Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
The office action is a response to application filed 4/15/2021. Wherein claims 1-20 are pending and ready for examination.
	
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


1.	Claim(s) 1, 4, 9 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Kumar et al (US 20210081534 A1) in view of Shetty et al (US20160234095 A1) in view of Robison et al (US 20200233983 A1).
With respect to independent claims:
Regarding claim(s) 1,  Kumar et al teach an Information Handling System (IHS) comprising: a plurality of managed hardware components; a secured memory; one or more processors; and a memory coupled to the processors, the memory storing program instructions that, upon execution by the processors, cause the IHS to(Kumar, Fig.1) prior to booting an operating system of the IHS, enumerate the plurality of managed hardware components as each supporting remote management; (Kumar, [0008], the information handling system may be configured to: during execution of the pre-boot environment, establish a pre-boot network connection to a remote information handling system via the network interface; receive operating system data from the remote information handling system; [0053], At step 306, the UEFI firmware may make a request to the PCI root complex and get details about all of the enumerated PCI devices. At step 308, the UEFI firmware may install a DMA remapping table containing the mapping of the pseudo PCI device to the ram disk address range.)
prior to booting the operating system, establish a network stack in the secured memory for transfer of remote device management communications directed at the plurality of managed hardware components; (Kumar, [0052], At step 302, the computer begins the boot process. At step 304 (e.g., during the pre-boot phase), a pseudo PCI I/O device is created at a selected bus:device:function address, and is mapped onto an address range of a ram disk. (Further details about this step are provided below with regard to FIG. 4.) [0053] At step 306, the UEFI firmware may make a request to the PCI root complex and get details about all of the enumerated PCI devices. At step 308, the UEFI firmware (secured memory) may install a DMA remapping table containing the mapping of the pseudo PCI device to the ram disk address range. [0033], operating system 106 may include all or a portion of a network stack for network communication via a network interface (e.g., network interface 108 for communication over a data network).)
However, the prior art fails to teach prior to booting the operating system, configure routing of device management messages received from remote management tools operating in support of one or more of the plurality of managed devices to the network stack; after booting the operating system, interface with the remote management tools in establishing a secure remote management session with a device management agent operating on the IHS in support of the plurality of managed devices; and operation of the device management agent in the booted operating system, retrieve device management messages from the network stack and deliver decoded device management messages to a managed hardware component.
Shetty et al teach prior to booting the operating system, configure routing of device management messages received from remote management tools operating in support of one or more of the plurality of managed devices to the network stack; (Shetty, [0011], the low-power mode may include a G0 or G1 mode under the Advanced Configuration and Power Interface (ACPI) specification. Moreover, may further cause the IHS to receive network topology information from the server prior to the server booting an Operating System (OS). The one or more network devices may include at least one of: a switch, a router, a repeater, a bridge, a hub, or an access point, and the IHS may include a management console available to a network administrator.)
 after booting the operating system, interface with the remote management tools in establishing a secure remote management session with a device management agent operating on the IHS in support of the plurality of managed devices; and (Shetty, [0052], BMC controller 328 may include non-volatile memory having program instructions stored thereon that are usable by CPU(s) 302 to enable remote management of IHS 300. For example, BMC controller 328 may enable a user to discover, configure, and manage BMC controller 328, setup configuration options, resolve and administer hardware or software problems, etc. Additionally or alternatively, BMC controller 328 may include one or more firmware volumes, each volume having one or more firmware files used by the BIOS' firmware interface to initialize and test components of computing device 300.)
Therefore, it would have been obvious to a person of ordinary skill to use prior to booting the operating system, configure routing of device management messages received from remote management tools operating in support of one or more of the plurality of managed devices to the network stack; after booting the operating system, interface with the remote management tools in establishing a secure remote management session with a device management agent operating on the IHS in support of the plurality of managed devices as taught by Shelty. The motivation/suggestion would have been because there is a need to provide bare-metal network topology discovery. Additionally, the cited references are in the field of communication, as is the current application, and thus, are in analogous arts.
However, the prior art fails to teach during operation of the device management agent in the booted operating system, retrieve device management messages from the network stack and deliver decoded device management messages to a managed hardware component.
 Robison et al teach during operation of the device management agent in the booted operating system, retrieve device management messages from the network stack and deliver decoded device management messages to a managed hardware component. (Robison, [0032], as described in additional detail with regard to FIGS. 2 and 3, the device manager 120 may utilize out-of-band couplings, such as provided via GPIO (general-purpose input/output) signal pathways 125 to each of the managed hardware components, in order to issue management commands to each of the hardware components 105, 107, 108, 111, 112, 116, 119, 122, 123 that may be managed via secure processor 115.)
Therefore, it would have been obvious to a person of ordinary skill to use during operation of the device management agent in the booted operating system, retrieve device management messages from the network stack and deliver decoded device management messages to a managed hardware component as taught by Robison et al. The motivation/suggestion would have been because there is a need to securely managing certain hardware components of an IHS without reliance on the operating system of an IHS. Additionally, the cited references are in the field of communication, as is the current application, and thus, are in analogous arts.

