Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Claims 1-20 are pending. Claims 1-6 and 9-20 have been amended. No claim is added or cancelled. 

Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

  Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Johnson et al. (US 20080271134) hereinafter Johnson in view of Barabash et al. (US 20150312142) hereinafter Barabash.   
Regarding claim 1, Johnson teaches a method comprising: obtaining a first packet of an Internet Protocol packet flow at a classifying device (i.e. a packet is received in a NIC (Step 401). The packet is received over a network connection from another device on the network, such as a host, [0053]); providing the first packet to a firewall device (i.e. The packets received by the NI are forwarded to other components on the NIC (105) for processing, [0024] and a firewall may be used by the NIC (105) to permit, deny, and/or proxy network connections between the NIC (105) and other devices on the network [0031]); storing, at the classifying device, data that indicates that the non-control packets of the Internet Protocol packet flow are to be provided to the processing entity (i.e. firewall rules and NAT parameters associated with the packet filter may be stored in the SPD and accessed by the policy engine to enforce a network layer firewall on the NIC, [0049]); obtaining one or more non-control packets of the Internet Protocol packet flow at the classifying device (i.e. packets from a network are received by the NIC, [0040]); determining, by comparing data contained in the one or more non-control packets of the Internet Protocol packet flow to the data stored at classifying device, that the one or more non-control packets of the Internet Protocol packet flow are to be provided to the processing entity (i.e. Packets received by the receiving system (via a NIC associated with the receiving system) are analyzed by a classifier to determine the connection associated with the packet, [0010]).
However, Johnson does not explicitly disclose obtaining, at the classifying device, an indication from the firewall device that non- control packets of the Internet Protocol packet flow are to be provided to a processing entity and control packets configured to indicate a change in a flow state of the Internet Protocol packet flow are to be provided to the firewall device; providing the one or more non-control packets of the Internet Protocol packet flow to the processing entity in response to the determining; obtaining a control packet of the Internet Protocol packet flow at the classifying device; and providing the control packet of the Internet Protocol packet flow to the firewall device.
However, Barabash teaches obtaining, at the classifying device, an indication from the firewall device that non-control packets of the Internet Protocol packet flow are to be provided to a processing entity (i.e. the flow table stored within forwarding node 120 is updated with any instructions included in route path 145 that indicate how forwarding node 120 is to process data packets 155 of the flow, [0046] and A firewall is an example of a decision making network node. A firewall, for example, may decide that a certain flow and/or packet of a flow should be forwarded through an intrusion detection system, blocked, or otherwise diverted from the route path, [0061]), and control packets configured to indicate a change in a flow state of the Internet Protocol packet flow are to be provided to the firewall device (i.e. a decision making network node is applicable to situations where the decision making network node makes decisions based upon n-tuple information of the control packet, where “n” is an integer value, e.g., 5. In cases where the decision making network node is able to inspect the payload of the control packet, the decision making network node also must be able to read and/or access header information for the packet, [0062]); providing the one or more non-control packets of the Internet Protocol packet flow to the processing entity in response to the determining (i.e. data packets 155 travel from start node 115, to forwarding node 120, to forwarding node 125, to forwarding node 130, through to end node 135. Each of forwarding nodes 120, 125, and 130 processes data packets 155 in accordance with the particular instructions for the flow corresponding to that forwarding node as specified by received route path information, [0033]); obtaining a control packet of the Internet Protocol packet flow at the classifying device (i.e. the control packet may be augmented so that header information of the control packet is also included or incorporated into the payload portion of the control packet and, thereby available for inspection from a decision making network node configured to inspect payloads, [0062]); and providing the control packet of the Internet Protocol packet flow to the firewall device (i.e. the decision making network node (firewall) may modify the route path specified within the existing control packet that is received, [0061]).
Based on Johnson in view of Barabash it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Barabash to the system of Johnson in order to increase performance of packets offloading of Johnson system. 

Regarding claim 2, Johnson does not explicitly disclose providing the control packet of the Internet Protocol packet flow to the firewall device comprises providing the control packet of the Internet Protocol packet flow to the firewall device to maintain a flow state of the Internet Protocol packet flow at the firewall device.
However, Barabash teaches providing the control packet of the Internet Protocol packet flow to the firewall device comprises providing the control packet of the Internet Protocol packet flow to the firewall device to maintain a flow state of the Internet Protocol packet flow at the firewall device (i.e. a decision making network node is applicable to situations where the decision making network node makes decisions based upon n-tuple information of the control packet, where “n” is an integer value, e.g., 5. In cases where the decision making network node is able to inspect the payload of the control packet, the decision making network node also must be able to read and/or access header information for the packet, [0062]). Therefore, the limitations of claim 2 are rejected in the analysis of claim 1, and the claim is rejected on that basis. The rationale to combine as discussed in claim 1, applies here as well.

