Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 1 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the limitation “the cloud security device" in line 13.  There is insufficient antecedent basis for this limitation in the claim.

Claim Objections
Claims 6 and 18 are objected to because of the following informalities:  Missing punctuation.  Appropriate correction is required.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over NI (US Patent Pub. 2017/0264553) in view of Jain (US Patent Pub.2019/0349404).


As per claims 1, 14 and 20: Ni discloses a method of reducing latency in a cloud security service, comprising (See Abstract): 
receiving, in a network security device, a new network connection request from a local network device to a remote network device (Paragraph 15; when the mobile context of the user equipment is migrated from an original target network element to a new target network element); 
determining whether at least one locally cached rule applies to the new network connection request (Paragraph 15; where the processing rule received by the forwarder is determined by the controller according to a route between the forwarder and the new target network element); 
sending data related to the new network connection request from the network security device to the cloud security device and receiving data related to the security of the new network connection request from the cloud security device (Paragraph 15, 128; The processing rule received by the forwarder is determined by the controller according to a route between the forwarder and the new target network element, and the new target network element is a network element to which the mobile context of the user equipment belongs after the mobile context of the user equipment is migrated); and 
selectively forwarding the response received from the remote server from the network security device to the local network device based at least in part on the received data related to the security of the request for the new network connection (Paragraph 15, 128).
NI does not specifically disclose if a locally cached rule applies to the network connection request, selectively approving the network connection request based on the rule; and if a locally cached rule does not apply to the network connection request, forwarding the new network connection request to the remote network device and receiving a response from the remote device in the network security device.
Jain discloses if a temporarily or permanently cached rule applies, the agent handles the connection in accordance with the cached rule, such as by allowing or blocking the connection. If no entry applies, however, the network segmentation agent 113 sends the metadata to the network segmentation controller 114, e.g., running on a P/PoP 121, in a connection escalation request to see if the controller 114 approves of the new connection based on an applicable rule or policy, such as one cached in a caching-layer 125, while the network segmentation agent 113 holds the connection request, pending a response from the controller 114 (Paragraph 55).
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, having the teachings of Ni and Jain in it’s entirety, to modify the technique of Ni for where the processing rule received by the forwarder is determined by the controller according to a route between the forwarder and the new target network element by adopting Jain's teaching for the agent handles the connection in accordance with the cached rule, such as by allowing or blocking the connection. The motivation would have been to improve cloud-assisted security.
As per claim 2 and 15: The method of reducing latency in a cloud security service of claim 1, further comprising selectively storing a locally cached rule on the cloud security device based at least in part on the received data related to the security of the new network connection request from the cloud security device (See NI; Paragraph 15, 128; a processing rule that is locally saved by the forwarder and that is related to the mobile context of the user equipment).
As per claim 3 and 16: The method of reducing latency in a cloud security service of claim 2, wherein the received data related to the security of the new network connection request from the cloud security device comprises information related to whether to allow storing a decision regarding allowing the new network connection request as a locally cached rule (See Jain; Paragraph 55; if a temporarily or permanently cached rule applies, the agent handles the connection in accordance with the cached rule, such as by allowing or blocking the connection. If no entry applies, however, the network segmentation agent 113 sends the metadata to the network segmentation controller 114, e.g., running on a P/PoP 121, in a connection escalation request to see if the controller 114 approves of the new connection based on an applicable rule or policy). 
As per claim 4 and 16: The method of reducing latency in a cloud security service of claim 2, wherein the locally cached rule applies to future events meeting similarity criteria relative to the new network connection request (See NI; Paragraph 129; The forwarder obtains, according to the rule matching information, a processing rule corresponding to the rule matching information, where the processing rule includes rule description information and forwarding routing information, the processing rule corresponding to the rule matching information is a processing rule whose rule description information matches the rule matching information).
As per claim 5 and 16: The method of reducing latency in a cloud security service of claim 4, wherein similarity criteria comprise at least one of server identity, IP address, root domain, port number, protocol, and packet content (See NI; Paragraph 4).
As per claim 6 and 17: The method of reducing latency in a cloud security service of claim 1, wherein the local cache comprises rules related to one or more network destinations based on commonly visited across a group of users (See NI; Paragraph 130-131; finding, by the forwarder from processing rules saved by the forwarder and according to the rule matching information)
As per claim 7 and 17: The method of reducing latency in a cloud security service of claim 1, wherein the local cache comprises rules related to one or more network destinations commonly visited on one or more local machines (Paragraph 15; where the processing rule received by the forwarder is determined by the controller according to a route between the forwarder and the new target network element).
As per claims 8 and 18: The method of reducing latency in a cloud security service of claim 1, further comprising extracting low-level characteristics of the new network connection in the network security device and sending the extracted low-level characteristics as data related to the request for the new network connection to the cloud security service, wherein the low-level characteristics comprise at least one of remote server IP address, port number, protocol, and packet content (See Ni; Paragraph 83; the identifier of the user equipment and an identifier of the new target network element).
As per claims 9 and 19: The method of reducing latency in a cloud security service of claim 1, further comprising maintaining a persistent connection between network security device and the cloud security device such that a new connection need not be established for the sending data related to the request for the new network connection from the network security device to the cloud security device (See Jain; Paragraph 55; if a temporarily or permanently cached rule applies, the agent handles the connection in accordance with the cached rule, such as by allowing or blocking the connection. If no entry applies, however, the network segmentation agent 113 sends the metadata to the network segmentation controller 114, e.g., running on a P/PoP 121, in a connection escalation request to see if the controller 114 approves of the new connection based on an applicable rule or policy).
As per claim 10: The method of reducing latency in a cloud security service of claim 1, further comprising searching for a cloud security device having the fastest connection to the network security device, and changing from a current cloud security device to a new cloud security device if the new cloud security device connection is faster than the connection to the current cloud security device by a threshold amount (See Jain; Paragraph 55; if a temporarily or permanently cached rule applies, the agent handles the connection in accordance with the cached rule, such as by allowing or blocking the connection. If no entry applies, however, the network segmentation agent 113 sends the metadata to the network segmentation controller 114, e.g., running on a P/PoP 121, in a connection escalation request to see if the controller 114 approves of the new connection based on an applicable rule or policy).
As per claim 11: The method of reducing latency in a cloud security service of claim 1, wherein the network security device comprises a router, a firewall, or a special-purpose network security device (See Ni; Paragraph 166; In the NDN network, forwarding between network elements is implemented in an NDN manner, and a forwarder is an NDN router).
As per claim 12: The method of reducing latency in a cloud security service of claim 1, wherein selectively forwarding comprises receiving a determination of whether to allow the connection from the cloud security server and selectively forwarding based at least in part on the received determination (See Jain; Paragraph 55; if a temporarily or permanently cached rule applies, the agent handles the connection in accordance with the cached rule, such as by allowing or blocking the connection).
As per claim 13: The method of reducing latency in a cloud security service of claim 1, wherein selectively forwarding comprises determining in the network security device whether to allow the connection, based at least in part on the received data related to the security of the request for the new network connection (See Jain; Paragraph 55; if a temporarily or permanently cached rule applies, the agent handles the connection in accordance with the cached rule, such as by allowing or blocking the connection).


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANTHONY D BROWN whose telephone number is (571)270-1472. The examiner can normally be reached 730-330pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 571-272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ANTHONY D BROWN/Primary Examiner, Art Unit 2433