DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This Office Action is in response to Application filed on July 21, 2022 in which claims 1-20 are presented for examination.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on July 21, 2022 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-27 of U.S. Patent No.11,424,991. Although the claims at issue are not identical, they are not patentably distinct from each other because claims 1-20 of the present application are being anticipated by claims 1-27 of US Patent No. 11,424,991.

US Application No. 17/814,158
US Patent No. 11,424,991
1. A computer-implemented method when executed by data processing hardware causes the data processing hardware to perform operations comprising: generating a simulation network model based on a workflow for a production network model of a network, the simulation network model including one or more parameter changes to the production network model; replaying the workflow for the production network model as a simulated network flow within the simulation network model; generating a report indicating differences between the production network model and the simulation network model based on the replaying of the workflow for the production network model as the simulated network flow within the simulation network model; and based on the report indicating the differences between the production network model and the simulation network model: receiving an acceptance of the one or more parameter changes included in the simulation network model; and implementing the one or more parameter changes in the production network model. 

2. The method of claim 1, further comprising: receiving a production network log including the workflow for the production network model; and generating a simulated network log based on the simulated network flow. 

3. The method of claim 2, wherein generating the report indicating the differences between the production network model and the simulation network model comprises: comparing the production network log to the simulation network log; and identifying differences between the production network log and the simulation network log. 

4. The method of claim 2, wherein the production network log is one of a virtual private connection flow log or a firewall rules log.

5. The method of claim 1, wherein the operations further comprise determining an impact of the one or more parameter changes on the production network model.

6. The method of claim 5, wherein determining the impact of the one or more parameter changes comprises determining an impact to at least one of network reachability, a firewall shadow rules predicted firewall hit rates, user intent rules, security compliance rules, or resource quotas and utilization.

7. The method of claim 1, wherein generating the simulation network model comprises incrementally incorporating the one or more parameter changes into the production network model. 

8. The method of claim 1, wherein the operations further comprise receiving one or more invariant parameters of the production network model.

9. The method of claim 1, wherein the operations further comprise changing a configuration of the network when an impact of the one or more parameter changes on the network is acceptable.

10. The method of claim 1, wherein analyzing the simulated network flow within the simulation network model comprises determining whether the simulation network model impacts a network intent of the production network model.

11. A system comprising: data processing hardware; and memory hardware in communication with the data processing hardware, the memory hardware storing instructions that when executed on the data processing hardware cause the data processing hardware to perform operations comprising: generating a simulation network model based on a workflow for a production network model of a network, the simulation network model including one or more parameter changes to the production network model; replaying the workflow for the production network model as a simulated network flow within the simulation network model; generating a report indicating differences between the production network model and the simulation network model based on the replaying of the workflow for the production network model as the simulated network flow within the simulation network model; and based on the report indicating the differences between the production network model and the simulation network model: receiving an acceptance of the one or more parameter changes included in the simulation network model; and implementing the one or more parameter changes in the production network model. 

12. The system of claim 11, wherein the operations further comprise: receiving a production network log including the workflow for the production network model; and generating a simulated network log based on the simulated network flow. 

13. The system of claim 12, wherein generating the report indicating the differences between the production network model and the simulation network model comprises: comparing the production network log to the simulation network log; and identifying differences between the production network log and the simulation network log. 

14. The system of claim 12, wherein the production network log is one of a virtual private connection flow log and a firewall rules log.

15. The system of claim 11, wherein the operations further comprise determining an impact of the one or more parameter changes on the production network model.

16. The system of claim 15, wherein determining the impact of the one or more parameter changes comprises determining an impact to at least one of network reachability, a firewall shadow rules predicted firewall hit rates, user intent rules, security compliance rules, or resource quotas and utilization.
 17. The system of claim 11, wherein generating the simulation network model comprises incrementally incorporating the one or more parameter changes into the production network model. 

18. The system of claim 11, wherein the operations further comprise receiving one or more invariant parameters of the production network model.

19. The system of claim 11, wherein the operations further comprise changing a configuration of the network when an impact of the one or more parameter changes on the network is acceptable.

20. The system of claim 11, wherein analyzing the simulated network flow within the simulation network model comprises determining whether the simulation network model impacts a network intent of the production network model.

