DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10/12/2022 has been entered.
 
Response to Arguments
In response to 35 USC 112(a), filed 10/12/2022, the 35 USC 112(a) the previous issues has been resolve, however there are new issues.

In response to indefiniteness rejection in the advisory action, filed 10/12/2022, the 35 USC 112(b) rejection is maintained as shown below.

In response to 35 USC 103, filed 10/12/2022, applicant argues that Deng fails to teach “wherein the signature library is a largest -scale signature library that contains all the signature rules and is stored in the cloud server”.
Deng teaches “wherein the signature library is a largest -scale signature library that contains all the signature rules and is stored in the cloud server”. Deng discloses “the latest signature rule set as most active threat signature rules and generates the most active threat signature rule identification list [0036]. The cloud server center may specifically include a receiving cluster server, a signature library publishing server, a statistic analysis server, a synchronous update and notification server, and a database [0045]. One security device runs a database application under Linux (operating system) [0041]. The latest signature feature library published by the signature library publishing server, to obtain a most active threat signature rule ID list, and sends update information of a security device to be updated to the synchronous update [0046][0064]” The latest signatory library is interpreted as the largest-scale signature rule library. The library is stored in the cloud server and contains list of signature rule (acting as contains all signature rule). It is further noted, below, where “the largest-scale signature rule library that contains all the signature rules” are indefinite.
Furthermore, accordingly to the applicant’s specification in paragraph 2 and 3. Applicant indicates that the largest-scale signature library is well known. This is applicant’s own admission of prior art. Assuming arguendo that under the broadest reasonable interpretation in view of the specification, that Deng would fail to teach what is defined in the specification, the differences would be obvious since the largest-scale signature library may be tailored, which would be taught by Deng.  

In response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., how to effectively save the storage space of the cloud server as well as effectively use the network device resources and give full play to the function of the network device, nor involves how to effectively avoid selection of a wrong signature sub-library to be loaded, let alone how to solve these problems) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).


In response to 35 USC 103, filed 10/12/2022, applicant argues that Tempel reference fails to teach “sending, by a network device, an upgrade request for a signature rule library to a cloud server, in a case that the network device is not correctly loaded the signature rule corresponding to a configuration of resources of the network device and thereby the network device does not meet requirements of functions that are undertaken by the network device”.
Tempel teaches “sending, by a network device, an upgrade request for a signature rule library to a cloud server, in a case that the network device is not correctly loaded the signature rule corresponding to a configuration of resources of the network device and thereby the network device does not meet requirements of functions that are undertaken by the network device”. Tempel discloses “the administrative server may have information to determine if new content is available to the autonomous agent and will only return configuration data to the agent if new data is available. The autonomous agent may periodically poll the administrative server to determine whether or not it has the latest information. If new information is retrieved, the agent will apply the new configuration [Col 4 lines 56-67]. verifying the signature on the updated agent policies 128 and list of agents 1016 [Col 17 lines 18-34]. The agent 1016 may send 1023 a request for updated agent policies 128 to the administrative server 1002.  The agent 1016 may be instructed to poll the administrative server 1002 for updated agent policies using configuration contained in the agent policies [Col 17 lines 45-59]. Updating the agent policies 128 may include applying the new managed node certificates 148, new configurations, etc., to the agent [Col 14 lines 31-33]”. As shown in the advisory action that if new data is available means that the current load is not the correct since it is out of date. Therefore, the information needs to be updated. The agent polls “triggers which interprets as asking” the server for the latest information, since the agent does not have the latest information. The agent updated the policies that includes new configuration. If the latest information is not the latest information then the device does not meet the requirement of functions, since the device information is not valid. Furthermore, the court noted that a "‘whereby clause in a method claim is not given weight when it simply expresses the intended result of a process step positively recited.’" Id. (quoting Minton v. Nat’l Ass’n of Securities Dealers, Inc., 336 F.3d 1373, 1381, 67 USPQ2d 1614, 1620 (Fed. Cir. 2003)).

