Avi CheslaDownload PDFPatent Trials and Appeals BoardOct 1, 201914035367 - (D) (P.T.A.B. Oct. 1, 2019) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/035,367 09/24/2013 Avi CHESLA RADW P0097 1067 122066 7590 10/01/2019 M&B IP Analysts, LLC 500 Headquarters Plaza Morristown, NJ 07960-7070 EXAMINER CALLAHAN, PAUL E ART UNIT PAPER NUMBER 2437 NOTIFICATION DATE DELIVERY MODE 10/01/2019 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): eofficeaction@appcoll.com michael.benshimon@gmail.com pair@mb-ip.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte AVI CHESLA ____________________ Appeal 2018-007850 Application 14/035,3671 Technology Center 2400 ____________________ Before DEBRA K. STEPHENS, DANIEL J. GALLIGAN, and DAVID J. CUTITTA II, Administrative Patent Judges. STEPHENS, Administrative Patent Judge. DECISION ON APPEAL Appellant appeals under 35 U.S.C. § 134(a) from a final rejection of claims 1–27, which are all of the claims pending in the application. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies the real party in interest is RADWARE, LTD. (App. Br. 3). Appeal 2018-007850 Application 14/035,367 2 CLAIMED SUBJECT MATTER According to Appellant, the claims are directed to an escalation security policy in a software defined network (SDN) (Abstract). Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A method for performing an escalation security policy in a software defined network (SDN), the method being performed by a central controller of the SDN, comprising: receiving at least one attack indication performed against at least one destination server; when it is determined, based on the at least one attack indication, that an attack is underway against the at least one destination server, for each client sending traffic to the at least one destination server: determining a risk state for a user of the each client of the clients, wherein the risk state indicates a state of risk from amongst more than two possible states; obtaining an escalation security policy for the determined risk state of the user, wherein the escalation security policy defines a sequence of at least one challenge action for challenging each of the clients, an order and at least one condition for execution of the sequence of at least one challenge action; and programming one or more network elements of the SDN to divert incoming traffic from the each client to at least one of security servers connected to the SDN that is configured to perform the at least one challenge action. REFERENCES The prior art relied upon by the Examiner in rejecting the claims on appeal is: Rayes et al. Pasko US 2005/0086502 A1 US 2006/0282891 A1 Apr. 21, 2005 Dec. 14, 2006 Appeal 2018-007850 Application 14/035,367 3 Tourrilhes et al. Hoefelmeyer et al. Bhogavilli et al. Leong et al. Porras et al. US 2011/0273988 A1 US 2012/0005756 A1 US 2012/0174196 A1 US 2013/0265886 A1 US 2014/0075519 A1 Nov. 10, 2011 Jan. 5, 2012 July 5, 2012 Oct. 10, 2013 Mar. 13, 2014 REJECTIONS Claims 1, 4, 14–18, 20–22, 24, and 26 stand rejected under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, and Rayes (Final Act. 9–15). Claims 5–11 and 19 stand rejected under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, Rayes, and Pasko (id. at 15–18). Claims 12 and 13 stand rejected under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, Rayes, and Porras (id. at 18–20). Claims 2 and 3 stand rejected under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, Rayes, and Hoefelmeyer (id. at 20– 21). Claims 23, 25, and 27 stand rejected under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, Rayes, and Tourrilhes (id. at 21–23). Our review in this appeal is limited only to the above rejections and the issues raised by Appellant. Arguments not made are waived (see MPEP § 1205.02; 37 C.F.R. §§ 41.37(c)(1)(iv)). ISSUE 1 35 U.S.C. § 103: Claims 1–4, 12–18, and 20–26 Appellant contends their invention as recited in claims 1, 4, 14–18, 20–22, 24, and 26, is patentable over Bhogavilli, Leong, and Rayes (App. Br. 8–29). The issues presented by the arguments are: Appeal 2018-007850 Application 14/035,367 4 Issue 1a: Has the Examiner shown the combination of Bhogavilli and Leong teaches or suggests “an escalation security policy in a software defined network (SDN), the method being performed by a central controller of the SDN, comprising . . . obtaining an escalation security policy for the determined risk state of the user,” as recited in claim 1 and similarly recited in claims 22 and 24? Issue 1b: Has the Examiner shown the combination of Bhogavilli, Leong, and Rayes teaches or suggests “in a software defined network . . . determining a risk state for a user of the each client of the clients, wherein the risk state indicates a state of risk from amongst more than two possible states,” as recited in claim 1 and similarly recited in claims 22 and 24? Issue 1c: Has the Examiner improperly combined Bhogavilli, Leong, and Rayes? ANALYSIS Issue 1a Appellant contends the Examiner erred in finding Bhogavilli and Leong teaches “an escalation security policy in a software defined network (SDN), the method being