11050187 (P.T.A.B. Mar. 9, 2017)

Ex Parte Bernoth

Patent Trial and Appeal BoardMar 9, 2017

11050187 (P.T.A.B. Mar. 9, 2017)

United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 11/050,187 02/03/2005 Andrew John Bernoth END920040137US1 1180 37945 7590 03/13/2017 DTTKFW YFF EXAMINER YEE AND ASSOCIATES, P.C. KYLE, TAMARA TESLOVICH P.O. BOX 802333 DALLAS, TX 75380 ART UNIT PAPER NUMBER 2448 NOTIFICATION DATE DELIVERY MODE 03/13/2017 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): ptonotifs @yeeiplaw.com mgamez @ yeeiplaw. com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte ANDREW JOHN BERNOTH Appeal 2015-005019 Application 11/050,187 Technology Center 2400 Before JEAN R. HOMERE, MARC S. HOFF, and JAMES R. HUGHES, Administrative Patent Judges. HUGHES, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE In an earlier Decision involving the instant application and the Frattura reference {infra), Ex Parte Appeal 2010-002166 mailed July 3, 2012 (the “Prior Decision”), we affirmed the Examiner’s decision rejecting claims 1—21 under 35 U.S.C. § 102(e) as being anticipated by Frattura. We denied Appellant’s Request for Rehearing filed August 2, 2012 in our Decision On Request For Rehearing mailed August 29, 2012. Appeal 2015-005019 Application 11/050,187 In this appeal, Appellant seeks our review under 35 U.S.C. § 134(a) of the Examiner’s Final Decision rejecting claims 1—21, which constitute all the claims pending in this application. See Final Act. 1; App. Br. 9.1 We have jurisdiction under 35 U.S.C. § 6(b). We reverse. Appellant’s Invention The invention at issue on appeal concerns computer program products, systems, and methods for managing security policies of computing devices of a network, specifically, determining whether a message flow rule of a firewall specifies a combination of a source IP address, source port, protocol, destination IP address, and destination port which permits passing of the message packet to the port of the destination IP address. Spec. 1, 6—7; Abstract. Illustrative Claim Independent claim 1, reproduced below with the key disputed limitations emphasized, further illustrates the invention: 1. A method for managing a security policy of a firewall, the firewall receiving a message packet addressed to a specified port of a destination IP address and determining that the firewall does not have a message flow rule specifying a combination of a source IP address, source port, protocol, destination IP address, and destination port which permits passing of the message 1 We refer to Appellant’s Specification (“Spec.”) (filed Feb. 3, 2005); Appeal Brief (“App. Br,”) (filed Aug. 6, 2014); and Reply Brief (“Reply Br.”) (filed Apr. 2, 2015). We also refer to the Examiner’s Answer (“Ans.”) (mailed Feb 5, 2015), and Final Office Action (Final Rejection) (“Final Act.”) (mailed May 7, 2014). 2 Appeal 2015-005019 Application 11/050,187 packet to the port of the destination IP address, the method comprising the steps of: responsive to a determination that the firewall blocked the message packet from being sent to the port of the destination IP address due to the absence in the firewall of the message flow rule, sending to a port scanning device a command directing the port scanning device to test the port of the destination IP address to determine if the port is open; identifying, by a processor, a response from the port scanning device indicating whether the port is open', and if so, automatically querying an administrator whether the firewall should have a message flow rule which permits passing of the message packet to the port of the destination IP address, if not, not querying an administrator whether the firewall should have the message flow rule which permits passing of the message packet to the port of the destination IP address. Rejection on Appeal The Examiner rejects claims 1—21 under 35 U.S.C. § 103(a) as being unpatentable over Frattura et al. (US 2006/0037075 Al, published Feb. 16, 2006 (filed Feb. 25, 2005, claiming benefit of U.S. Provisional App. No. 60/552,000 filed Mar. 10, 2004)) (“Frattura”) and Ormazabal et al. (US 2005/0076238 Al, published Apr. 7, 2005) (“Ormazabal”). ISSUE Based upon our review of the administrative record, Appellant’s contentions, and the Examiner’s findings and conclusions, the pivotal issue before us is as follows: Does the Examiner err in finding that the combination of Frattura and Ormazabal collectively would have taught or suggested 3 Appeal 2015-005019 Application 11/050,187 the firewall receiving a message packet addressed to a specified port of a destination IP address and determining that the firewall does not have a message flow rule specifying a combination of a source IP address, source