Regarding claim 3, Johnson does not explicitly disclose storing data maintaining the flow state of the Internet Protocol packet flow at the firewall device.
However, Barabash teaches storing data maintaining the flow state of the Internet Protocol packet flow at the firewall device (i.e. store a flow table within memory elements. updates the flow table in accordance with information specified within a received control packet from another forwarding node or in accordance with route path information received directly from the SDN controller as described within this disclosure, [0041]). Therefore, the limitations of claim 3 are rejected in the analysis of claim 1, and the claim is rejected on that basis. The rationale to combine as discussed in claim 1, applies here as well.

Regarding claim 4, Johnson does not explicitly disclose providing, to the firewall device from the classifying device, data updating the flow state of the Internet Protocol packet flow       
However, Barabash teaches providing, to the firewall device from the classifying device, data updating the flow state of the packet flow (i.e. the SDN controller may provide a route path up to, and ending at, the decision-making network node and the decision-making network node are (firewall) updated, [0061]). Therefore, the limitations of claim 4 are rejected in the analysis of claim 3, and the claim is rejected on that basis. The rationale to combine as discussed in claim 3, applies here as well.

Regarding claim 5, Johnson teaches obtaining at the classifying device an indication from the firewall device that non-control packets of the Internet Protocol packet flow should no longer be provided to the processing entity (i.e. the SP(s) and/or firewall rule(s) may block all packets that are not from a local area network (LAN) associated with the NIC (105). Blocked packets may then be handled according to the SP(s) and/or firewall rule(s). For example, the blocked packets may be dropped, or the blocked packets may be stored for future reference and/or analysis, [0040]); obtaining a non-control packet of the Internet Protocol packet flow at the classifying device (i.e. a packet is received in a NIC (Step 401). The packet is received over a network connection from another device on the network, such as a host, [0053]); and providing the non-control packet of the Internet Protocol packet flow to the firewall device (i.e. a TCP offload engine (TOE) is used as the transport protocol offload engine (215) to process packets in accordance with transport layer protocols and/or network layer protocols, [0039]).

Regarding claim 6, Johnson teaches the indication from the firewall device that the non- control packets of the Internet Protocol packet flow should no longer be provided to the processing entity is obtained at the classifying device in response to predetermined criteria evaluated by the firewall device, wherein the predetermined criteria comprise one or more of a reputation change of a source device of the Internet Protocol packet flow, a posture change of the source device of the Internet Protocol packet flow, and/or timing of receipt of the Internet Protocol packet flow (i.e. A determination is made, based on the firewall rules and/or SPs, about whether the packet is admitted into the system (Step 411). For example, the packet may be blocked or admitted based on source and/or destination IP address, packet contents, [0054]).

Regarding claim 7, Johnson teaches the firewall device applies services to the first packet via software instructions stored at the firewall device (i.e. a policy engine configured to determine an admittance of the packet using one of the plurality of SPs from the SPD, a filter database comprising a plurality of filter policies, and a filter engine configured to apply one of the plurality of filter policies to the packet, [0014]); and the processing entity applies services to the one or more non-control packets via hardware of the processing entity (i.e. transport layer and network layer processing of packets may be partially or wholly provided by a transport protocol offload engine (215) on the NIC (105, [0039]).

Regarding claim 8, Johnson teaches the hardware of the processing entity executes packet rewrite instructions (i.e. transport layer processing includes TCP and UDP processing of packets. In one or more embodiments of the invention, network layer processing includes IP processing of packets. In other words, network stack functionality may be provided by the transport protocol offload engine (215) in lieu of a software module on the host connected to the NIC, [0039]).

Regarding claim 9, Johnson teaches obtaining a non-control packet of the Internet Protocol packet flow at the classifying device (i.e. a packet is received in a NIC (Step 401). The packet is received over a network connection from another device on the network, such as a host, [0053]); determining at the classifying device that an amount of data contained in the non-control packet exceeds a predetermined threshold (i.e. the filter DB may store firewall rules and NAT parameters for incoming and outgoing packets. Further, the filter DB may be populated with rules and/or parameters using a filter utility on the host, [0050]); and providing the non-control packet to the firewall device in response to determining that the amount of data contained in the non-control packet exceeds the predetermined threshold (i.e. a TCP offload engine (TOE) is used as the transport protocol offload engine (215) to process packets in accordance with transport layer protocols and/or network layer protocols, [0039]).

Regarding claims 10-20, the limitation of claims 10-20, are similar to the limitations of claim 1-2, 4-6, and 9 above. Johnson further teaches an apparatus (i.e. device, [0053]) comprising: one or more memories (i.e. memory, [0032]; one or more network interfaces configured to enable network communications (i.e. a network interface connection, [0061]); and one or more processors (i.e. a processor, [0032]), one or more tangible non-transitory computer readable mediums containing instructions, (i.e. a computer readable medium, [0062]). Therefore, the limitations are rejected in the analysis of their similar limitations, and the claims are rejected on that basis.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to AYELE F WOLDEMARIAM whose telephone number is (571)270-5196. The examiner can normally be reached M_F 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon H Hwang can be reached on 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/A F W/
AYELE F. WOLDEMARIAM
Examiner
Art Unit 2447
10/3/2022

/JOON H HWANG/Supervisory Patent Examiner, Art Unit 2447