performed by a central controller of the SDN, comprising . . . obtaining an escalation security policy for the determined risk state of the user,” as recited in claim 1 and similarly recited in claims 22 and 24 (App. Br. 10–16; Reply Br. 5–14). Specifically, Appellant argues that Leong’s cluster manager, which includes a processing unit, “is not a central controller of an SDN” (App. Br. 11–12 (citing Leong ¶ 108) (emphasis omitted); see Reply Br. 5–9). Further, Appellant argues “Leong merely mentions that a software defined network has a controller,” but Appeal 2018-007850 Application 14/035,367 5 “Leong does not appear to teach that an escalating security policy is being implemented by the central controller” (App. Br. 10 (emphasis omitted); Reply Br. 5). Still further, Appellant argues “even if, arguendo, [Leong’s] processing unit 142 [of the cluster manager] is a central controller of a SDN as suggested by the Examiner . . . there is no teaching or suggestion that it performs all of the steps” claimed (App. Br. 13–14 (emphasis omitted); see Reply Br. 8). Even further, Appellant argues Bhogavilli does not teach “that the method be performed entirely by a controller of a SDN” (App. Br. 14–15 (emphasis omitted)). We are not persuaded. The Examiner finds, and we agree, Bhogavilli teaches “obtaining an escalation security policy for the determined risk state of the user” (Final Act. 9). To support that finding, the Examiner relies on (id.) Bhogavilli’s description of “[m]onitoring servers 145 [that] may monitor application servers 135 for the purpose of determining whether . . . application servers 135 are functioning in a non-normal manner that may indicate the presence of a DoS attack” (Bhogavilli ¶ 24). Further, “[o]nce a DoS attack on application servers 130 is detected” (id. ¶ 26), Bhogavilli uses an “HTTP redirect client-challenge mechanism [to] reduce the amount of traffic directed at application server 330 to a sufficient threshold”; when “the HTTP redirect client-challenge mechanism does not reduce the traffic to a sufficient threshold, proxy server 320 may apply one or more additional client-challenge mechanisms . . . in an incremental fashion until a workable threshold is achieved” (id. ¶ 51). The Examiner further finds, and we agree, Leong teaches a “security policy in a software defined network (SDN), the method being performed by a central controller of the SDN” (Final Act. 10). To support that finding, the Examiner relies on (id.) Leong’s description of Appeal 2018-007850 Application 14/035,367 6 “processing unit 142 . . . used to implement the cluster manager 18,” which “provides . . . central management for all components (including other network switch devices 100), functions, and tasks within the [network] cluster 12” (Leong ¶ 108). Those functions include network “monitoring and security infrastructure” (id. ¶ 90). Further, Leong describes that its teachings can be applied “in software-defined networks” (id. ¶ 113). Appellant’s arguments that Leong’s cluster manager, or the processor of the cluster manager, do not teach or at least suggest a “method being performed by a central controller of the SDN” (App. Br. 11–12; see Reply Br. 5–9) are not persuasive. Leong describes its network features are applicable to “software-defined networks” (Leong ¶ 113). As such, Leong’s cluster manager performs “central management for all components . . . functions, and tasks” (id. ¶ 108) in software defined networks. Therefore, Leong teaches, or at least suggests, its cluster manager and associated processor teaches a security “method being performed by a central controller for the SDN.” Appellant points out additional features of Leong’s cluster manager, e.g., that the cluster manager is a network switch device or that the cluster manager can be provided by a mobile device (Reply Br. 5–10; App. Br. 11–13), but neither the claims nor the Specification preclude the central controller of the software defined network from including those additional features. And, although Appellant argues “the management function of a cluster manager does not make the cluster manager into the central controller of a SDN” (App. Br. 12 (emphasis omitted)), Appellant does not explain why a cluster manager performing central management for all components, functions, and tasks in a software defined network does not teach a “method Appeal 2018-007850 Application 14/035,367 7 being performed by a central controller for the SDN” within the meaning of the claims. Further, Appellant’s arguments that “Leong does not appear to teach that an escalating security policy is being implemented by the central controller” (App. Br. 10 (emphasis omitted)), that Leong’s cluster manager and associated processing unit do not “perform[] all of the steps” recited (App. Br. 15–16; Reply Br. 5), and that Bhogavilli does not teach “the method be performed entirely by a controller of a SDN” (App. Br. 15 (emphasis omitted)) inappropriately attack Bhogavilli and Leong individually when the Examiner’s rejection is based on the combination of Bhogavilli and Leong (In re Keller, 642 F.2d 413, 426 (CCPA 