1. A method of network configuration simulation, the method comprising: receiving, at data processing hardware, one or more parameter changes for a production network model of a network; generating, by the data processing hardware, a simulation network model based on a production network log comprising a recorded workflow for the production network model, the simulation network model including the one or more parameter changes; analyzing, by the data processing hardware, a simulated network flow within the simulation network model; generating, by the data processing hardware, a report including an impact of the one or more parameter changes on the network, the report indicating differences between the production network model and the simulation network model; in response to generating the report, receiving, at the data processing hardware, an acceptance of the one or more parameter changes; and in response to receiving the acceptance of the one or more parameter changes, implementing, by the data processing hardware, the one or more parameter changes in the network.
2. The method of claim 1, further comprising: receiving, at the data processing hardware, the production network log including the recorded workflow for the production network model; and simulating, by the data processing hardware, the recorded workflow of the production network model within the simulation network model to generate a simulation network log.
3. The method of claim 2, wherein analyzing the simulated network flow comprises: comparing, by the data processing hardware, the production network log to the simulation network log; and identifying, by the data processing hardware, differences between the production network log and the simulation network log.
4. The method of claim 2, wherein the production network log is one of a virtual private connection flow log and a firewall rules log.
5. The method of claim 1, further comprising determining, by the data processing hardware, an impact of the one or more parameter changes on the production network model.
6. The method of claim 5, wherein determining the impact of the one or more parameter changes on the production network model comprises determining an impact to at least one of network reachability, a firewall shadow rules predicted firewall hit rates, user intent rules, security compliance rules, and resource quotas and utilization.
7. The method of claim 1, wherein generating the simulation network model includes incrementally incorporating, by the data processing hardware, the one or more parameter changes into the production network model.
8. The method of claim 1, further comprising receiving, by the data processing hardware, one or more invariant parameters of the production network model.
9. The method of claim 1, further comprising changing, by the data processing hardware, a configuration of the network when the impact of the one or more parameter changes on the network are acceptable.
10. A system comprising: data processing hardware; and memory hardware in communication with the data processing hardware, the memory hardware storing instructions that when executed on the data processing hardware cause the data processing hardware to perform operations comprising: receiving one or more parameter changes for a production network model of a network; generating a simulation network model based on a production network log comprising a recorded workflow for the production network model, the simulation network model including the one or more parameter changes; analyzing a simulated network flow within the simulation network model; generating a report including an impact of the one or more parameter changes on the network, the report indicating differences between the production network model and the simulation network model; in response to generating the report, receiving an acceptance of the one or more parameter changes; and in response to receiving the acceptance of the one or more parameter changes, implementing the one or more parameter changes in the network.
11. The system of claim 10, wherein the operations further comprise: receiving the production network log including the recorded workflow for the production network model; and simulating the recorded workflow of the production network model within the simulation network model to generate a simulation network log.
12. The system of claim 11, wherein analyzing the simulated network flow comprises: comparing the production network log to the simulation network log; and identifying differences between the production network log and the simulation network log.
13. The system of claim 11, wherein the production network log is one of a virtual private connection flow log and a firewall rules log.
14. The system of claim 10, wherein the operations further comprise determining an impact of the one or more parameter changes on the production network model.
15. The system of claim 14, wherein determining the impact of the one or more parameter changes one the production network model comprises determining an impact to at least one of network reachability, a firewall shadow rules predicted firewall hit rates, user intent rules, security compliance rules, and resource quotas and utilization.
16. The system of claim 10, wherein generating the simulation network model includes incrementally incorporating the one or more parameter changes into the production network model.
17. The system of claim 10, wherein the operations further comprise receiving one or more invariant parameters of the production network model.
18. The system of claim 10, wherein the operations further comprise changing a configuration of the network when the impact of the one or more parameter changes on the network are acceptable.
19. A computer program product encoded on a non-transitory computer readable storage medium comprising instructions that when executed by a data processing apparatus cause the data processing apparatus to perform operations comprising: receiving one or more parameter changes for a production network model of a network; generating a simulation network model based on a production network log comprising a recorded workflow for the production network model, the simulation network model including the one or more parameter changes; analyzing a simulated network flow within the simulation network model; generating a report including an impact of the one or more parameter changes on the network, the report indicating differences between the production network model and the simulation network model; in response to the report, receiving an acceptance of the one or more parameter changes; and in response to the acceptance of the one or more parameter changes, implementing the one or more parameter changes in the network.
20. The computer program product of claim 19, wherein the operations further comprise: receiving the production network log including the recorded workflow for the production network model; and simulating the recorded workflow of the production network model within the simulation network model to generate a simulation network log.
21. The computer program product of claim 20, wherein analyzing the simulated network flow comprises: comparing the production network log to the simulation network log; and identifying differences between the production network log and the simulation network log.
22. The computer program product of claim 20 wherein the production network log is one of a virtual private connection flow log and a firewall rules log.
23. The computer program product of claim 19, wherein the operations further comprise determining an impact of the one or more parameter changes on the production network model.
24. The computer program product of claim 23, wherein determining the impact of the one or more parameter changes on the production network model comprises determining an impact to at least one of network reachability, a firewall shadow rules predicted firewall hit rates, user intent rules, security compliance rules, and resource quotas and utilization.
25. The computer program product of claim 19, wherein generating the simulation network model includes incrementally incorporating the one or more parameter changes into the production network model.
26. The computer program product of claim 19, wherein the operations further comprise receiving one or more invariant parameters of the production network model.
27. The computer program product of claim 19, wherein the operations further comprise changing a configuration of the network when the impact of the one or more parameter changes on the network are acceptable.




Allowable Subject Matter
Claims 1-20 will be allowable upon a timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d). 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FRANTZ COBY whose telephone number is (571)272-4017. The examiner can normally be reached Monday-Thursday 7AM-5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on 571 270-3037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/FRANTZ COBY/Primary Examiner, Art Unit 2456                                                                                                                                                                                                        
December 15, 2022