DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-33 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Wang et al. (US 2017/0250951).
Consider claim 1, Wang et al. discloses a system for protecting an enterprise network that is remote from the system, the system comprising: one or more processors; a non-transient computer readable medium having stored therein instructions executable by the one or more processors to: control at least one of: (a) communications to and from the enterprise network according to a set of security policies, and (b) endpoint to endpoint connections within the enterprise network according to the set of security policies; receive a request for modifications to one or more policies of the set of security policies; automatically generate a policy digest formatted according to a predefined format, the policy digest comprising the modifications; generate, based upon the policy digest, one or more calls to one or more components within the enterprise network that control at least one of: (a) the communications to and from the enterprise network, and (b) the endpoint to endpoint connections within the enterprise network; and modify control, based on the one or more calls, of at least one of: (a) the communications to and from the enterprise network, and (b) the endpoint to endpoint connections within the enterprise network (fig. 1, [0003], [0012], [0016], [0020], [0022], [0024] and [0034], Wang et al. discloses an enterprise network that utilizes an automatically configurable firewall settings/policy that is maintained and can be updated/modified for facilitating secure communication across the network.).
Consider claim 2, Wang et al. discloses the system of claim 1, wherein the request for modifications is based on selections made by a user via a user interface ([0022]).
Consider claim 3, Wang et al. discloses the system of claim 1, wherein the communications for the enterprise network are routed through one or more perimeter points of presence and the one or more calls are one or more calls for modification of a security stack implemented by the one or more perimeter points of presence (fig. 1, [0003], [0012], [0016], [0020], [0022], [0024] and [0034], A point of presence is an access point or location at which two or more networks/communication devices share a connection. The dynamic firewall controller, firewalls, dynamic scheduler, external APIs are considered locations where two or more networks share a connection and updates/changes to firewall policy happen using these devices.).
Consider claim 4, Wang et al. discloses the system of claim 1, wherein the policy digest comprises one or more of an inbound network traffic policy modification, an outbound network traffic policy modification, and an internal network traffic policy modification (fig. 1, [0003], [0012], [0016], [0020], [0022], [0024] and [0034], firewall policies filter network traffic.).
Consider claim 5, Wang et al. discloses the system of claim 1, wherein the policy digest is retrieved according to a predefined schedule (Fig. 1, [0019]).
Consider claim 6, Wang et al. discloses the system of claim 5, wherein the policy digest is retrieved by a daemon service that generates the one or more calls to the one or more system components (fig. 1, [0003], [0012], [0016], [0020], [0022], [0024] and [0034], firewall processes execute the firewall policies.).
Consider claim 7, Wang et al. discloses the system of claim 6, wherein the policy digest is stored in a memory location for a portal process and the daemon service initiates a connection to the portal process for retrieving the policy digest ([0015]-[0016]).
Consider claim 8, Wang et al. discloses the system of claim 7, wherein the portal process is prevented from initiating a connection with the daemon service ([0003], [0012], [0026], communication can be prevented based on firewall protections rejecting communication or the need to verify/validate firewall configurations.).
Consider claim 9, Wang et al. discloses the system of claim 1, wherein prior to generating one or more calls to one or more system components, the policy digest is checked for adherence to the predefined format ([0026], verification of firewall configurations are performed.).
Consider claim 10, Wang et al. discloses the system of claim 1, wherein controlling endpoint to endpoint connections comprises receiving connection escalation requests from endpoint agents and replying to the connection escalation requests with responses that comprise actions for handling connections that are based on the set of policies (fig. 1, [0003], [0012], [0016], [0020], [0022], [0024] and [0034], connections are handled based on firewall policies.).
Consider claim 11, Wang et al. discloses the system of claim 10, wherein a connection escalation request comprises a request from an endpoint agent running on a first endpoint of the enterprise network for approval to accept a connection request from a second endpoint and a response comprises an instruction to the first endpoint to accept or deny the connection request from the second endpoint of the enterprise network ([0004], [0015]-[0016], [0018], [0021], [0034]-[0035]).
Claims 12-22 are the medium claims to system claims 1-11 above and are rejected in the same manner using the same rationale.
Claims 23-33 are the method claims to system claims 1-11 above and are rejected in the same manner using the same rationale.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL ALSIP whose telephone number is (571)270-1182. The examiner can normally be reached M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on (571)272-4085. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL ALSIP/Primary Examiner, Art Unit 2136