Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 08/18/2022 has been entered.

Response to Amendment
This communication is in response to the claims filed on 08/18/2022.
Claims 1-21 are pending.

Response to Arguments
Rejections of Claims Under 35 U.S.C. 103 
Applicant’s Arguments:
Alleged Obvious
Claim 1
Applicant argues that First, Mukerji does not teach “tracking endpoint-generated TCP acknowledgement messages as they flow unmodified through the device…”, as Mukerji is to impose “temporal delays in the sending of [TCP] acknowledgements” that would otherwise just pass through the intermediate device (e.g., from the server through the TMD and back to the sending client).  In Mukerji, endpoint-generated TCP acknowledgements are held within the intermediary device (e.g., stored in a buffer) and thus do not “flow …through the device.”. Further, in Mukerji, the buffer state is what is really being tracked, and to determine when those held acknowledgements should be released for return back to the originating sending endpoint. The flow of the TCP acknowledgements through the device actually is modified by virtue of the acknowledgements being held and selectively delayed based on the contents of the buffer. The TCP acknowledgements never flow unmodified through the device. The “receiving computing device” is what the claim elements refers to as the endpoint, and not the “device positioned between a pair of endpoints.” In Mukerji, the acknowledgements that might otherwise flow through the intermediary are held-up and then selectively delayed based on the contents of the buffer there.
Second, Mukerji does not teach “selectively rewriting the stream of TCP traffic to generate rewritten content”. As recited in the claim, the “device” that is performing “rewriting the stream of TCP traffic to generate rewritten content” is not using “a TCP stack.” Mukerji’s intermediary device has and uses a TCP stack. Mukerji’s text is just describing how TCP devices work, the claim element is not referencing a TCP device; rather, it is describing the function in the context of an intermediary that does not use “a TCP stack.”
Third, Ichino is providing TCP functions in the device itself, and the processing of the TCP ACK messages that are returned from the destination. Ichino does not teach controlling transmission of rewritten data content and “inspecting without using a TCP stack”.
When combined, the cited references teach an intermediary device that selectively holds and delays TCP acknowledgements (Mukerji), TCP acknowledgement processing for controlling data transmission (Ichino), and payload modifications (Dubrovsky). The intermediary includes and uses a TCP stack.
Claims 2, 9 and 16 and claims 3, 10 and 17.
Applicant argues that neither Mukerji nor the secondary art provides for the particular input data packet processing into an input record. Mukerji does not teach “a last input data packet”. There is no suggestion in Mukerji of not providing an acknowledgement for any particular data packet that is received and retained in the buffer.
Applicant argues that Mukerji cannot teach both input record and output record based on the buffer.
Examiner’s Response:
The applicant’s arguments/remarks filed on 02/16/2022 regarding claims 1-21 have been fully considered but are moot in view of the new ground(s) of rejection. The above limitation is taught by previous arts and newly cited arts, Pedersen (U. S. Pub. No.2011/0276699A1), and Srivastava (U. S. Patent No. 2006/0130064A1).
Claim 1
Pedersen teaches wherein selectively rewriting the stream of TCP traffic to generate rewritten data content (See at least ¶ [0084], “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall may rewrite, remove or otherwise mask such identified occurrence or confidential information”); and tracking endpoint-generated TCP acknowledgement messages as they flow unmodified through the device (See at least ¶ [0117],  ¶ [0145] and ¶ [0146], “the packet engine 240 may include a buffer (including input record, see Fig. 4D) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”; “The appliance 200 then generates an acknowledgement packet(ACK) and sends the ACK packet back to the client or sending endpoint”;  “the appliance 200 monitors acknowledgements generated by the receiving endpoint (to the sending entity), so that it can determine whether the packet has been successfully delivered or needs to be retransmitted). Here, The ACK messages flow through the device without modified.
Claims 2, 9 and 16 and claims 3, 10 and 17.
See at least ¶ [0087] and ¶ [0117], “the client 102, sever 106, and appliance 200 and 205 may be deployed as and/or executed on any type and form of computing device, each computing device 100 may also include additional optional elements, such as one or more input/output devices”; “the packet engine 240 is in communication with one or more network stacks 267 to send and receive network packets via network ports”, here, Pedersen teaches the particular input data packet processing into an input record. Pedersen does teach “a last input data packet”, and teaches  providing an acknowledgement for any particular data packet that is received and retained in the buffer, and both input record and output record based on the buffer, as recited in Pedersen, See at least ¶ [0141] and ¶ [0152], “acknowledgement packets sent to the sender, by the receiver”; See at least ¶ [0117],  ¶ [0145] and ¶ [0146], “the packet engine 240 may include a buffer (including input record, see Fig. 4D) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”; “The appliance 200 then generates an acknowledgement packet(ACK) and sends the ACK packet back to the client or sending endpoint”;  “the appliance 200 monitors acknowledgements generated by the receiving endpoint (to the sending entity), so that it can determine whether the packet has been successfully delivered or needs to be retransmitted”.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-4, 8-11 and 15-18 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen (U. S. Pub. No.2011/0276699A1), in view of Ichino (WO 2012/095904 A1), and in view of Srivastava (U. S. Patent No. 2006/0130064A1).
