Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This office action is in response to the application filed on or reply to the remarks of  3/4/2021. The instant application has claims 1-20 pending. The system and method for creating an isolated network with devices that can communicate with other network based on rules . There a total of 20 claims.

Allowable Subject Matter

The examiner recommends adding limitations regarding an category based on rules see Spec Par. 0056. And further also adding features regarding the updating the rules library for category and rules see Spec. Par. 0052.  And further adding the machine learning for categories of devices see Spec. Par. 0048. The examiner recommends adding all three features into independent claims to overcome prior art and move to allowance.

Drawings
The drawing filed on 3/4/2021 has been accepted and in compliance of 37 CFR 1.83 & 37 CFR 1.84.
Specification
The disclosure filed on 3/4/2021  is accepted.

Claim Objections
Claim 4 is objected to because of the following informalities:  the claim depends on itself. Appropriate correction is required.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20  provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of copending Application No. 17/192541 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims are an broader version of claims of ‘541 application i.e. Claim 1 of ‘541 application = Claim 1 of instant application + Claim 3 of instant application + Claim 4 of instant application + Claim 9 of instant application.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.

US App # 17192534
US App # 17192541
Comments
1. A method, comprising: receive, by a networking device, a request from a first computing device, to connect to the networking device; creating a first network, wherein: the first network is one of a set of networks of the networking device; the first computing device is one of a set of computing devices that are connected to the network device; each network of the set of networks is initially isolated from other networks of the set of networks when the network is created; and each network of the set of networks comprises a respective computing device of the set of computing devices; and assigning the first computing device to the first network.

3. The method of claim 1, further comprising: sending a registration message to device management service when the first network is created, wherein the registration message indicates that the first computing device is connected to the network device.

4. The method of claim 4, wherein the registration message further comprises device information, wherein a device management service categorizes the first computing device based on the device information.

9. The method of claim 7, wherein the set of rules indicate permissions for communicating network traffic between the first computing device and other computing devices of the set of computing devices.
1. A method, comprising: receiving a registration message from a network device, wherein the registration request indicates that a first computing device has connected to the computing devices; determining a category for the first computing device based on the registration message; determining a set of rules for the computing device based on the category; and transmitting the set of rules to the network device, wherein: the set of rules indicates permissions for the first computing device; the first computing device is one of a set of computing devices that are connected to the network device; the first network is one of a set of networks of the networking device; each network of the set of networks is initially isolated from other networks of the set of networks when the network is created; and each network of the set of networks comprises a respective computing device of the set of computing devices.
The US Patent App (US 17192541) anticipates claims (1-20) of instant application, because the reference patent application claims (1-20, genus) teaches all the elements/features of the examined claim (a-b, sub-genus, e.g. has less of the same limitations than the patent). Claims of instant application are effectively a subset of the claims in the reference patent application. Thus, the entire scope of the patent reference claim falls within the scope of the examined claim. Therefore, a patent to the instant applicant would improperly extend the right to exclude granted by a patent to the sub-genus should it issue after the genus (conflicting patent).



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under pre-AIA  35 U.S.C. 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over CN 103902884 to Wang in view of US Patent Pub 2016/0323245 to Shieh.

Regarding claim 1,  11, 18, A method, comprising: receive, by a networking device, a request from a first computing device, to connect to the networking device(Abstract & § Summary of Invention); creating a first network, wherein: the first network is one of a set of networks of the networking device(Page 2 Summary of The  Invention & Page 3 Paragraph starting “ The network isolation …”, the one privileged domain and more than one non-privileged domain); the first computing device is one of a set of computing devices that are connected to the network device(Page 2 Summary of The  Invention & Page 4 Paragraph starting “ At present, the access control…”, the virtual machine is authenticates and applies policies for user machines); and each network of the set of networks comprises a respective computing device of the set of computing devices(Page 2 Summary of The  Invention & Page 3 Paragraph starting “The data review module..”, the network isolation for data exchange); and assigning the first computing device to the first network(Page 2 Summary of The  Invention & Page 4 Paragraph starting “Fig. 3 shows…, the data tagging and labeling the domains and machines).

