that  derives/extracts  the ACL rules from a transient traffic data policies (“transient network policy”, [0057]) which in turn, are based on a stationary traffic and data polices (“stationary network topology”, [0053]) received by the source end point from the controller in a particular situation when the transient traffic data policies are not updated and so, are the same as stationary traffic and data policies, due to transient changes that have not occurred in the data network, (see “The master controller is also responsible for distributing the topology to new network endpoints”, [0053], “ the network endpoints 315 store the transient network topology”, [0052], “The transient network topology includes the most up-to-date changes to the actual network”, [0057], “The transient network topology is based on the stationary network topology”, [0057], and “To send data packets through the network, the network endpoints 315 use the control plane to generate packet headers that specify paths through the HFEs 310 for the data packets according to the transient network topology”, [0058]);
for each ACL rule in the plurality of ACL rules, autonomously programming, with the instructions being executed by the one or more computer processors, to obtain and process the ACL rule in response to determining/knowing (at the time of receiving the ACL rules) that the source address(es) of the packet identifying information in the ACL rules targets the packets as data packets sent from a computer (being the source end point) that is deemed to be local to the network switch, (as in response to the reception of the ACL rules) (see [0127, 0128]); and 
sending at least some of the ACL rules (e.g., (*/3, */2, */3) (see [2] 1/3, */3, */2, */3) of  figure 5) in the plurality of ACL rules to a peer network switch (520), (see figure 5).
Kim et al does not teach a feature that in the device, the ACL rule of the plurality of rules is programmed in a hardware forwarding table of the memory of the network device, as claimed.
In analogous art, Wang et al teaches that forwarding data (“at least a portion of the packet filtering and/or rule data”, claim 10) can be stored in a hardware forwarding table of  a  memory (“forwarding table in the memory”, claim 10) and later retrieved for processing the data when needed, (referred to  “employing the packet filtering and/or rule data in the forwarding table to determine whether a received packet belongs to a classified packet flow”, claim 10 ),  (see [0021, 0024, 0032, 0036], claim 10).
Accordingly, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al and Wang et al and arrived at the claimed feature, in such a way that in the method, the memory would comprise a hardware forwarding table, wherein the plurality of ACL rules including the only ACL rules would be selectively programmed with the instructions to be stored in the hardware forwarding table of the memory for later retrieval when needed to be processed in the network device. One skilled in the art would have been motivated to make such a combination because by doing so, the ACL rules could be provided, when needed, from the hardware forwarding table of the memory for processing, as taught by Wang et al.
-Claim 15 is rejected with similar reasons for claim 2.
            -Regarding claim 16, Kim et al teaches that the computer is deemed to be local to the network switch when the computer is connected to a physical port (1) of the network switch (515), (see figure 5).
-Claim 17 is rejected with similar reasons for claim 4.
            -Claim 20 is rejected with similar reasons for claim 6.
Claims 5, 12, 13, 18 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Kim et al in view of Wang et al , and further in view of Wang et al (2015/0333964) previously cited (hereafter referred as Wang II).
-Regarding claim 5, in Kim et al in view of Wang et al , when a computer (being the destination end point (510), figure 6A of Kim et al) targeted by the at least one  ACL rule (illustrated by ALC rules (625), figure 6A of Kim et al) is no longer connected, (via a disconnection between (525) and (530), figure 6A  of Kim et al), to the network device on the routing path (see (605) of figure 6A of Kim et al), and a report (600), figure 6A of Kim et al of the disconnection is sent, via (525, 520), figure 6A of Kim et al to the network device (see (610) of figure 6A of Kim et al), and so, the network device resultedly knows that the ACL rule stored in the memory of the network device becomes invalid and no longer to be used.
Kim et al in view of Wang et al does not teach a feature that the device is configured to delete the at least one  ACL rule from the hardware forwarding table of the memory of the network device when the computer targeted by the at least one ACL rule is no longer connected to the network device, as claimed.
In analogous art, Wang II teaches that no-longer used data  “characteristic data” stored in a memory “memory space” can be deleted from the memory for saving space in the memory, (see [0081]).
Accordingly, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al, Wang et al  and Wang II and arrived at the claimed feature, in such a way that the device would be configured to delete the at least one  ACL rule from the hardware forwarding table of the memory of the network device when the computer targeted by the ACL rule is no longer connected to the network device resultedly making the stored at least one  ACL rule no longer used. One skilled in the art would have been motivated to make such a combination because by doing so, the deletion would save space in the memory of the network device, as taught by Wang II.
-Regarding claim 13,  Kim et al in view of Wang et al  teaches that when a computer (being the destination end point (510) of Kim et al) targeted by the ACL rule is no longer connected, via a disconnection between (525) and (530) of Kim et al, to the network device on the routing path (see (605) of figure 6A of Kim et al), and a report (600) of Kim et al of the disconnection is sent, via (525, 520) of Kim et al to the network device (see (610) of figure 6A of Kim et al), and so, the ACL rule stored in the memory of the network device becomes invalid and no longer used.
 Kim et al in view of Wang et al  does not teach a feature that the method is configured to delete the ACL rule from the hardware forwarding table of the memory of the network device when determining that the computer targeted by the ACL rule is no longer connected to the network device, as claimed.
In analogous art, Wang II teaches that no-longer used data  “characteristic data” stored in a memory “memory space” can be deleted from the memory for saving space in the memory, (see [0081]).