As to claim 1, Pedersen teaches a method carried out in a device positioned between a pair of endpoints, each of which endpoint (See at least ¶ [0068], “The clients 102 may also be referred to as client nodes or endpoints”) includes a TCP stack (See at least Figure 2, ¶ [0027] and ¶ [0097], a block diagram of an embodiment of an intermediary computing device for processing communications between a client and a server; a server 106 includes an application delivery system 290 for delivering a computing environment or an application and/or data file to one or more clients 102”), comprising: inspecting a stream of TCP traffic flowing between the pair of endpoints (See at least  ¶ [0037] and ¶ [0084], “TCP traffic carrying the storage and data payload, resulting in packet streaming architecture that allows packets to pass through”;  “The appliance may inspect or analyze any network communication”); as the stream of TCP traffic is flowing, and without TCP connection termination, selectively rewriting the stream of TCP traffic to generate rewritten data content (See at least ¶ [0084], “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall may rewrite, remove or otherwise mask such identified occurrence or confidential information”); and tracking endpoint-generated TCP acknowledgement messages as they flow unmodified through the device (See at least ¶ [0141] and ¶ [0152], “acknowledgement packets sent to the sender, by the receiver”; See at least ¶ [0117],  ¶ [0145] and ¶ [0146], “the packet engine 240 may include a buffer (including input record, see Fig. 4D) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”; “The appliance 200 then generates an acknowledgement packet(ACK) and sends the ACK packet back to the client or sending endpoint”;  “the appliance 200 monitors acknowledgements generated by the receiving endpoint (to the sending entity), so that it can determine whether the packet has been successfully delivered or needs to be retransmitted); wherein the inspecting, rewriting and control operations are performed in software executing in one or more hardware elements (See at least ¶ [0084] and ¶ [0117], “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall (software executing in hardware) may rewrite, remove or otherwise mask (modified) such identified occurrence or confidential information”; “the packet engine 240 may include a buffer (input record) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”). 
Although Pedersen teaches the substantial features of the claimed invention, Pedersen fails to expressly teach wherein control transmission of the rewritten data content; inspecting without using a TCP stack in the device, and without requiring termination or re-origination of a connection between the pair of endpoints.
In analogous teaching, Ichino exemplifies this wherein Ichino teaches control transmission of the rewritten data content (See at least ABSTRACT, “The retransmission control unit transmits a TCP packet transmitted from the TCP/IP processing unit as a transmission packet to a destination, receives a TCP-ACK packet responding to the transmission packet from the destination, and forwards the received TCP ACK packet to the rate maintenance unit.. forward the TCP-ACK packet after the rewriting to the TCP/IP processing unit”).
Thus, given the teaching of Ichino, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Ichino, a method and system of retransmission control of TCP packets, into Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to receive and forward TCP data packets from one endpoint to another endpoint (See Ichino: ABSTRACT).
Although Pedersen and Ichino teach the substantial features of the claimed invention, Pedersen and Ichino fail to expressly teach wherein inspecting without using a TCP stack in the device, and without requiring termination or re-origination of a connection between the pair of endpoints.
In analogous teaching, Srivastava exemplifies this wherein Srivastava teaches  wherein the set of operations are carried out without requiring a TCP stack in the device(See at least ¶ [0025], “the server load-balancing device, a TCP splicing approach is used to combine the original client connection and the server connection, to preclude the need to repeatedly walk and down the TCP stack as the mapping is evaluated (not requiring a TCP stack in the device of router(not client or server)), and without requiring termination or re-origination of a connection between the sending entity and the receiving entity (See at least ¶ [00025], ¶ [0027], “a TCP splicing approach is used to combine the original client connection and the new server connection, to preclude the need to repeatedly walk up and down the TCP stack”; “there is a need for an improved way to ensure that subsequent packets go to the same server without requiring termination of a TCP connection”).
Thus, giving the teaching of Srivastava, it would have been obvious to one of the ordinary skills person in the art to combine the teaching of Srivastava, a method or system for routing data from clients, into Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for a method of routing data from a client to a selected server. One of the ordinary skills in the art before the effective filing date of the claimed invention would have been motivated because it would have been advantageous to have the method to have packet flows rapidly routed from the same client to the same server without time-consuming hop-by-hop routing decisions or repeated load-balancing decisions (See Srivastava: ABSTRCT).

