DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 21 January 2022 has been considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1, 7-8, 10, 13 15 and 18 are rejected on the ground of nonstatutory double patenting as being unpatentable over clams 1-20 of U.S. Patent No. 11,245,697 in view of U.S. Patent Application Publication No. 2017/0134087 by Law et al. 
As to claims 1 and 8, the ‘697 Patent discloses a method/device, comprising (Claim 1: A method, comprising): 
identifying, by a network device, an application identifier of a first network packet associated with a packet flow, wherein the application identifier identifies an application on a user device (Clam 1: receiving, by a network device and from an application on a user device, a first network packet associated with a packet flow; identifying, by the network device, an application identifier of the first network packet, wherein the application identifier identifies the application on the user device); 
selecting, by the network device and based on the application identifier and a second factor a security protocol, wherein the security protocol associated with at least one of an authentication header (AH) or an encryption algorithm (Claim 1: selecting, by the network device and based on the application identifier and the one or more characteristics, a security protocol, wherein the security protocol is associated with at least one of an authentication header (AH) or an encryption algorithm); 
selectively applying, by the network device and to a second network packet associated with the packet flow, at least one of the AH or the encryption algorithm associated with the security protocol, to generate a protected network packet (Claim 1: selectively applying, by the network device and to a second network packet associated with the packet flow, at least one of the AH or the encryption algorithm, associated with the security protocol, to generate a protected network packet); and 
transmitting, by the network device, the protected network packet (Clam 1: and transmitting, by the network device, the protected network packet). 
The ‘697 Patent does not expressly disclose, selecting, by the network device and based on the application identifier and a priority level of the application, a security protocol
Law discloses the selection of a communication and security protocol based on a priority level (Law: Page 7, Sec 183).
The ‘697 Patent and Law are analogous art because they are from the common area of protecting network traffic.
It would have been obvious, at or before the effective filing date of the instant application, to use the priority level of Law in the system of the ‘697 Patent. The rationale would have been that the ‘697 Patent already discloses the use of one or more characteristics to aid in the determining of the security protocol, and Law discloses using the priority level in this way.
As to claim 7, the modified ‘697 Patent/Law reference further discloses wherein applying the security protocol to generate the protected network packet comprises: inserting at least one of an encapsulating security payload header or a user datagram protocol header into the second network packet (Claim 4: The method of claim 1, wherein applying the security protocol to generate the protected network packet comprises: inserting at least one of an encapsulating security payload header, the AH, or a user datagram protocol header into the second network packet). 
As to claim 10, the modified ‘697 Patent/Law reference further discloses wherein the one or more processors, to select the security protocol, are to: select the security protocol based on whether the application includes inherent encryption (Claim 1: selecting, by the network device and based on the application identifier and the one or more characteristics; wherein the one or more characteristics indicate at least whether the application inherently uses encryption).
As to claim 13, the modified ‘697 Patent/Law reference further discloses wherein the one or more processors, to select the security protocol, are to: insert at least one of an encapsulating security payload header or a user datagram protocol header into the second network packet (Claim 4: The method of claim 1, wherein applying the security protocol to generate the protected network packet comprises: inserting at least one of an encapsulating security payload header, the AH, or a user datagram protocol header into the second network packet).  
Claim 15 recites a non-transitory computer readable medium similar in scope to claim 1 and rejected under a substantially similar rational over claim 14 of the ‘697 Patent in view of Law.
As to claim 18, the modified ‘697 Patent/Law reference further discloses wherein the one or more instructions, that cause the one or more processors to select the security protocol, cause the one or more processors to: select the security protocol based on the application identifier and at least one of a differentiated services code point of the first network packet, layer 3 information of the first network packet, or layer 4 information of the first network packet (Claim 18: The non-transitory computer-readable medium of claim 14, wherein the one or more instructions, that cause the one or more processors to select the security protocol, cause the one or more processors to: select the security protocol based on the application identifier and at least one of a differentiated services code point of the first network packet, layer 3 information of the first network packet, or layer 4 information of the first network packet).  
Claim 2 is rejected on the ground of nonstatutory double patenting as being unpatentable over clams 1-20 of U.S. Patent No. 11,245,697 in view of U.S. Patent Application Publication No. 2017/0134087 by Law et al. further in view of U.S. Patent No. 6,141,686 to Jackowski et al.
As to claim 2, the modified ‘697 Patent/Law reference discloses all recited elements of claim 1 from which claim 2 depends.  
The modified reference does not expressly disclose wherein the priority level of the application is high priority when the application is business critical and a low priority when the application is not business critical.
Jackowski discloses wherein the priority level of the application is high priority when the application is business critical and a low priority when the application is not business critical (Jackowski: Col 1, Lines 39-55).
The modified reference and Jackowski are analogous art because they are from the common area of protecting network traffic.
It would have been obvious, at or before the effective filing date of the instant application, to use the priority level assignment of Jackowski in the system of the modified reference. The rationale would have been to give precedence to data traffic of greater importance (Jackowski: Col 1, Lines 39-55).
Claims 14 and 19 are rejected on the ground of nonstatutory double patenting as being unpatentable over clams 1-20 of U.S. Patent No. 11,245,697 in view of U.S. Patent Application Publication No. 2017/0134087 by Law et al. further in view of U.S. Patent Application Publication No. 2014/0169192 by Zhang et al.
As to claims 14 and 19, the modified ‘697 Patent/Law reference discloses all recited elements of claims 8 and 15 from which claims 14 and 19 respectively depend.  
The modified reference does not expressly disclose wherein the one or more processors, to identify the application identifier associated with the first network packet, cause the one or more processors to: use deep packet inspection to identify the application identifier for the application.
Zhang discloses wherein the one or more processors, to identify the application identifier associated with the first network packet, cause the one or more processors to: use deep packet inspection to identify the application identifier for the application (Zhang: Page 3, Sec 38).  
The modified reference and Zhang are analogous art because they are from the common area of protecting network traffic.
It would have been obvious, at or before the effective filing date of the instant application, to use the deep packet inspection of Zhang in the system of the modified reference. The rationale would have been to have a means to identify the source of the packet (Zhang: Page 3, Sec 38).  
Allowable Subject Matter
Claims 3-6, 9. 11-12, 16-17 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL S MCNALLY whose telephone number is (571)270-1599.  The examiner can normally be reached on Monday-Friday, 8:30 AM - 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469)295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


MICHAEL S. MCNALLY
Primary Examiner
Art Unit 2432



/Michael S McNally/Primary Examiner, Art Unit 2432