Ex Parte Wiederin et alDownload PDFBoard of Patent Appeals and InterferencesMay 1, 201210608137 (B.P.A.I. May. 1, 2012) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________________ Ex parte SHAWN E. WIEDERIN, RALPH S. HOEFELMEYER, and THERESA E. PHILLIPS ____________________ Appeal 2010-000894 Application 10/608,137 Technology Center 2400 ____________________ Before DEBRA K. STEPHENS, KRISTEN L. DROESCH, and BRUCE R. WINSOR, Administrative Patent Judges. STEPHENS, Administrative Patent Judge. DECISION ON APPEAL Appeal 2010-000894 Application 10/608,137 2 Appellants appeal under 35 U.S.C. § 134(a) (2002) from a final rejection of claims 1, 4-10, 12-16, and 19-22. We have jurisdiction under 35 U.S.C. § 6(b). Claims 2, 3, 11, 17, 18, and 23-28 have been cancelled. We REVERSE. Introduction According to Appellants, the invention relates to a network device used to provide network security. The network device includes an interface configured to receive data transmitted over a network, a firewall, intrusion detection logic, and forwarding logic. The firewall, intrusion detection logic, and forwarding logic process the received data to determine whether the data contains malicious content. When the data contains malicious content, the data may be dropped before the destined user device receives data. (Abstract). STATEMENT OF THE CASE Exemplary Claim Claim 1 is an exemplary claim and is reproduced below: 1. A device, comprising: at least one interface configured to receive data transmitted via a network; a firewall configured to: receive data from the at least one interface, determine whether the data potentially contains malicious content, and identify first data in the received data that potentially contains malicious content; intrusion detection logic configured to: Appeal 2010-000894 Application 10/608,137 3 receive the first data, and generate report information based on the first data; and forwarding logic configured to: receive the report information, forward the first data for processing by a user application when the report information indicates that the first data does not contain malicious content; and forward the report information to a remote central management system when the report information indicates that the first data potentially contains malicious content, the report information allowing the remote central management system to make a forwarding decision on behalf of the device. References Schneier US 2002/0087882 A1 Jul. 4, 2002 Joyce US 6,519,703 B1 Feb. 11, 2003 Bates US 6,785,732 B1 Aug. 31, 2004 Judge US 6,941,467 B2 Sep. 6, 2005 Rejections (1) Claims 1, 4, 5, 8-10, 12-14, 16, 19, and 20 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Schneier and Joyce. (2) Claims 6, 15, and 21 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Schneier, Joyce, and Judge. (3) Claims 7 and 22 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Schneier, Joyce, and Bates. Appeal 2010-000894 Application 10/608,137 4 ISSUE 1 35 U.S.C. § 103(a): Claims 1, 4, 5, 8-10, 12-14, 16, 19, and 20 Appellants argue their invention is not obvious over Schneier and Joyce because neither reference discloses “forwarding logic configured to forward report information to a remote central management system when the report information indicates that first data potentially contains malicious content, the report information allowing the remote central management system to make a forwarding decision on behalf of the device” (App. Br. 13). According to Appellants, in Schneier, at the SOC, problem tickets are formed for handling by security analysts (App. Br. 14). Thus, according to Appellants, Schneier discloses a probe/sentry system that monitors and collects information concerning the status of a network and its components; hence, there would be no reason for the sentry system to make forwarding decisions (App. Br. 14-15). Additionally, Appellants argue Schneier discloses blocking a certain IP address from accessing a customer’s network – not a remote central management system that makes a forwarding decision on behalf of a device (App. Br. 15). Issue: Has the Examiner erred in finding Schneier discloses “forwarding logic configured to forward report information to a remote central management system when the report information indicates that first data potentially contains malicious content, the report information allowing the remote central management system to make a forwarding decision on behalf of the device” as recited in claims 1, 10, and 16? Appeal 2010-000894 Application 10/608,137 5 ANALYSIS We agree with Appellants that Schneier does not disclose the disputed limitation. Specifically, Schneier discloses the Network Response Subsystem 2070 processes and executes requests originating from the SOC (Secure Operations Center), and for example, may block IP addresses (pg. 5, [0068]). However, this portion of Schneier does not disclose forwarding information to the SOC when the information indicates that data potentially contains malicious content. Instead, this portion describes a request(s) coming from the SOC to the device. The Examiner has not relied on Joyce as describing this limitation, thus Joyce does not cure the deficiency of Schneier. Therefore, the Examiner has not shown Schneier or Joyce, taken alone or in proper combination, discloses “forwarding logic configured to . . . forward report information to a remote central management system when the report information indicates that first data potentially contains malicious content, the report information allowing the remote central management system to make a forwarding decision on behalf of the device” as recited in independent claim 1 and commensurately recited in independent claims 10 and 16. Dependent claims 4, 5, 8, 9, 12-14, 19, and 20 thus stand with their respective independent claims. Accordingly, the Examiner erred in rejecting claims 1, 4, 5, 8-10, 12-14, 16, 19, and 20 under 35 U.S.C. § 103(a) as being obvious over Schneier and Joyce. Appeal 2010-000894 Application 10/608,137 6 ISSUE 2 35 U.S.C. § 103(a): claims 6, 15, and 21 35 U.S.C. § 103(a): claims 7 and 22 The Examiner has not shown either Judge or Bates cures the deficiencies of Schneier. Therefore, dependent claims 6, 7, 15, 21, and 22 stand with their respective independent claims. Accordingly, the Examiner erred in rejecting claims 6, 15, and 21 under 35 U.S.C. § 103(a) for obviousness over Schneier, Joyce, and Judge and erred in rejecting claims 7 and 22 under 35 U.S.C. § 103(a) for obviousness over Schneier, Joyce, and Bates. DECISION The Examiner’s rejection of claims 1, 4, 5, 8-10, 12-14, 16, 19, and 20 under 35 U.S.C. § 103(a) as being unpatentable over Schneier and Joyce is reversed. The Examiner’s rejection of claims 6, 15, and 21 under 35 U.S.C. § 103(a) as being unpatentable over Schneier, Joyce, and Judge is reversed. The Examiner’s rejection of claims 7 and 22 under 35 U.S.C. § 103(a) as being unpatentable over Schneier, Joyce, and Bates is reversed. REVERSED msc Copy with citationCopy as parenthetical citation