As to claim 2, Pedersen, Ichino and Srivastava teach a method as described in claim 1. Pedersen further teaches wherein inspecting the stream comprises: in response to determining that a portion of the stream is to be rewritten, the portion comprising one or more input data packets received from a sending endpoint entity (See at least ¶ [0087] and ¶ [0117], “the client 102, sever 106, and appliance 200 and 205 may be deployed as and/or executed on any type and form of computing device, each computing device 100 may also include additional optional elements, such as one or more input/output devices”; “the packet engine 240 is in communication with one or more network stacks 267 to send and receive network packets via network ports”), placing, in an input record, the one or more input data packets comprising the portion, the one or more input data packets including a last input data packet (See at least ¶ [0117], “the packet engine 240 may include a buffer for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”); and returning to the sending endpoint entity an acknowledgement for each input data packet received except for the last input data packet (See at least ¶ [0141] and ¶ [0152], “acknowledgement packets sent to the sender, by the receiver”; “the flow controller 220 does not preack the last packet of a group of packets. By not preacking (acknowledge) the last packet”).

As to claim 3, Pedersen, Ichino and Srivastava teach a method as described in claim 2. Pedersen further teaches wherein selectively rewriting the stream comprises: generating, from the one or more input data packets in the input record, a modified portion of the stream, the modified portion being the rewritten data content and comprising one or more output data packets to be sent to a receiving endpoint entity (See at least ¶ [0087] and ¶ [0117], “the client 102, sever 106, and appliance 200 and 205 may be deployed as and/or executed on any type and form of computing device, each computing device 100 may also include additional optional elements, such as one or more input/output devices”; “the packet engine 240 is in communication with one or more network stacks 267 to send and receive network packets via network ports”); and placing in an output record the one or more output data packet; and forwarding into the stream of TCP traffic to the receiving endpoint entity the one  or more output data packets in the output record (See at least ¶ [0087] and ¶ [0117], “the client 102, sever 106, and appliance 200 and 205 may be deployed as and/or executed on any type and form of computing device, each computing device 100 may also include additional optional elements, such as one or more input/output devices”; “the packet engine 240 is in communication with one or more network stacks 267 to send and receive network packets via network ports”),

As to claim 4, Pedersen, Ichino and Srivastava teach a method as described in claim 3. Pedersen further teaches wherein tracking endpoint-generated TCP acknowledgement messages comprises: upon receipt of acknowledgements from the receiving endpoint entity for the output data packets comprising the modified portion in the output record, transmitting to the sending endpoint entity an acknowledgement of the last input data packet of the one or more input data packets comprising portion (See at least ¶ [0141] and ¶ [0152], “acknowledgement packets sent to the sender, by the receiver”; See at least ¶ [0117],  ¶ [0145] and ¶ [0146], “the packet engine 240 may include a buffer (including input record, see Fig. 4D) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”; “The appliance 200 then generates an acknowledgement packet(ACK) and sends the ACK packet back to the client or sending endpoint”;  “the appliance 200 monitors acknowledgements generated by the receiving endpoint (to the sending entity), so that it can determine whether the packet has been successfully delivered or needs to be retransmitted”).