1981) (citation omitted)). The Examiner relies on Bhogavilli, not Leong, to teach an escalating security policy that includes the claimed steps of “determining a risk state, obtaining an escalation security policy, and programming one or more network elements . . . to divert incoming traffic” (Final Act. 9). Further, the Examiner relies on Leong, teaching a “method being performed by a central controller for the SDN,” in combination with the escalating security policy steps taught by Bhogavilli, to teach “an escalation security policy in a software defined network (SDN), the method being performed by a central controller of the SDN” (Final Act. 10). Appellant points out certain claim limitations each reference by itself fails to teach; however, highlighting limitations missing from an individual reference does not persuade us of Examiner error when the Examiner combines the references to teach the claimed subject matter. Accordingly, we are not persuaded the Examiner erred in finding the combination of Bhogavilli and Leong teaches “an escalation security policy Appeal 2018-007850 Application 14/035,367 8 in a software defined network (SDN), the method being performed by a central controller of the SDN, comprising . . . obtaining an escalation security policy for the determined risk state of the user,” as recited in claim 1 and similarly recited in claims 22 and 24. Issue 1b Appellant contends the Examiner erred in finding Bhogavilli, Leong, and Rayes teach “in a software defined network . . . determining a risk state for a user of the each client of the clients, wherein the risk state indicates a state of risk from amongst more than two possible states” as recited in claim 1 and similarly recited in claims 22 and 24 (App. Br. 16–24; see Reply Br. 14–20). Specifically, Appellant argues “Rayes is not a software defined network system” (App. Br. 16 (emphasis omitted)). Further, Appellant argues, based on the more than two possible risk states, “[t]here is no recognition in Rayes of an escalating security policy . . . which employs a sequence of challenge actions” (App. Br. 19 (emphasis omitted); Reply Br. 15). Still further, Appellant argues “there are only two possible states for clients in Bhogavilli” and “Leong mentions only ‘low risk’ and ‘high risk,’” but the claims “require[] that it be possible for the risk state to be more than simply two states” (App. Br. 20–21 (emphasis omitted); Reply Br. 17). We are not persuaded. The Examiner finds, and we agree, Bhogavilli teaches “determining a risk state for a user of the each client of the clients” and a sequence of challenge actions for the determined risk state (Final Act. 9–10). As discussed above, “[o]nce a DoS attack on application servers 130 is detected” (Bhogavilli ¶ 26), Bhogavilli uses an “HTTP redirect client- challenge mechanism [to] reduce the amount of traffic directed at application server 330 to a sufficient threshold” and “may apply one or more Appeal 2018-007850 Application 14/035,367 9 additional client-challenge mechanisms . . . in an incremental fashion until a workable threshold is achieved” (id. ¶ 51). Further, the Examiner finds, and we agree, Rayes teaches a “risk state for a user . . . indicates a state of risk from amongst more than two possible states” (Final Act. 10). To support that finding, the Examiner relies on (id.) Rayes’s description of “a user risk assessment [or] an alert level assessment,” e.g., “states such as low, medium, high, and critical” (Rayes ¶ 39). Appellant’s arguments are not persuasive because those arguments point out claim features missing from one reference, but the Examiner relies on another reference, or the combination of references, to teach those missing claim features. Specifically, Appellant’s argument that “Rayes is not a software defined network system” (App. Br. 16 (emphasis omitted)) is not persuasive because, as discussed above, the Examiner relies on Leong to teach a software defined network (Final Act. 10). Further, Appellant’s argument that “[t]here is no recognition in Rayes of an escalating security policy based on the determined multiple risk states of the user which employs a sequence of challenge actions” (App. Br. 19 (emphasis omitted)) is not persuasive because the Examiner relies on Bhogavilli, not Rayes, to teach an escalating security policy defining a sequence of challenge actions (Final Act. 9). Still further, Appellant’s arguments that neither Bhogavilli nor Leong teach more than two risk states for a user (App. Br. 20–21) is not persuasive because the Examiner relies on Rayes to teach more than two risk states for a user (Final Act. 10–11). Furthermore, Appellant’s argument that “the alleged escalation security policy of Bhogavilli is not determined for the risk state of the user but by the traffic level” (Reply Br. 18–19 (emphasis omitted); App. Br. 20) inappropriately attacks Bhogavilli individually when Appeal 2018-007850 Application 14/035,367 10 the Examiner’s rejection is based on the combination of Bhogavilli’s teachings and Rayes’s teachings, namely, Rayes’s teaching of “a risk state for a user . . . from amongst more than