port, protocol, destination IP address, and destination port which permits passing of the message packet to the port of the destination IP address within the meaning of Appellant’s claim 1 and the commensurate limitations of claims 7, 13, and 19? ANALYSIS Appellant contends that Frattura and Ormazabal do not teach the disputed limitations of claim 1. See App. Br. 9—17; Reply Br. 2—11. Specifically Appellant contends that neither Frattura, nor Ormazabal teaches “a message flow rule specifying a combination of a source IP address, source port, protocol, destination IP address, and destination port” (Claim 1; App. Br. 23) (see App. Br. 10-11; Reply Br. 8—9). We have reviewed the sections of Frattura and Ormazabal cited by the Examiner, as well as the detailed discussions of Appellant and the Examiner. Appellant persuades us of error in the obviousness rejection of claim 1. While we agree with the Examiner that Frattura and Ormazabal generally describes firewall security policies and monitoring processes (see Final Act. 3 (citing Frattura 10—12); Ans. 9—13 (citing Frattura 11—12; Ormazabal 144))2, we disagree with the Examiner that either Frattura or Ormazabal, 2 The Examiner also cites to Chapman (Chapman and Zwicky, Building Internet Firewalls, O’Reilly & Assoc. (1995), see Ans. 10-11). Chapman is presented for the first time in the Examiner’s Answer to support the Examiner’s position that specific elements of firewall rules are notoriously well-known. See Ans. 9—11. The cited portions of Chapman describe 4 Appeal 2015-005019 Application 11/050,187 alone or in combination, describes or suggests message flow rules including the combination of elements specified in claim 1. Ans. 9—13. The cited portions of Frattura (Frattura 10—12) merely describe monitoring processes. Frattura 10—12; see App. Br. 10-11. The cited portions of Ormazabal (| 44) describe filtering voice-over IP media sessions (network traffic) using a firewall proxy device that communicates dynamic pinhole information to a firewall. The dynamic pinhole information contains the information delineated in Appellant’s claim 1 — source IP address, source port, protocol, destination IP address, and destination port — but the cited portions of Ormazabal (144) do not describe firewall rules (message flow rules) specifying the combination of these elements (this information) recited in Appellant’s claim 1 (see Reply Br. 8). It is unclear from the Examiner’s mapping of the prior art elements to the claim limitations how the combination of Frattura and Ormazabal teaches or suggests blocking a message based on a message flow rule (i.e., determining that a firewall does not have a message flow rule) specifying a combination of a source IP address, source port, protocol, destination IP address, and destination port as recited in claim 1. Neither Frattura, nor Ormazabal, alone or in combination describes such a message flow rule. packets (network traffic) containing the information delineated in Appellant’s claim 1, that is the: source IP address, source port, protocol, destination IP address, and destination port. The cited portions of Chapman, however, do not describe firewall rules (message flow rules) specifying the combination of the delineated elements (information) recited in Appellant’s claim 1 (see Reply Br. 8). Further, Appellants assert that the Examiner has made numerous new grounds of rejection in the Answer (Reply Br. 2—3) including the citation of Chapman. We need not (and do not) reach this issue based on our findings with respect to Chapman (supra). 5 Appeal 2015-005019 Application 11/050,187 Further, assuming without deciding that Frattura suggests a message flow rule, the Examiner has not sufficiently explained how Ormazabal’s dynamic pinhole information might be incorporated into Frattura’s rule or how a firewall utilizing such a rule would block a particular message (determine that the firewall does not have such a rule that allows passage of such a message). Consequently, we are constrained by the record before us to find that the Examiner erred in finding Frattura and Ormazabal teach the disputed limitations of Appellant’s claim 1. Independent claims 7, 13, and 19 include limitations of commensurate scope. Claims 2—6, 8—12, 14—18, and 20-21 depend on claims 1,7, 13, and 19, respectively. Accordingly, we reverse the Examiner’s obviousness rejection of claims 1—21. We do not reach the numerous additional issues identified in Appellant’s briefs, in view of our findings as to Frattura and Ormazabal with respect to the firewall rule {supra). CONCLUSION Appellants have shown that the Examiner erred in rejecting claims 1— 21 under 35 U.S.C. § 103(a). DECISION We reverse the Examiner’s rejection of claims 1—21. REVERSED 6