As to claim 8, Pedersen teaches an apparatus positioned between a pair of endpoints, each of which endpoint includes a TCP stack (See at least  ¶ [0037], “TCP traffic carrying the storage and data payload, resulting in packet streaming architecture that allows packets to pass through”;  ,comprising: a processor; computer memory holding computer program instructions executed by the processor, the computer memory holding computer program instructions comprising program code (See at least Figure 2, ¶ [0027] and ¶ [0097], a block diagram of an embodiment of an intermediary computing device for processing communications between a client and a server; a server 106 includes an application delivery system 290 for delivering a computing environment or an application and/or data file to one or more clients 102”) configured to: inspect a stream of TCP traffic flowing between the pair of endpoints (See at least  ¶ [0037] and ¶ [0084], “TCP traffic carrying the storage and data payload, resulting in packet streaming architecture that allows packets to pass through”;  “The appliance may inspect or analyze any network communication”); as the stream of TCP traffic is flowing, and without TCP connection termination, selectively rewrite the stream of TCP traffic to generate rewritten data content (See at least ¶ [0084], “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall may rewrite, remove or otherwise mask such identified occurrence or confidential information”); and track endpoint-generated TCP acknowledgement messages as they flow unmodified through the device (See at least ¶ [0141] and ¶ [0152], “acknowledgement packets sent to the sender, by the receiver”; See at least ¶ [0117],  ¶ [0145] and ¶ [0146], “the packet engine 240 may include a buffer (including input record, see Fig. 4D) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”; “The appliance 200 then generates an acknowledgement packet(ACK) and sends the ACK packet back to the client or sending endpoint”;  “the appliance 200 monitors acknowledgements generated by the receiving endpoint (to the sending entity), so that it can determine whether the packet has been successfully delivered or needs to be retransmitted”); wherein the inspecting, rewriting and control operations are performed in software executing in one or more hardware elements (See at least ¶ [0084] and ¶ [0117], “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall (software executing in hardware) may rewrite, remove or otherwise mask (modified) such identified occurrence or confidential information”; “the packet engine 240 may include a buffer (input record) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”). 
Although Pedersen teaches the substantial features of the claimed invention, Pedersen fails to expressly teach wherein control transmission of the rewritten data content; inspect without using a TCP stack in the device, and without requiring termination or re-origination of a connection between the pair of endpoints.
In analogous teaching, Ichino exemplifies this wherein Ichino teaches control transmission of the rewritten data content (See at least ABSTRACT, “The retransmission control unit transmits a TCP packet transmitted from the TCP/IP processing unit as a transmission packet to a destination, receives a TCP-ACK packet responding to the transmission packet from the destination, and forwards the received TCP ACK packet to the rate maintenance unit.. forward the TCP-ACK packet after the rewriting to the TCP/IP processing unit”).
Thus, given the teaching of Ichino, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Ichino, a method and system of retransmission control of TCP packets, into Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to receive and forward TCP data packets from one endpoint to another endpoint (See Ichino: ABSTRACT).
Although Pedersen and Ichino teach the substantial features of the claimed invention, Pedersen and Ichino fail to expressly teach wherein inspect without using a TCP stack in the device, and without requiring termination or re-origination of a connection between the pair of endpoints.
In analogous teaching, Srivastava exemplifies this wherein Srivastava teaches  wherein the set of operations are carried out without requiring a TCP stack in the device(See at least ¶ [0025], “the server load-balancing device, a TCP splicing approach is used to combine the original client connection and the server connection, to preclude the need to repeatedly walk and down the TCP stack as the mapping is evaluated (not requiring a TCP stack in the device of router(not client or server)), and without requiring termination or re-origination of a connection between the sending entity and the receiving entity (See at least ¶ [00025], ¶ [0027], “a TCP splicing approach is used to combine the original client connection and the new server connection, to preclude the need to repeatedly walk up and down the TCP stack”; “there is a need for an improved way to ensure that subsequent packets go to the same server without requiring termination of a TCP connection”).
Thus, giving the teaching of Srivastava, it would have been obvious to one of the ordinary skills person in the art to combine the teaching of Srivastava, a method or system for routing data from clients, into Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for a method of routing data from a client to a selected server. One of the ordinary skills in the art before the effective filing date of the claimed invention would have been motivated because it would have been advantageous to have the method to have packet flows rapidly routed from the same client to the same server without time-consuming hop-by-hop routing decisions or repeated load-balancing decisions (See Srivastava: ABSTRCT).