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-2, 3-8, and 10-12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
The term “largest-scale signature rule library” in claims 1 and 7 is a relative term which renders the claim indefinite. The term “largest-scale” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. Unclear what makes the signature rule library the largest signature rule library. Another interpretation is if there is another library and out of all the library this is the largest one. The specification does not indicated what makes the signature rule library the largest signature rule library. Thus, one of ordinary skill in the art would not be able to draw a clear boundary between what is and is not covered by the claim. For the purpose of examination, examiner is interpreting as the latest signature rule library that is most updated, hence largest.
Furthermore, what are the metes and bounds of “contain all the signature rules”. The specification fails to show the meaning of the claim language “all”, since none are recited in the claim making it ambiguous as to what is referring to. The claim language can be infinite (e.g., 1, 10, 100, etc.), if the library just contains one signature rule, then that would be consider as “all”. The claims are therefore rendered indefinite.
Claims 2, 4-6, 8, 10-12  fall together accordingly as they do not cure the deficiencies of the independent claims. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Deng et al. (US 20150074756, hereinafter Deng) in view of U (US 20150281276), and in further view of Tempel et al. (US 9515877).

Re. claim 1, Deng discloses a method of loading a signature rule, comprising: receiving, by a network device (Deng discloses a security device [0011, 0017, 0019]), a signature rule library sent by a cloud server (the cloud server center may specifically include a receiving cluster server, a signature library publishing server [0045]), wherein the signature library is a largest -scale signature library that contains all the signature rules and is stored in the cloud server (Deng discloses the latest signature rule set as most active threat signature rules and generates the most active threat signature rule identification list [0036]. The cloud server center may specifically include a receiving cluster server, a signature library publishing server, a statistic analysis server, a synchronous update and notification server, and a database [0045]. One security device runs a database application under Linux (operating system) [0041]. The latest signature feature library published by the signature library publishing server, to obtain a most active threat signature rule ID list, and sends update information of a security device to be updated to the synchronous update [0046][0064]), each of which is associated with corresponding device type configuration information (security device is configured to send signature rule usage status information corresponding to itself to the cloud server and update a signature rule according to update information after receiving the update information sent by the cloud server [0019]. to obtain a most active threat signature rule identification list, and after generating update information according to the most active threat signature rule identification list, the cloud server sends the update information to each security device to update a signature rule [0020]. A latest signature feature library published by the signature library publishing server [0046]. When the cloud server determines that a security device with an incorrect configuration exists in the security devices, the cloud server generates update information corresponding to the security device with an incorrect configuration. One security device runs a database application under Linux (operating system), and the following configuration manners are all wrong. Signature rules of a database under Windows (operating system) are configured [0041]); 
and loading, by the network device, the signature rule associated with the device type configuration10 information (When the update information is the signature rule ID set list to be updated of the security device, the security device downloads a signature rule set corresponding to the signature rule ID set list from the cloud server and performs updating [0038]. Obtain a loaded signature rule list of each of the at least one security device according to the configuration data of each of the at least one security device, determine a security device with a signature rule to be updated by comparing the loaded signature rule list of each of the at least one security device with the most active threat signature rule identification list, generate update information corresponding to the security device with a signature rule to be updated [0057]).  
Although Deng discloses signature rules according to the configuration data and comparing it, Deng does not explicitly teach but U teaches the device type configuration information includes device type and device model (U teaches that each node contains type and model of device [0056]); 
for each of the signature rules, determining, by the network device, whether device type configuration information associated with the signature rule matches local device type configuration information of the network device (local policy compliance unit 162 may determine whether node 114B is in compliance with one or more of the retrieved security policies. cause node 114A to determine whether node 114B (a target endpoint device, in this example) complies with at least one security policy [0040] (determine if node B is compliance node A with security policies as interpreted as signature rule) Fig. 4A and Fig 4B); 
that matches the local device type configuration information of the network device (in the case that node 114A is compliant (Interpreted as matching) ("YES" branch of 212), security management device 116 may grant node 114A access to enterprise network 106 (216) [0058]).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng to include the device type configuration information includes device type and device model; for each of the signature rules, determining, by the network device, whether device type configuration information associated with the signature rule matches local device type configuration information of the network device; that matches the local device type configuration information of the network device as disclosed by U. One of ordinary skill in the art would have been motivated for the purpose of denying or approval access to the network, improves security (U [0004]).
Although Deng-U discloses updating the signature rule, Deng-U do not explicitly teach but Tempel teaches triggering a network device to send an upgrade request for a signature rule library to a cloud server, in a case that the network device is not correctly loaded the signature rule corresponding to a configuration of resources of the network device, thereby the network device does not meet requirement of functions that are undertaken by the network device (Tempel teaches the administrative server may have information to determine if new content is available to the autonomous agent and will only return configuration data to the agent if new data is available. The autonomous agent may periodically poll the administrative server to determine whether or not it has the latest information. If new information is retrieved, the agent will apply the new configuration [Col 4 lines 56-67]. verifying the signature on the updated agent policies 128 and list of agents 1016 [Col 17 lines 18-34]. The agent 1016 may send 1023 a request for updated agent policies 128 to the administrative server 1002.  The agent 1016 may be instructed to poll the administrative server 1002 for updated agent policies using configuration contained in the agent policies [Col 17 lines 45-59]. Updating the agent policies 128 may include applying the new managed node certificates 148, new configurations, etc., to the agent [Col 14 lines 31-33] Fig. 10, the agent polls “triggers which interprets as asking” the server for the latest information, since the agent does not have the latest information. The agent updated the policies that includes new configuration).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-u to include sending, by a network device, an upgrade request for a signature rule library to a cloud server, in a case that resources of the network device are sufficient currently, but signature rules that have been loaded in the network device currently do not meet requirements of functions that are undertaken by the network device currently as disclosed by Tempel. One of ordinary skill in the art would have been motivated for the purpose of making the configuration of the device more secured and efficient (Temple [Col 3 lines 50-61]).