two possible states” (Final Act. 10– 11 (citing Rayes ¶ 39)). Accordingly, we are not persuaded the Examiner erred in finding the combination of Bhogavilli, Leong, and Rayes teaches “in a software defined network . . . determining a risk state for a user of the each client of the clients, wherein the risk state indicates a state of risk from amongst more than two possible states,” as recited in claim 1 and similarly recited in claims 22 and 24. Issue 1c Appellant contends the Examiner improperly combined Bhogavilli, Leong, and Rayes (App. Br. 24–28; Reply Br. 20–23). Appellant presents a number of arguments throughout the Appeal and Reply Briefs (see generally App. Br. 10–28, Reply Br. 5–23), none of which persuades us the Examiner improperly combined the references. The Examiner determines one of ordinary skill in the art would have been motivated to combine Bhogavilli and Leong to “allow the use of [a] system to determine network security policies to apply to users of various risk levels in network architectures . . . and thereby increase the utility of [the] system” (Final Act. 10). The Examiner also determines one of ordinary skill in the art would have been motivated to combine Bhogavilli, Leong, and Rayes to “allow a network administrator more options and finer grain control over [the] response to a risk state associated with [a] source” (id. at 10–11). Appeal 2018-007850 Application 14/035,367 11 Turning to Appellant’s first argument, we are not persuaded the Examiner engages in “improper hindsight” to combine the references (App. Br. 21, 24, 26; Reply Br. 17, 20–21). Rather than using hindsight to combine the references, the Examiner articulates reasons to combine the references supported by rational underpinning (KSR International Co. v. Teleflex Inc. (KSR), 550 U.S. 398, 418 (2007)). In particular, we determine an ordinarily skilled artisan would have found it rational to extend Bhogavilli’s escalation security policy to an additional type of network, namely, the software defined networks taught by Leong, because doing so adds a known network security technique to software defined networks. We further determine an ordinarily skilled artisan would have found it rational to measure a threat by using more than two risk states in order to provide “more options and finer grain control over [the] response to a risk” (Final Act. 10–11) because doing so allows a tailored response to a threat commensurate with the severity of the threat. Further, we disagree with Appellant’s argument that “increas[ing] the utility of the system” is “not a true motivation” (App. Br. 26; Reply Br. 21). The Supreme Court has stated “if a technique has been used to improve one device, and a person of ordinary skill in the art would recognize that it would improve similar devices in the same way, using the technique is obvious” (KSR, 550 U.S. at 417). Accordingly, “increas[ing] the utility of a system,” i.e., improving the system, is a “true” motivation. Here, the Examiner improves a similar device, i.e., the software defined network taught by Leong, using a known technique, i.e., the escalating security policy taught by Bhogavilli. Appeal 2018-007850 Application 14/035,367 12 Still further, we are not persuaded by Appellant’s arguments that Bhogavilli, Leong, and Rayes cannot be combined because the respective computer networks and features described in the references are “very different” or are otherwise “not compatible” (App. Br. 16, 18, 21, 24, 27; Reply Br. 12–14, 17, 20–21). First, the premise of Appellant’s arguments, that the references are “very different” or “not compatible,” is supported only by attorney argument, which “cannot take the place of evidence” (In re Pearson, 494 F.2d 1399, 1405 (CCPA 1974)). Appellant’s arguments particularly rely on the distinction between software defined networks and non-software defined networks but provide no explanation or evidence that those networks are “very different” or are somehow “not compatible.” In fact, contrary to Appellant’s assertion that software defined networks and non-software defined networks are incompatible or that it would be unduly burdensome to combine features of those two network types, Leong simply applies its network features to different networks, including software defined networks (Leong ¶ 113). “A person of ordinary skill is . . . a person of ordinary creativity, not an automaton” (KSR, 550 U.S. at 421), and, in light of Leong’s disclosure of applying network features to software defined networks and non-software defined networks, we determine it would have been within the ability of a person of ordinary skill to combine features from software defined networks and non-software defined networks. Appellant next argues “Bhogavilli teaches the use of only two states, and . . . appears to have no use for and no ability to use more than two states” (App. Br. 17–18 (emphasis omitted); Reply Br. 13). This argument is not persuasive because it does not address the Examiner’s stated motivation. The Examiner’s stated motivation explains why the skilled Appeal 2018-007850 Application 14/035,367 13 artisan would