Accordingly, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al, Wang et al  and Wang II and arrived at the claimed feature, in such a way that the method would be configured to delete the ACL rule from the hardware forwarding table of the memory of the network device when determining that the computer targeted by the ACL rule is no longer connected to the network device resultedly making the stored ACL rule invalid and no longer used. One skilled in the art would have been motivated to make such a combination because by doing so, the deletion would save space in the memory of the network device, as taught by Wang II.
-Regarding claim 19, Kim et al in view of Wang et al  teaches that when a computer (being the destination end point (510) of Kim et al) targeted by the ACL rule is no longer connected, via a disconnection between (525) and (530) of Kim et al, to the network device on the routing path (see (605) of figure 6A of Kim et al), and a report (600) of Kim et al of the disconnection is sent, via (525, 520) of Kim et al to the network device (see (610) of figure 6A of Kim et al), and so, the  ACL rule stored in the memory of the network device becomes invalid and no longer used.
Kim et al in view of Wang et al  does not teach a feature that the method comprises: determining that the computer targeted by the ACL rule is no longer connected to the network switch and, in response, deleting the ACL rule from the hardware forwarding table of the memory of the network switch, as claimed.
In analogous art, Wang II teaches that no-longer used data “characteristic data” stored in a memory “memory space” can be deleted from the memory for saving space in the memory, (see [0081]).
Accordingly, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al, Wang et al  and Wang II and arrived at the claimed feature, in such a way that the method would be configured to comprise: determining that the computer targeted by the ACL rule is no longer connected to the network switch and, in response, deleting the ACL rule from the hardware forwarding table of the memory of the network switch. One skilled in the art would have been motivated to make such a combination because by doing so, the deletion would save space in the memory of the network device, as taught by Wang II.
-Regarding claim 12, Kim et al in view of Wang et al  teaches that when a computer (being the destination end point (510) of Kim et al) targeted by the ACL rule is no longer connected, e.g., via a disconnection between (525) and (530) of Kim et al, to the network device on the routing path (see (605) of figure 6A of Kim et al), and a report, e.g.,  (600) of Kim et al, of the disconnection  is sent, via (525, 520) of Kim et al to the network device (see (610) of figure 6A of Kim et al), and so, the  ACL rule stored in the memory of the network device becomes invalid or no longer used/associated with a route updated that is directly connected to the network device (see (615), figure 6B of Kim et al).
Kim et al in view of Wang et al  does not teach a feature that the method comprises: deleting the ACL rule from the hardware forwarding table of the memory of the network device when the ACL rule is no longer associated with the updated route as a route that is directly connected to the network device , as claimed.
In analogous art, Wang II  teaches that no-longer used data  “characteristic data” stored in a memory “memory space” can be deleted from the memory for saving space in the memory, (see [0081]).
Accordingly, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al, Wang et al and Wang II  and arrived at the claimed feature, in such a way that the method would be configured to comprise: deleting the ACL rule from the hardware forwarding table of the memory of the network switch when the ACL rule is no longer associated with the updated route as a route that is directly connected to the network device. One skilled in the art would have been motivated to make such a combination because by doing so, the deletion would save space in the memory of the network device, as taught by Wang II.
-Regarding claim 18, Kim et al in view of Wang et al  teaches that when a computer (being the destination end point (510) of Kim et al) targeted by the ACL rule is  no longer connected, e.g., via a disconnection between (525) and (530) of Kim et al, to the network device on the routing path (see (605) of figure 6A of Kim et al), and a report, e.g.,  (600) of Kim et al, of the disconnection  is sent, via (525, 520) of Kim et al  to the network device (see (610) of figure 6A of Kim et al), and so, the  ACL rule stored in the memory of the network device becomes invalid and no longer targets data packets sent from a computer (being the end point ((505), figure 5 of Kim et al )) that is deemed to be local  to the network switch.
Kim et al in view of Wang et al  does not teach a feature that the method comprises: deleting the ACL rule from the hardware forwarding table of the memory of the network switch when the ACL rule is no longer targets data packets sent from the computer, as claimed.
In analogous art, Wang II teaches that no-longer used data  “characteristic data” stored in a memory “memory space” can be deleted from the memory for saving space in the memory, (see [0081]).
Accordingly, it would have been obvious for one skilled in the art before the effective filing date of the invention to have combined Kim et al, Wang et al  and Wang II and arrived at the claimed feature, in such a way that the method would be configured to comprise: deleting the ACL rule from the hardware forwarding table of the memory of the network switch when the ACL rule is no longer targets data packets sent from the computer. One skilled in the art would have been motivated to make such a combination because by doing so, the deletion would save space in the memory of the network device, as taught by Wang II.
Response to Arguments2.                   3.                   4.                   
Applicant's arguments filed on 06/17/22 have been fully considered.  However, claims 1-21, after amended with new limitations or newly added, are deemed not allowable because of reasons set forth above in this Office Action.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Eric Phu whose telephone number is (571)272-3502. The examiner can normally be reached Monday - Friday 9:30 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Pankaj Kumar can be reached on 571-272-3011. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/E.V.P./Examiner, Art Unit 2463                                                                                                                                                                                                        
/PANKAJ KUMAR/Supervisory Patent Examiner, Art Unit 2463