Re. claim 7, Deng discloses a network device, comprising: receive a signature rule library sent by a cloud server (Deng discloses the cloud server center may specifically include a receiving cluster server, a signature library publishing server [0045]), wherein the signature library is a largest -scale signature library that contains all the signature rules and is stored in the cloud server (Deng discloses the latest signature rule set as most active threat signature rules and generates the most active threat signature rule identification list [0036]. The cloud server center may specifically include a receiving cluster server, a signature library publishing server, a statistic analysis server, a synchronous update and notification server, and a database [0045]. One security device runs a database application under Linux (operating system) [0041]. The latest signature feature library published by the signature library publishing server, to obtain a most active threat signature rule ID list, and sends update information of a security device to be updated to the synchronous update [0046][0064]), each of which is associated with corresponding device type configuration information (the security device is configured to send signature rule usage status information corresponding to itself to the cloud server and update a signature rule according to update information after receiving the update information sent by the cloud server [0019]. to obtain a most active threat signature rule identification list, and after generating update information according to the most active threat signature rule identification list, the cloud server sends the update information to each security device to update a signature rule [0020]. A latest signature feature library published by the signature library publishing server [0046]. When the cloud server determines that a security device with an incorrect configuration exists in the security devices, the cloud server generates update information corresponding to the security device with an incorrect configuration. One security device runs a database application under Linux (operating system), and the following configuration manners are all wrong. Signature rules of a database under Windows (operating system) are configured [0041]); 
and load the signature rule associated with the device type configuration information (the update information is the signature rule ID set list to be updated of the security device, the security device downloads a signature rule set corresponding to the signature rule ID set list from the cloud server and performs updating [0038]. Obtain a loaded signature rule list of each of the at least one security device according to the configuration data of each of the at least one security device, determine a security device with a signature rule to be updated by comparing the loaded signature rule list of each of the at least one security device with the most active threat signature rule identification list, generate update information corresponding to the security device with a signature rule to be updated [0057]). 
Although Deng discloses signature rules according to the configuration data and comparing it, Deng does not explicitly teach but U teaches a processor (U teaches one or more processors [0067]), wherein, by invoking and executing machine-executable instructions corresponding to a signature rule loading control logic stored on a machine-readable storage medium (one or more computer-readable storage media that store instructions corresponding to the software or firmware [0037]), the processor is caused to:10 the device type configuration information includes device type and device model (that each node contains type and model of device [0056]); for each of the signature rules, determining, by the network device, whether device type configuration information associated with the signature rule matches local device type configuration information of the network device (local policy compliance unit 162 may determine whether node 114B is in compliance with one or more of the retrieved security policies. cause node 114A to determine whether node 114B (a target endpoint device, in this example) complies with at least one security policy [0040] (determine if node B is compliance node A with security policies as interpreted as signature rule) Fig. 4A and Fig 4B); that matches the local device type configuration information of the network device (U teaches in the case that node 114A is compliant (Interpreted as matching) ("YES" branch of 212), security management device 116 may grant node 114A access to enterprise network 106 (216) [0058]).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng to include the device type configuration information includes device type and device model; for each of the signature rules, determining, by the network device, whether device type configuration information associated with the signature rule matches local device type configuration information of the network device; that matches the local device type configuration information of the network device as disclosed by U. One of ordinary skill in the art would have been motivated for the purpose of denying or approval access to the network, improves security (U [0004]).
Although Deng-U discloses updating the signature rule, Deng-U do not explicitly teach but Tempel teaches trigger a network device to send an upgrade request for a signature rule library to a cloud server, in a case that the network device is not correctly loaded the signature rule corresponding to a configuration of resources of the network device, thereby the network device does not meet requirement of functions that are undertaken by the network device (Tempel teaches the administrative server may have information to determine if new content is available to the autonomous agent and will only return configuration data to the agent if new data is available. The autonomous agent may periodically poll the administrative server to determine whether or not it has the latest information. If new information is retrieved, the agent will apply the new configuration [Col 4 lines 56-67]. verifying the signature on the updated agent policies 128 and list of agents 1016 [Col 17 lines 18-34]. The agent 1016 may send 1023 a request for updated agent policies 128 to the administrative server 1002.  The agent 1016 may be instructed to poll the administrative server 1002 for updated agent policies using configuration contained in the agent policies [Col 17 lines 45-59]. Updating the agent policies 128 may include applying the new managed node certificates 148, new configurations, etc., to the agent [Col 14 lines 31-33] Fig. 10, the agent polls “triggers which interprets as asking” the server for the latest information, since the agent does not have the latest information. The agent updated the policies that includes new configuration).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-u to include sending, by a network device, an upgrade request for a signature rule library to a cloud server, in a case that resources of the network device are sufficient currently, but signature rules that have been loaded in the network device currently do not meet requirements of functions that are undertaken by the network device currently as disclosed by Tempel. One of ordinary skill in the art would have been motivated for the purpose of making the configuration of the device more secured and efficient (Temple [Col 3 lines 50-61]).