Claim(s) 9 and 15 is/are substantially similar to claim 1, and is thus rejected under substantially the same rationale.

With respect to dependent claims:
Regarding claim(s) 4, Kumar-Shetty-Robison teaches IHS of claim 1, wherein the remote device management messages are not secured by the operating system of the IHS. (Kumar, [0038]-[0039], a trusted session to a remote information handling system may be established over a pre-boot network connection app (e.g., Dell BIOSConnect) to download such operating system data for execution via a ram disk. [0039] FIG. 2A illustrates a memory protection problem in existing systems. Pre-boot network connection app 202 downloads operating system data (e.g., an SOS image) and executes the code in a portion of memory established as ram disk area 204. In this example, 1 GB of storage has been set aside for the ram disk, at the physical address range 0x0100000000-0x013E7FFFFF. If a malicious firmware component attempts to access that memory range directly, the access may be allowed, causing a firmware crash or other undesired behavior.)
		
2.	Claim(s) 2 is rejected under 35 U.S.C. 103 as being unpatentable over Kumar et al (US 20210081534 A1) in view of Shetty et al (US20160234095 A1) in view of Robison et al (US 20200233983 A1) in view of Ponnusamy et al (US20170228237 A1).
Regarding claim(s) 2, the prior art fails to teach the IHS of claim 1, further comprising: a remote access controller that provides management of one or more of the plurality of managed hardware components via sideband management couplings with the remote access controller, wherein the device management messages are not routed to the plurality of managed devices via the sideband management couplings.
However, Ponnusamy et al teach a remote access controller that provides management of one or more of the plurality of managed hardware components via sideband management couplings with the remote access controller, wherein the device management messages are not routed to the plurality of managed devices via the sideband management couplings. (Ponnusamy, [0025], Management controller 112 may be configured to provide management facilities for management of information handling system 102. Such management may be made by management controller 112 even if information handling system 102 is powered off or powered to a standby state. Management controller 112 may include a processor 113, memory 114, a management network interface 118 separate from and physically isolated from data network interface 108, and a Network Controller Sideband Interface (NCSI) 120. In certain embodiments, management controller 112 may include or may be an integral part of a baseboard management controller (BMC) or a remote access controller (e.g., a Dell Remote Access Controller or Integrated Dell Remote Access Controller).)
Therefore, it would have been obvious to a person of ordinary skill to use a remote access controller that provides management of one or more of the plurality of managed hardware components via sideband management couplings with the remote access controller, wherein the device management messages are not routed to the plurality of managed devices via the sideband management couplings as taught by Ponnusamy et al. The motivation/suggestion would have been because there is a need to configuring an information handling system for boot to a network target may be reduced or eliminated. Additionally, the cited references are in the field of communication, as is the current application, and thus, are in analogous arts.

3.	Claim(s) 3, 5-7, 10-13 and 16-19 are rejected under 35 U.S.C. 103 as being unpatentable over Kumar et al (US 20210081534 A1) in view of Shetty et al (US20160234095 A1) in view of Robison et al (US 20200233983 A1) in view of Jreij et al (US 20200137079 A1).
Regarding claim(s) 3, the prior art fails to teach the IHS of claim 1, wherein the secured memory is a UEFI (Unified Extensible Firmware Interface) memory partition. (Jreij, [0038], IHS 200 may operate using a BIOS (Basic Input/Output System) that may be stored in a non-volatile memory accessible by the processor(s) 205. The BIOS may provide an abstraction layer by which the operating system of the IHS 200 interfaces with the hardware components of the IHS. Upon powering or restarting IHS 200, processor(s) 205 may utilize BIOS instructions to initialize and test hardware components coupled to the IHS, including both components permanently installed as components of the motherboard of IHS 200 and removable components installed within various expansion slots supported by the IHS 200. The BIOS instructions may also load an operating system for use by the IHS 200. In certain embodiments, IHS 200 may utilize Unified Extensible Firmware Interface (UEFI) in addition to or instead of a BIOS. In certain embodiments, the functions provided by a BIOS may be implemented, in full or in part, by the remote access controller 255.)
Therefore, it would have been obvious to a person of ordinary skill to use wherein the secured memory is a UEFI (Unified Extensible Firmware Interface) memory partition as taught by Jreij et al. The motivation/suggestion would have been because there is a need to detecting rogue endpoints on a device management bus. Additionally, the cited references are in the field of communication, as is the current application, and thus, are in analogous arts.

