15453022 - (D) (P.T.A.B. Jun. 25, 2020)

Robert A. May

Patent Trials and Appeals BoardJun 25, 2020

15453022 - (D) (P.T.A.B. Jun. 25, 2020)

UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 15/453,022 03/08/2017 Robert A. May FORT-008012 4506 64128 7590 06/25/2020 MICHAEL A DESANCTIS JAFFERY WATSON MENDONSA & HAMILTON LLP 7501 Village Square Drive, Ste. 206 Castle Pines, CO 80108 EXAMINER TRAN, VU V ART UNIT PAPER NUMBER 2491 NOTIFICATION DATE DELIVERY MODE 06/25/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): eofficeaction@appcoll.com mike.desanctis@jwmhlaw.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte ROBERT A. MAY ____________________ Appeal 2018-0082751 Application 15/453,022 Technology Center 2400 ____________________ Before THU A. DANG, BARBARA A. BENOIT, and CATHERINE SHIANG, Administrative Patent Judges. DANG, Administrative Patent Judge. DECISION ON APPEAL I. STATEMENT OF THE CASE Appellant appeals under 35 U.S.C. § 134(a) from the Examiner’s Final Rejection of claims 1–20. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. 1 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies Fortinet, Inc. as the exemplary real party in interest. Appeal Br. 3. Appeal 2018-008275 Application 15/453,022 2 A. INVENTION According to Appellant, the invention relates to methods and systems for automating and facilitating establishment of Virtual Private Network (VPN) tunnels among peer devices in a network. Spec. ¶ 3. B. REPRESENTATIVE CLAIM Claim 1 is representative of the subject matter on appeal: A method comprising receiving, by a network device, from a peer network device a request for a Virtual Private Network (VPN) connection to be established between the network device and the peer network device; responsive to said receiving, establishing, by the network device, the VPN connection in accordance with a policy associated with the request without requiring manual entry of a plurality of VPN settings by a network administrator of the network device; wherein the policy includes a plurality of VPN settings for the VPN connection including (i) one or more of (a) a type of VPN authentication, (b) an outgoing VPN interface of the peer network device and (c) a crypto profile and (ii) a type of Internet Protocol Security (IP Sec) tunnel to be established between the network device and the peer network device; and wherein the policy is configured by a network administrator of the peer network device via a policy page displayed to the network administrator via a user interface of the peer network device. Appeal Br. 16 (Claims Appendix). Appeal 2018-008275 Application 15/453,022 3 C. REFERENCES The prior art relied upon by the Examiner is: Name Reference Date Smith et al. (“Smith”) US 2006/0236095 Al Oct. 19, 2006 Jain et al. (“Jain”) US 2010/0125897 A1 May 20, 2010 Yang et al.(“Yang”) US 2009/0328192 A1 Dec. 31, 2009 D. REJECTIONS Claims 1, 2, 4, 5, 7–12, 14, 15, and 17–20 stand rejected under 35 U.S.C. § 103 over Smith in view of Jain. Appeal Br. 10. Claims 3, 6, 13, and 16 stand rejected under 35 U.S.C. § 103 over Smith and Jain in view of Yang. Appeal Br. 14. II. ISSUES The principal issues before us are whether the Examiner erred in finding the combination of Smith and Jain teaches or suggests, “receiving, by a network device, from a peer network device a request for a Virtual Private Network (VPN) connection to be established between the network device and the peer network device;” and “responsive to said receiving, establishing, by the network device, the VPN connection.” Claim 1 (emphasis added). III. ANALYSIS The Examiner relies on Smith for disclosing the contested limitation of “receiving, by a network device, from a peer network device a request for a Virtual Private Network (VPN) connection to be established between the network device and the peer network device,” as recited in claim 1. Final Act. 4. In particular, the Examiner finds Smith discloses that “[a] user log[s] Appeal 2018-008275 Application 15/453,022 4 into a management portal to create a VPN connection.” Id. (citing Smith, Fig. 3, ¶ 60). According to the Examiner, “communication (e.g. interaction) between the network devices (e.g. user device, the management portal and the management server) are between peer network device[s]” because “they are able to communicate using a common protocol such as internet protocol to transmit HTML pages.” Answer 6. Further, the Examiner finds that Smith discloses, “responsive to said receiving, establishing, by the network device, the VPN connection.” Final Act. 4–5. That is, according to the Examiner, in Smith, “[the] user is connected to [the] VPN based on entry on [the graphic user interface] GUI when the required entries matching with stored data in [the] management portal.” Id. (citing Smith, Fig. 3, ¶¶ 63–64). Appellant argues the combination of Smith and Jain does not teach or suggest “receiving, by a network device, from a peer network device a request for a Virtual Private Network (VPN) connection to be established between the network device and the peer network device;” and “responsive to said receiving, establishing, by the network device, the VPN connection in accordance with a policy associated with the request . . . .” Appeal Br. 10. In particular, Appellant points out that “the [claimed] VPN connection is established responsive to receipt by the network device of the request from the peer network device,” whereas, in Smith, “VPN configuration setting for network devices are provided by their respective management servers responsive to direction received from the management portal.” Id. at 13 (emphasis added). We have considered all of Appellant’s arguments and evidence presented. We agree with Appellant that the preponderance of evidence on Appeal 2018-008275 Application 15/453,022 5 this record does not support the Examiner’s legal conclusion that claim 1 would have been obvious over Smith and Jain. Smith relates to systems and methods for automatically configuring and managing network devices and VPNs. Smith ¶ 1. In particular, Smith discloses systems and methods to “automatically create the VPN by configuring all devices to be added to the VPN.” Id. ¶ 16. In Smith, a “management portal” is provided to transmit VPN information to the management server associated with the network device to be added to the VPN, and this management server then creates, encodes, and securely encrypts a network device configuration file to be transmitted to the network device via the Internet. Id. Each local network device decrypts, decodes, and retrieves the information contained within all received configuration file, wherein the retrieved information is used to reconfigure the network device for connection. Id. ¶ 20. To “facilitate discussion of Smith’s VPN configuration,” Appellant relies on Figure 1 of Smith. Appeal Br. 11–14. Figure 1 of Smith is reproduced below: Appeal 2018-008275 Application 15/453,022 6 Figure 1 of Smith2 depicts a schematic view of a network environment. Smith ¶ 29. As illustrated in Figure 1 of Smith, local device 122a is connected to network device 118a to form local network 120a, local devices 122b and 122c are connected to network device 118b to form local network 120b, and local devices 122d and 122e are connected to network device 118d to form local network 120d. Id. ¶ 53. According to Smith, the VPN includes Internet 112, router 114, network connections 116, network devices 118, local networks 120, and local network devices 122. Id. ¶ 58. As shown in Figure 1, to initiate the creation of a VPN, a user uses local device 122a to log into management portal 104 through Internet 112. Smith ¶ 60. Management portal 104 to which the user is connected provides a GUI to the user’s local device 122a to provide the user with “Create VPN” option. Smith ¶ 61. We are unpersuaded by the Examiner’s finding that Smith discloses “a network device” receiving “from a peer network” a request for VPN connection “between the network device and the peer network device” because Smith discloses “[a] user log[s] into a management portal to create a VPN connection.” Final Act. 4 (citing Smith, Fig. 3, ¶ 60). In particular, as Appellant points out, in the claimed invention, “the ‘receiving’ limitations involve interaction between two peer network devices (VPN clients) that are desired to be part of a VPN.” Appeal Br. 11. According to Appellant, It is clear from ¶¶ [0060]-[006 l] of Smith and FIG. 1 of Smith that the VPN configuration process described involves a user of a local device (e.g., one of local device 122a-e of FIG. 1 . . .) logging into a separate server ( e.g., management portal 104 of FIG. 1 . . .) to add one or more managed network devices (e.g., 2 For improved clarity, the provided drawing is from Smith replacement drawings submitted Dec. 20, 2007. Appeal 2018-008275 Application 15/453,022 7 managed network devices l 18a-d . . .) to a VPN via a graphical user interface (GUI) of the management portal. Appeal Br. 12. Although we agree with the Examiner that Smith’s use of local device 122a to log into management portal 104 is an interaction between local device 122a and management portal 104, we disagree with the Examiner that “communication (e.g. interaction) between the network devices (e.g. user device, the management portal and the management server) are between peer network device[s].” Answer 6. In particular, we agree with Appellant that Smith’s interaction between the local device 122a–e and management portal 104 are