As to claim 9, Pedersen, Ichino and Srivastava teach the apparatus as described in claim 8. Pedersen further teaches wherein the program code configured to inspect the stream comprises: in response to determining that a portion of the stream is to be rewritten, the portion comprising one or more input data packets received from a sending endpoint entity, place, in an input record, the one or more input data packets comprising the portion, the one or more input data packets including a last input data packet (See at least Fig. 4D , ¶ [0032], and ¶ [0084],  “FIG.4D is a block diagram of a network stack illustrating presentation layer data flow through the stack for delivery via a transport layer(transport layer is here) connection”;  “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall may rewrite, remove or otherwise mask such identified occurrence or confidential information”); and return to the sending endpoint entity an acknowledgement for each input data packet received except for the last input data packet (See at least ¶ [0141] and ¶ [0152],” acknowledgement packets sent to the sender, by the receiver”; “the flow controller 220 does not preack the last packet of a group of packets. By not preacking (acknowledge) the last packet”).

As to claim 10, Pedersen, Ichino and Srivastava teach the apparatus as described in claim 8. Pedersen further teaches wherein the program code configured to selectively rewrite the stream comprises: generate, from the one or more input data packets in the input record, a modified portion of the stream, the modified portion being the rewritten data content and comprising one or more output data packets to be sent to a receiving endpoint entity (See at least Fig. 4D , ¶ [0032], and ¶ [0084],  “FIG.4D is a block diagram of a network stack illustrating presentation layer data flow through the stack for delivery via a transport layer(transport layer is here) connection”;  “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall may rewrite, remove or otherwise mask such identified occurrence or confidential information”); and place in an output record the one or more output data packet; and forward into the stream of TCP traffic to the receiving endpoint entity the one  or more output data packets in the output record (See at least  ¶ [0037],  ¶ [0084] and ¶ [0273], “TCP traffic carrying the storage and data payload, resulting in packet streaming architecture that allows packets to pass through”;  “The appliance may inspect or analyze any network communication” ; “the packet is transferred to the output network media interface block which transmits the data packet to the destination”).

As to claim 11, Pedersen, Ichino and Srivastava teach the apparatus as described in claim 8. Pedersen further teaches wherein track endpoint-generated TCP acknowledgement messages comprises: upon receipt of acknowledgements from the receiving endpoint entity for the output data packets comprising the modified portion in the output record, transmit to the sending endpoint entity an acknowledgement of the last input data packet of the one or more input data packets comprising portion (See at least ¶ [0117],  ¶ [0145] and ¶ [0146], “the packet engine 240 may include a buffer (including input record, see Fig. 4D) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”; “The appliance 200 then generates an acknowledgement packet(ACK) and sends the ACK packet back to the client or sending endpoint”;  “the appliance 200 monitors acknowledgements generated by the receiving endpoint (to the sending entity), so that it can determine whether the packet has been successfully delivered or needs to be retransmitted”).