But Wang does not disclose each network of the set of networks is initially isolated from other networks of the set of networks when the network is created. In the same field of endeavor as the claimed invention, Shieh discloses each network of the set of networks is initially isolated from other networks of the set of networks when the network is created(Fig. 11, the virtual machine are assigned privilege level).

It would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify  Wang  invention to incorporate each network of the set of networks is initially isolated from other networks of the set of networks when the network is created for the advantage of  provide an privilege and forwarding rules as taught in Shieh see Par. 0025.
.  

Regarding claim 2, 12, 19, the combined method/system/medium of Wang and Shieh, Wang discloses   The method of claim 1, wherein each network of the set of networks comprises only a single computing device(Page 2 Summary of The  Invention & Page 3 Paragraph starting “The network isolation module…, the virtual machine and network with user devices).  

Regarding claim 3, 13,  the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 1, further comprising: sending a registration message to device management service when the first network is created, wherein the registration message indicates that the first computing device is connected to the network device.  

Regarding claim 4, 14,  the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 4, wherein the registration message further comprises device information, wherein a device management service categorizes the first computing device based on the device information(Par. 0027, the network access devices are categorized).  

Regarding claim 5, 15,  the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 4, further comprising: receiving a response message from the device management service, wherein the response message indicates whether the first computing device is allowed to connect to the network device(Par. 0028-0029, the flow table and rules governing the flow).  

Regarding claim 6, the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 5 further comprising: removing the first network and disconnecting from the first response when the response message indicates that the first computing device is not allowed to connect to the network device(Par. 0023, the network access devices that are permitted to access).

Regarding claim 7. the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 1, further comprising: receiving a set of rules associated with the first computing device, wherein the set of rules indicates permissions for the first computing device (Par. 0028, the rules governing the routing); and communicating network traffic to and from the first computing device based on the set of rules(Par. 0028, the rules governing the routing).  

Regarding claim 8. the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 7, wherein the set of rules indicate permissions for communicating network traffic between the first computing device and external devices (Par. 0028, the rules governing the routing)..  

Regarding claim 9. the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 7, wherein the set of rules indicate permissions for communicating network traffic between the first computing device and other computing devices of the set of computing devices (Par. 0028, the rules governing the routing)..  

Regarding claim 10, the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 7, further comprising: receiving an updated set of rules, wherein the set of rules indicate updated permissions for the first computing device; and communicating network traffic with one or more of external devices and between the set of computing devices based on the updated set of rules( Fig. 2 item 273 Update flow table & 274 Update flow table).

Regarding claim 16. the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 11, further comprising: updating a device inventory to indicate that the first computing device is connected to the network device, wherein the device inventory indicates which computing devices are connected to which network devices(Par. 0032, the virtual machine identity is used for connecting).

Regarding claim 17. the combined method/system/medium of Wang and Shieh, Shieh discloses  The method of claim 16, further comprising: receiving a deregistration message from the network device, wherein the deregistration message indicates that the first computing devices is not connected to the network device (Fig. 2 item 273 Update flow table & 274 Update flow table); and updating the device inventory to indicate that the first computing device is not connected to the network device( Fig. 2 item 273 Update flow table & 274 Update flow table).

	Conclusion	

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

US Patent 104848297 to McClenahan which discloses the isolated virtual network.

US Patent Pub 2020/0092138 to Tillotson which discloses the virtual traffic hub.

Topology Discovery in Software Deﬁned Networks: Threats, Taxonomy, and State-of-the-Art to Khan which discloses the SDN infrastructure for routing.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool, i.e. Microsoft Teams. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at https://www.uspto.gov/interviewpractice.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Venkat Perungavoor whose telephone number is (571)272-7213.  The examiner can normally be reached on Monday-Friday, 9:00 AM- 5:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on 571-272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/VENKAT PERUNGAVOOR/Primary Examiner, Art Unit 2492                                                                                                                                                                                                        Email: venkatanarayan.perungavoor@uspto.gov