Regarding claim(s) 5, Kumar-Shetty-Robison-Jreli teaches the IHS of claim 1, wherein the remote device management communications comprise VDM (Vendor Defined Messages). (Jreij, [0051] The embodiment illustrated in FIG. 4 begins at step 405 with the remote access controller initiating discovery of the endpoints on a device management bus. The remote access controller may provide monitoring and administrative capabilities for an IHS, such as described with regard to FIGS. 1 and 2. Accordingly, the remote access controller may utilize a sideband bus to communicate with managed devices. In certain embodiments, the sideband bus may be a PCIe VDM bus used to communicate MCTP messages that are used in the monitoring and administration of the managed devices by the remote access controller. In such embodiments, the remote access controller may utilize MCTP endpoint discovery functions in order to identify all endpoints that are coupled to the device management bus.)

Regarding claim(s) 6, Kumar-Shetty-Robison-Jreli teaches the IHS of claim 5, wherein the VDMs directed at the plurality of managed devices are generated by the remote management tools operating in support of one or more of the plurality of managed devices. (Jreij, [0051] The embodiment illustrated in FIG. 4 begins at step 405 with the remote access controller initiating discovery of the endpoints on a device management bus. The remote access controller may provide monitoring and administrative capabilities for an IHS, such as described with regard to FIGS. 1 and 2. Accordingly, the remote access controller may utilize a sideband bus to communicate with managed devices. In certain embodiments, the sideband bus may be a PCIe VDM bus used to communicate MCTP messages that are used in the monitoring and administration of the managed devices by the remote access controller. In such embodiments, the remote access controller may utilize MCTP endpoint discovery.)
Regarding claim(s) 7, Kumar-Shetty-Robison-Jreli teaches the IHS of claim 1, wherein the secure remote management session comprises a PCle (Peripheral Component Interconnect express) MCTP (Management Component Transport Protocol) management session. (Jreij, [0051] The embodiment illustrated in FIG. 4 begins at step 405 with the remote access controller initiating discovery of the endpoints on a device management bus. The remote access controller may provide monitoring and administrative capabilities for an IHS, such as described with regard to FIGS. 1 and 2. Accordingly, the remote access controller may utilize a sideband bus to communicate with managed devices. In certain embodiments, the sideband bus may be a PCIe VDM bus used to communicate MCTP messages that are used in the monitoring and administration of the managed devices by the remote access controller. In such embodiments, the remote access controller may utilize MCTP endpoint discovery.)
Claim(s) 10 and 16 is/are substantially similar to claim 3, and is thus rejected under substantially the same rationale.
Claim(s) 11 and 17 is/are substantially similar to claim 5, and is thus rejected under substantially the same rationale.
Claim(s) 12 and 18 is/are substantially similar to claim 6, and is thus rejected under substantially the same rationale.
Claim(s) 13 and 19 is/are substantially similar to claim 7, and is thus rejected under substantially the same rationale.

4.	Claim(s) 8, 14 and 20are rejected under 35 U.S.C. 103 as being unpatentable over Kumar et al (US 20210081534 A1) in view of Shetty et al (US20160234095 A1) in view of Robison et al (US 20200233983 A1) in view of Kahn et al (US 20210397577 A1).
Regarding claim(s) 8, the prior art fails to teach the IHS of claim 7, wherein the PCle MCTP management session is encoded within an HTTPS connection between a respective remote management tool and the device management agent.
Howver, wherein the PCle MCTP management session is encoded within an HTTPS connection between a respective remote management tool and the device management agent. (Kahn, [0064], At block 724, the disclosed systems can apply the routing information to a header of a packet of data associated with the in-band data. In various embodiments, the header can include a Management Component Transport Protocol (MCTP) over Transmission Control Protocol (TCP) based information and the packet is transmitted to the management processor via a TCP Internet Protocol (IP) over Ethernet protocol. At block 726, the disclosed systems can transmit, via a port, the in-band data to the management device based on the routing information. Further, in various embodiments, the in-band data can be transmitted to a second storage device of the storage devices via a switch. In some embodiments, the in-band data can include a firmware upgrade.)

Claim(s) 14 and 20 is/are substantially similar to claim 8, and is thus rejected under substantially the same rationale.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.    
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WUJI CHEN whose telephone number is (571)270-0365.  The examiner can normally be reached on 9am-6pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SRIVASTAVA VIVEK can be reached on (571) 272-7304.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/WUJI CHEN/
Examiner, Art Unit 2449

	/VIVEK SRIVASTAVA/             Supervisory Patent Examiner, Art Unit 2449