As to claim 15, Pedersen teaches a computer program product in a non-transitory computer readable medium for use in a data processing system positioned between a pair of endpoints, each of which endpoint includes a TCP stack (See at least  ¶ [0037], “TCP traffic carrying the storage and data payload, resulting in packet streaming architecture that allows packets to pass through”;  ,comprising: a processor; computer memory holding computer program instructions executed by the processor, the computer memory holding computer program instructions comprising program code (See at least Figure 2, ¶ [0027] and ¶ [0097], a block diagram of an embodiment of an intermediary computing device for processing communications between a client and a server; a server 106 includes an application delivery system 290 for delivering a computing environment or an application and/or data file to one or more clients 102”), the computer program product holding computer program instructions executed by the data processing system, the computer program instructions comprising program code configured to: inspect a stream of TCP traffic flowing between the pair of endpoints (See at least  ¶ [0037] and ¶ [0084], “TCP traffic carrying the storage and data payload, resulting in packet streaming architecture that allows packets to pass through”;  “The appliance may inspect or analyze any network communication”); as the stream of TCP traffic is flowing, and without TCP connection termination, selectively rewrite the stream of TCP traffic to generate rewritten data content (See at least ¶ [0084], “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall may rewrite, remove or otherwise mask such identified occurrence or confidential information”); and track endpoint-generated TCP acknowledgement messages as they flow unmodified through the device (See at least ¶ [0141] and ¶ [0152], “acknowledgement packets sent to the sender, by the receiver”; See at least ¶ [0117],  ¶ [0145] and ¶ [0146], “the packet engine 240 may include a buffer (including input record, see Fig. 4D) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”; “The appliance 200 then generates an acknowledgement packet(ACK) and sends the ACK packet back to the client or sending endpoint”;  “the appliance 200 monitors acknowledgements generated by the receiving endpoint (to the sending entity), so that it can determine whether the packet has been successfully delivered or needs to be retransmitted”); wherein the inspecting, rewriting and control operations are performed in software executing in one or more hardware elements (See at least ¶ [0084] and ¶ [0117], “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall (software executing in hardware) may rewrite, remove or otherwise mask (modified) such identified occurrence or confidential information”; “the packet engine 240 may include a buffer (input record) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”). 
Although Pedersen teaches the substantial features of the claimed invention, Pedersen fails to expressly teach wherein control transmission of the rewritten data content; inspect without using a TCP stack in the device, and without requiring termination or re-origination of a connection between the pair of endpoints.
In analogous teaching, Ichino exemplifies this wherein Ichino teaches control transmission of the rewritten data content (See at least ABSTRACT, “The retransmission control unit transmits a TCP packet transmitted from the TCP/IP processing unit as a transmission packet to a destination, receives a TCP-ACK packet responding to the transmission packet from the destination, and forwards the received TCP ACK packet to the rate maintenance unit.. forward the TCP-ACK packet after the rewriting to the TCP/IP processing unit”).
Thus, given the teaching of Ichino, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Ichino, a method and system of retransmission control of TCP packets, into Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to receive and forward TCP data packets from one endpoint to another endpoint (See Ichino: ABSTRACT).
Although Pedersen and Ichino teach the substantial features of the claimed invention, Pedersen and Ichino fail to expressly teach wherein inspect without using a TCP stack in the device, and without requiring termination or re-origination of a connection between the pair of endpoints.
In analogous teaching, Srivastava exemplifies this wherein Srivastava teaches  wherein the set of operations are carried out without requiring a TCP stack in the device(See at least ¶ [0025], “the server load-balancing device, a TCP splicing approach is used to combine the original client connection and the server connection, to preclude the need to repeatedly walk and down the TCP stack as the mapping is evaluated (not requiring a TCP stack in the device of router(not client or server)), and without requiring termination or re-origination of a connection between the sending entity and the receiving entity (See at least ¶ [00025], ¶ [0027], “a TCP splicing approach is used to combine the original client connection and the new server connection, to preclude the need to repeatedly walk up and down the TCP stack”; “there is a need for an improved way to ensure that subsequent packets go to the same server without requiring termination of a TCP connection”).
Thus, giving the teaching of Srivastava, it would have been obvious to one of the ordinary skills person in the art to combine the teaching of Srivastava, a method or system for routing data from clients, into Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for a method of routing data from a client to a selected server. One of the ordinary skills in the art before the effective filing date of the claimed invention would have been motivated because it would have been advantageous to have the method to have packet flows rapidly routed from the same client to the same server without time-consuming hop-by-hop routing decisions or repeated load-balancing decisions (See Srivastava: ABSTRCT).

As to claim 16, Pedersen, Ichino and Srivastava teach the computer program product as described in claim 15. Pedersen further teaches wherein the program code configured to inspect the stream comprises: in response to determining that a portion of the stream is to be rewritten, the portion comprising one or more input data packets received from a sending endpoint entity, place, in an input record, the one or more input data packets comprising the portion, the one or more input data packets including a last input data packet (See at least Fig. 4D , ¶ [0032], and ¶ [0084],  “FIG.4D is a block diagram of a network stack illustrating presentation layer data flow through the stack for delivery via a transport layer(transport layer is here) connection”;  “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall may rewrite, remove or otherwise mask such identified occurrence or confidential information”); and return to the sending endpoint entity an acknowledgement for each input data packet received except for the last input data packet (See at least ¶ [0141] and ¶ [0152],” acknowledgement packets sent to the sender, by the receiver”; “the flow controller 220 does not preack the last packet of a group of packets. By not preacking (acknowledge) the last packet”).