not between “peer network devices” that are “desired to be part of a VPN” as claimed. Appeal Br. 12. In Smith, the VPN includes Internet 112, router 114, network connections 116, network devices 118, local networks 120, and local network devices 122, and does not include management portal 104. See Smith ¶ 58. That is, there is no VPN connection between management portal 104 and local device 122a. Id. Accordingly, we agree with Appellant that Smith does not teach or suggest the step of receiving “from a peer network device” a request for a VPN connection “between the network device and the peer network device” as claimed. Id. Instead, in one embodiment of Smith, in creating the VPN, “a user of a first network device such as network device 118a and its associated local network 120a may wish to add a remote local network such as local network 120d, and its associated local devices 122d and 122e, to local network 120a.” Smith ¶ 57. That is, the user uses local device 122a to log into management portal 104 to retrieve information to reconfigure the network device for a VPN connection between network device 118a of local Appeal 2018-008275 Application 15/453,022 8 network 120a and peer network device 118d of local network 120d. Id. As Appellant explains, in Smith, to establish the VPN connection between a network device (e.g., network device 118a) and a peer network device (e.g., network device 118d), VPN configuration settings for the devices are “provided by their respective management servers [110a and 110b] responsive to direction received from the management portal [104].” Appeal Br. 13; see Smith, Fig. 1. For similar reasons, we also disagree with the Examiner’s finding that Smith discloses “responsive to said receiving [of a request from a peer network device], establishing, by the network device, the VPN connection [between the network device and the peer network device].” Final Act. 4–5. As Examiner finds, in Smith, “[the] user is connected to [the] VPN based on entry on [the] GUI when the required entries matching with stored data in [the] management portal.” Id. (citing Smith, Fig. 3, ¶¶ 63–64). That is, as the Examiner finds, Smith teaches that, responsive to receiving entries matching stored data in management portal 104, the VPN connection is established between network devices. Although we agree with the Examiner that, in Smith, “a GUI that is displayed on a local network device . . . is used to add a local network device . . . to [the] VPN to submit information to management portal [104]” (Answer 7 (citing Smith ¶¶ 60–63)), we disagree that management portal 104 “is a peer network device.” Id. As Appellant argues, “the GUI taught by Smith is associated with a management portal,” wherein “it should be clear that Smith’s management portal is not a ‘peer’ network device” but “a separate server for receiving information regarding the parameters of the desired VPN and for relaying that information to appropriate management servers.” Appeal Br. 13 (citing Smith ¶ 61, Fig. 1 (emphasis omitted)). Appeal 2018-008275 Application 15/453,022 9 Accordingly, we agree with Appellant that, in Smith, “the establishment of the VPN connection between the network device [118a] and the peer network device[, e.g. network device 118d,] cannot be reasonable said to be responsive to a request received from a peer network device [118d],” as required by claim 1. Appeal Br. 13. Furthermore, there is no showing by the Examiner that Jain cures the deficiencies of Smith. Consequently, constrained by the record before us, we find that the Examiner erred in finding the combination of Smith and Jain teaches or suggests Appellant’s claim 1 and the similarly recited limitations in independent claim 11. We also reverse the Examiner’s rejection of claims 2, 4, 5, 7–10, 12, 14, 15, and 17–20 depending respectively from claims 1 and 11 and thus falling therewith, over Smith and Jain. The Examiner does not show that the additionally cited Yang reference overcomes the aforementioned deficiencies of the base combination of Smith and Jain discussed above, and accordingly, we also reverse the Examiner’s rejection of claims 3, 6, 13, and 16, depending respectively from claims 1 and 11, and thus falling therewith, over Smith and Jain, in further view of Yang. IV. CONCLUSION We reverse the Examiner’s rejections of claims 1–20 under pre-AIA 35 U.S.C. § 103(a). Appeal 2018-008275 Application 15/453,022 10 V. DECISION SUMMARY Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1, 2, 4, 5, 7– 12, 14, 15, 17–20 103(a) Smith, Jain 1, 2, 4, 5, 7– 12, 14, 15, 17–20 3, 6, 13, 16 103(a) Smith, Jain, Yang 3, 6, 13, 16 Overall Outcome: 1–20 VI. TIME PERIOD FOR RESPONSE No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). REVERSED