Claims 2 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Deng et al. (US 20150074756, hereinafter Deng), U (US 20150281276), Tempel et al. (US 9515877), and in further view of Shin et al. (US 20150304344, hereinafter Shin).
Re. claim 2, Deng-U-Tempel teach the method according to claim 1, wherein receiving the signature rule library sent by the cloud server. Although Deng-U-Tempel discloses signature rule library, Deng-U-Tempel do not explicitly teach but Shin teaches comprises: receiving, by the network device, the signature rule library sent by the cloud server through a 15 Software Defined Network (SDN) controller (Shin teaches a policy and signature management module which manages creation, update and deletion of the real time blocking rules; an external interface module which provides an interface to send and receive policies of the real time blocking rules [0017]. The vIPS sends the created real time blocking rules to an SDN controller [0018]).  
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-U-Tempel to include receiving, by the network device, the signature rule library sent by the cloud server through a  Software Defined Network (SDN) controller as disclosed by Shin. One of ordinary skill in the art would have been motivated for the purpose of reducing the bottleneck of the cloud datacenter and efficiently construct and utilize the networks and to expand security of the virtual network system (Shin [0004& 0018]).

Re. claim 8, Deng-U-Tempel teach the device according to claim 7, wherein when receiving the signature rule library sent by the 20cloud server. Although Deng-U-Tempel discloses signature rule library, Deng-U-Tempel do not explicitly teach but Shin teaches the machine-executable instructions further cause the processor to: receive the signature rule library sent by the cloud server through a Software Defined Network (SDN) controller (Shin teaches a policy and signature management module which manages creation, update and deletion of the real time blocking rules; an external interface module which provides an interface to send and receive policies of the real time blocking rules [0017]. The vIPS sends the created real time blocking rules to an SDN controller [0018]).  
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-U-Tempel to include receiving, by the network device, the signature rule library sent by the cloud server through a  Software Defined Network (SDN) controller as disclosed by Shin. One of ordinary skill in the art would have been motivated for the purpose of reducing the bottleneck of the cloud datacenter and efficiently construct and utilize the networks and to expand security of the virtual network system (Shin [0004& 0018]).