As to claim 17, Pedersen, Ichino and Srivastava teach the computer program product as described in claim 16. Pedersen further teaches wherein the program code configured to selectively rewrite the stream comprises: generate, from the one or more input data packets in the input record, a modified portion of the stream, the modified portion being the rewritten data content and comprising one or more output data packets to be sent to a receiving endpoint entity (See at least Fig. 4D , ¶ [0032], and ¶ [0084],  “FIG.4D is a block diagram of a network stack illustrating presentation layer data flow through the stack for delivery via a transport layer(transport layer is here) connection”;  “the encoded portion of the network communication may include these occurrences or the confidential information, the application firewall may rewrite, remove or otherwise mask such identified occurrence or confidential information”); and place in an output record the one or more output data packet; and forward into the stream of TCP traffic to the receiving endpoint entity the one  or more output data packets in the output record (See at least  ¶ [0037],  ¶ [0084] and ¶ [0273], “TCP traffic carrying the storage and data payload, resulting in packet streaming architecture that allows packets to pass through”;  “The appliance may inspect or analyze any network communication” ; “the packet is transferred to the output network media interface block which transmits the data packet to the destination”).

As to claim 18, Pedersen, Ichino and Srivastava teach the computer program product as described in claim 17. Pedersen further teaches wherein track endpoint-generated TCP acknowledgement messages comprises: upon receipt of acknowledgements from the receiving endpoint entity for the output data packets comprising the modified portion in the output record, transmit to the sending endpoint entity an acknowledgement of the last input data packet of the one or more input data packets comprising portion (See at least ¶ [0117],  ¶ [0145] and ¶ [0146], “the packet engine 240 may include a buffer (including input record, see Fig. 4D) for queuing one or more network packets during processing, such as for receipt of a network packet or transmission of a network packet”; “The appliance 200 then generates an acknowledgement packet(ACK) and sends the ACK packet back to the client or sending endpoint”;  “the appliance 200 monitors acknowledgements generated by the receiving endpoint (to the sending entity), so that it can determine whether the packet has been successfully delivered or needs to be retransmitted)”).

Claims 5-7, 12-14 and 19-21 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen, in view of Ichino, and in view of Srivastava, and further in view of Jalan et al. (hereinafter referred to as Jalan) (U. S. Pub. No. 2014/0325588 A1).
As to claim 5, Pedersen, Ichino and Srivastava teach a method as described in claim 3. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein reassembling any out-of-order input data packets received from the sending endpoint entity prior to generating the modified portion of the stream.
In analogous teaching, Jalan exemplifies this wherein Jalan teaches wherein reassembling any out-of-order input data packets received from the sending endpoint entity prior to generating the modified portion of the stream (See at least ¶ [0023], “The sequence number may be used by the TCP stack to reassemble the data stream. The first sequence number set by a network device initiating the communication may be any value as decided by that originating network device”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

As to claim 6, Pedersen, Ichino and Srivastava teach a method as described in claim 3. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein further including: dropping any retransmit of the last input data packet that is received from the sending endpoint entity while any output data packet is not yet acknowledged by the received endpoint entity.
In analogous teaching, Jalan exemplifies this wherein Jalan teaches wherein further including: dropping any retransmit of the last input data packet that is received from the sending endpoint entity while any output data packet is not yet acknowledged by the received endpoint entity (See at least ¶ [0003], “if the client device is a trusted resource, receiving an acknowledgement (ACK) packet from the client device that includes identifying information for the client device plus an additional value, and identifying information for the network device, and establishing a connection with the network for the client device, otherwise dropping the SYN packet to deny network access to the client device”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

As to claim 7, Pedersen, Ichino and Srivastava teach a method as described in claim 6. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein including: re-forwarding to the receiving entity each output data packet that is not yet acknowledged by the receiving endpoint entity.
In analogous teaching, Jalan exemplifies this wherein Jalan teaches wherein including: re-forwarding to the receiving entity each output data packet that is not yet acknowledged by the receiving endpoint entity (See at least ¶ [0063], “if the client device has transmitted to the network device a number of ACK packets that include an incorrect SYN cookie, determining if client device has violated an allowable connection rate policy”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

As to claim 12, Pedersen, Ichino and Srivastava teach the apparatus in claim 8. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein reassemble any out-of-order input data packets received from the sending endpoint entity prior to generating the modified portion of the stream.
In analogous teaching, Jalan exemplifies this wherein Jalan teaches wherein reassemble any out-of-order input data packets received from the sending endpoint entity prior to generating the modified portion of the stream (See at least ¶ [0023], “The sequence number may be used by the TCP stack to reassemble the data stream. The first sequence number set by a network device initiating the communication may be any value as decided by that originating network device”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