Claims 4 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over  Deng et al. (US 20150074756, hereinafter Deng), U (US 20150281276), Tempel et al. (US 9515877), and in further view of Robitaille et al. (US 20140025790, hereinafter Robitaille).

Re. claim 4, Deng-U-Tempel teach the method according to claim 1. Yet, Deng-U-Tempel do not explicitly disclose but Robitaille discloses wherein the device type configuration information is recorded in a format of Type-Length-Value (TLV) (Robitaille teaches the content of the Advertisement message 311 includes information about the detected or discovered device 302: port identifier, device name, device description, IP address of the device (if known), serial number, firmware/software revision, base MAC address, configuration status, platform identifier, slot identifier, module information, and so on. The information may be encoded using the popular Type-Length-Value (TLV) format [0034]).  
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-U-Tempel to include wherein the device type configuration information is recorded in a format of Type-Length-Value (TLV) as disclosed by Robitaille. One of ordinary skill in the art would have been motivated for the purpose of having information of interest and in order to encode the information with TLV format, which improves security by having information being encoded (Robitaille [0034]).

Re. claim 10, Deng-U-Tempel teach the device according to claim 7. Yet, Deng-U-Tempel do not explicitly teach but Robitaille teaches wherein the device type configuration information is recorded 30 in a format of Type-Length-Value (TLV) (Robitaille teaches the content of the Advertisement message 311 includes information about the detected or discovered device 302: port identifier, device name, device description, IP address of the device (if known), serial number, firmware/software revision, base MAC address, configuration status, platform identifier, slot identifier, module information, and so on. The information may be encoded using the popular Type-Length-Value (TLV) format [0034]).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-U-Tempel to include wherein the device type configuration information is recorded in a format of Type-Length-Value (TLV) as disclosed by Robitaille. One of ordinary skill in the art would have been motivated for the purpose of having information of interest and in order to encode the information with TLV format, which improves security by having information being encoded (Robitaille [0034]).

Claims 5 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over  Deng et al. (US 20150074756, hereinafter Deng), U (US 20150281276), Tempel et al. (US 9515877), and in further view of Robinson et al. (US 20080005285, hereinafter Robinson).

Re. claim 5, Deng-U-Tempel teach the method according to claim 1. Although Deng-U-Tempel discloses loading an updated signature rule with a change of configuration and a version number, Deng-U-Tempel do not explicitly teach but Robinson teaches wherein loading the signature rule comprises: 25determining, by the network device, whether a version number of the signature rule is higher than that of a signature rule loaded by the network device, and loading, by the network device, the signature rule when the version number of the signature rule is higher than that of the signature rule loaded by the network device (Robinson teaches a policy can require that the program is up to date, such as by date of installation or version number [0036]. A configuration may be a known directory path where the antivirus program is generally installed. A configuration may be a location of where the process is executing. Accordingly, the policy key 210 can search for the path of the program to determine if the program is installed and a date of the installation. The policy key 210 can also identify a version number of the program during the scanning for ensuring an up-to-date compliance. [0046]). 30  
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-U-Tempel to include wherein loading the signature rule comprises: determining, by the network device, whether a version number of the signature rule is higher than that of a signature rule loaded by the network device, and loading, by the network device, the signature rule when the version number of the signature rule is higher than that of the signature rule loaded by the network device as disclosed by Robitaille. One of ordinary skill in the art would have been motivated for the purpose of ensuring that the policy is updated based on the newer version number, which leads to critical security policies being enforced (Robinson [0036]).

Re. claim 11, Deng-U-Tempel teach the device according to claim 7. Although Deng-U-Tempel discloses loading an updated signature rule with a change of configuration and a version number, Deng-U-Tempel do not explicitly teach but Robinson teaches wherein when loading the signature rule to the network device, the machine-executable instructions further cause the processor to: determine whether a version number of the signature rule is higher than that of a signature rule 5loaded by the network device, and
    PNG
    media_image1.png
    7
    3
    media_image1.png
    Greyscale
load the signature rule to the network device when the version number of the signature rule is higher than that of the signature rule loaded by the network device (Robinson teaches a policy can require that the program is up to date, such as by date of installation or version number [0036]. A configuration may be a known directory path where the antivirus program is generally installed. A configuration may be a location of where the process is executing. Accordingly, the policy key 210 can search for the path of the program to determine if the program is installed and a date of the installation. The policy key 210 can also identify a version number of the program during the scanning for ensuring an up-to-date compliance. [0046]).  
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-U-Tempel to include wherein loading the signature rule comprises: determining, by the network device, whether a version number of the signature rule is higher than that of a signature rule loaded by the network device, and loading, by the network device, the signature rule when the version number of the signature rule is higher than that of the signature rule loaded by the network device as disclosed by Robitaille. One of ordinary skill in the art would have been motivated for the purpose of ensuring that the policy is updated based on the newer version number, which leads to critical security policies being enforced (Robinson [0036]).

Claims 6 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over  Deng et al. (US 20150074756, hereinafter Deng), U (US 20150281276), Tempel et al. (US 9515877), and in further view of Schultz et al. (US 20170063927, hereinafter Schultz).

Re. claim 6, Deng-U-Tempel teach the method according to claim 1. Although Deng-U-Tempel discloses that only the needed information is extract, Deng-U-Tempel do not explicitly teach but Shultz teaches further comprising:73025599.113 PP186153USdiscarding, by the network device, the signature rule associated with the device type configuration information that does not match the local device type configuration information of the network device (Schultz teaches matching the device identifier information included therein with the active security policy 118, and either allowing or denying the packet to be forwarded to the application function block (such as where the active security policy is enforced by the network function block 112) or accepting or discarding the packets (such as where the active security policy 118 is enforced by the application function block 114) (this is interpreted as accepting when it is matching and discarding when it is does not match[0041]). 5  
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-U-Tempel to include discarding, by the network device, the signature rule associated with the device type configuration information that does not match the local device type configuration information of the network device as disclosed by Robitaille. One of ordinary skill in the art would have been motivated for the purpose of discarding packets to go forward, improves security by the packets are permitted to pass as long as they conform to the active security policy (Schultz [0036 and 0042]).

Re. claim 12, Deng-U-Tempel teach the device according to claim 7. Although Deng-U-Tempel discloses that only the needed information is extract, Deng-U-Tempel do not explicitly teach but Shultz teaches wherein the machine-executable instructions further cause the 10 processor to: discard the signature rule associated with the device type configuration information that does not match the local device type configuration information of the network device (Schultz teaches matching the device identifier information included therein with the active security policy 118, and either allowing or denying the packet to be forwarded to the application function block (such as where the active security policy is enforced by the network function block 112) or accepting or discarding the packets (such as where the active security policy 118 is enforced by the application function block 114) [0041]).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to modify the method disclosed by Deng-U-Tempel to include discarding, by the network device, the signature rule associated with the device type configuration information that does not match the local device type configuration information of the network device as disclosed by Robitaille. One of ordinary skill in the art would have been motivated for the purpose of discarding packets to go forward, improves security by the packets are permitted to pass as long as they conform to the active security policy (Schultz [0036 and 0042]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Oh (US 20100037317) discloses the external module method call, which may include various data, is compared to the signature rules that are correlated to an attack attempt. If there is a match, then a resulting action part defined in the signature rule is evaluated. Otherwise, the external module is invoked. Latest signature rules can be downloaded.
Burgett (US 9665535) discloses update the configuration parameters if configuration server 160 determines that such configuration parameters do not match the configuration parameters stored (e.g., if the configuration parameters on the device are not current or up to date).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KEVIN A AYALA whose telephone number is (571)270-3912. The examiner can normally be reached Monday-Thursday 8AM-5PM; Friday: Variable EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/K.A./Examiner, Art Unit 2496                                                                                                                                                                                         
/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496