As to claim 13, Pedersen, Ichino and Srivastava teach the apparatus in claim 8. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein configured to: drop any retransmit of the last input data packet that is received from the sending endpoint entity while any output data packet is not yet acknowledged by the received endpoint entity.
In analogous teaching, Jalan exemplifies this wherein Jalan teaches wherein further including: drop any retransmit of the last input data packet that is received from the sending endpoint entity while any output data packet is not yet acknowledged by the received endpoint entity (See at least ¶ [0003], “if the client device is a trusted resource, receiving an acknowledgement (ACK) packet from the client device that includes identifying information for the client device plus an additional value, and identifying information for the network device, and establishing a connection with the network for the client device, otherwise dropping the SYN packet to deny network access to the client device”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

As to claim 14, Pedersen, Ichino and Srivastava teach the apparatus in claim 13.. However. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein re-forward to the receiving entity each output data packet that is not yet acknowledged by the receiving endpoint entity.
In analogous teaching, Jalan exemplifies this wherein Jalan teaches wherein re-forward to the receiving entity each output data packet that is not yet acknowledged by the receiving endpoint entity (See at least ¶ [0063], “if the client device has transmitted to the network device a number of ACK packets that include an incorrect SYN cookie, determining if client device has violated an allowable connection rate policy”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

As to claim 19, Pedersen, Ichino and Srivastava teach the computer product as described in claim 17. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein configured to: reassemble any out-of-order input packets received from the sending endpoint entity prior to generating the muddied portion of the steam..
In analogous teaching, Jalan exemplifies this wherein Jalan teaches wherein further including: reassemble any out-of-order input packets received from the sending endpoint entity prior to generating the muddied portion of the steam (See at least ¶ [0003], “if the client device is a trusted resource, receiving an acknowledgement (ACK) packet from the client device that includes identifying information for the client device plus an additional value, and identifying information for the network device, and establishing a connection with the network for the client device, otherwise dropping the SYN packet to deny network access to the client device”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

As to claim 20, Pedersen, Ichino and Srivastava teach the apparatus in claim 8. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein configured to: drop any retransmit of the last input data packet that is received from the sending endpoint entity while any output data packet is not yet acknowledged by the received endpoint entity.
In analogous teaching, Jalan exemplifies this wherein Jalan teaches wherein further including: drop any retransmit of the last input data packet that is received from the sending endpoint entity while any output data packet is not yet acknowledged by the received endpoint entity (See at least ¶ [0003], “if the client device is a trusted resource, receiving an acknowledgement (ACK) packet from the client device that includes identifying information for the client device plus an additional value, and identifying information for the network device, and establishing a connection with the network for the client device, otherwise dropping the SYN packet to deny network access to the client device”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

As to claim 21, Pedersen, Ichino and Srivastava teach the computer program product as described in claim 20. However, Pedersen, Ichino and Srivastava fail to expressly teach wherein re-forward to the receiving entity each output data packet that is not yet acknowledged by the receiving endpoint entity.
In analogous teaching, Jalan exemplifies this wherein Jalan teaches drop any retransmit of the last input data packet that is received from the sending endpoint entity while any output data packet is not yet acknowledged by the receiving endpoint entity (See at least ¶ [0063], “if the client device has transmitted to the network device a number of ACK packets that include an incorrect SYN cookie, determining if client device has violated an allowable connection rate policy”).
Thus, given the teaching of Jalan, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to combine the teaching of Jalan, systems and methods for network access control, into Srivastava, a method or system for routing data from clients, and Ichino, a method and system of retransmission control of TCP packets, and Pedersen, systems and methods for allocation of classes of service to network connections, for method and system to transfer TCP traffic. One of the ordinary skill in the art would have been motivated because it would have been advantageous to have the method and system to identify information for the network device and establish a connection with the network for the client device (See Jalan: ABSTRACT).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN FAN whose telephone number is (571) 272-3345.  The examiner can normally be reached on Monday-Friday, 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on (571)270-3037.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




John Fan
/J.F/Examiner, Art Unit 2456     
10/02/2022

/UMAR CHEEMA/Supervisory Patent Examiner, Art Unit 2456