have modified Bhogavilli to include multiple risk states — to “allow a network administrator more options and finer grain control over [the] response to a risk state” (Final Act. at 10–11). Appellant additionally argues “the nature of the risk states in Rayes is different from the risk states in Bhogavilli and Leong” because in Bhogavilli and Leong, “the states [are during] the time of the attack,” but, “in Rayes, the user risk state is essentially a long term historical measurement based on prior actions” (App. Br. 18 (emphasis omitted); Reply Br. 14). This argument also is not persuasive because it inappropriately requires the bodily incorporation of features the Examiner’s combination does not rely on or require (see In re Sneed, 710 F.2d 1544, 1550 (Fed. Cir. 1983) (“[I]t is not necessary that the inventions of the references be physically combinable to render obvious the invention under review.”))). The Examiner relies on Rayes to teach more than two risk states for a user, but the combination does not incorporate the historical measurement of risk states (Final Act. 10–11). Further, Appellant’s argument that “Rayes is constantly determining the user risk state” and “performing a constant evaluation as is done by Rayes wastes resources and is inefficient” (App. Br. 18 (emphasis omitted); Reply Br. 14) does not persuade us the Examiner’s combination is flawed. Even if Rayes constantly determines the risk state, the advantages of granular risk assessment that the Examiner points out (Final Act. 10–11), still reasonably support the combination because, where a “given course of action often has simultaneous advantages and disadvantages,” such trade- offs “do[] not necessarily obviate motivation to combine” (Allied Erecting v. Genesis Attachments, 825 F.3d 1373, 1381, (Fed. Cir. 2016)). Appeal 2018-007850 Application 14/035,367 14 Further, none of Appellant’s arguments that the prior art “teaches away” from the combination is persuasive (App. Br. 16, 19, 21, 23; Reply Br. 13, 15–16, 19). To teach away, a reference must “criticize, discredit, or otherwise discourage the solution” (In re Fulton, 391 F.3d 1195, 1201 (Fed. Cir. 2004)). However, Appellant’s arguments merely point out differences in the prior art, e.g., Appellant argues because “all Bhogavilli appears to know is to drop all packets from an identified attacker or to allow all packets through from a non-attacker,” then Bhogavilli teaches away from more than two risk states (App. Br. 16; see id. 19, 21, 23; see also Reply Br. 13, 15– 16, 19). Appellant does not identify where any reference criticizes, discredits, or otherwise discourages implementing escalating security policies in software defined networks or using more than two risk states. Accordingly, we are not persuaded the Examiner erred in finding the combination of Bhogavilli, Leong, and Rayes teaches or suggests the limitations as recited in independent claim 1 and independent claims 22 and 24, not separately argued, or the Examiner erred in combining the teachings of Bhogavilli, Leong, and Rayes. It follows, we sustain the Examiner’s rejection of claim 1 and claims 2–4, 12–18, and 20–26, which Appellant argues are patentable for similar reasons (see App. Br. 28–29, 31–33; 37 C.F.R. § 41.37(c)(1)(iv)). ISSUE 2 35 U.S.C. § 103: Claims 5–11 and 19 Appellant contends their invention as recited in claims 5–11 and 19, is patentable over Bhogavilli, Leong, Rayes, and Pasko (App. Br. 29–31). The issue presented by the arguments is: Appeal 2018-007850 Application 14/035,367 15 Issue 2: Has the Examiner shown the combination of Bhogavilli, Leong, Rayes, and Pasko teaches or suggests SDN “central controller . . . programming so as to divert the incoming traffic to different ones of the security servers according to the order of execution of the sequence of the at least one action and the condition defined in the respective execution security policy,” as recited in claim 5? ANALYSIS Appellant contends the Examiner erred in finding Pasko teaches or suggests SDN “central controller . . . programming so as to divert the incoming traffic to different ones of the security servers according to the order of execution of the sequence of the at least one action and the condition defined in the respective execution security policy,” as recited in claim 5 (App. Br. 29–31; Reply Br. 22–23). Specifically, Appellant argues “Pasko does not teach an SDN” and instead teaches a content delivery network (App. Br. 30 (emphasis omitted); Reply Br. 23). Appellant further argues Pasko “use[s] a fixed sending of the traffic, rather than one that is programmed by a central controller of an SDN” (App. Br. 30 (emphasis omitted); Reply Br. 23). We are not persuaded. As discussed above, we agree with the Examiner’s finding that the combination of Bhogavilli and Leong teaches an escalation security policy performed by a central controller of an SDN (Final Act. 9–10, 15). Further, the Examiner finds, and we agree, Bhogavilli teaches “programming one or more network elements of the SDN to divert incoming traffic” (Final Act. 15). The Examiner supports that finding (id.) by relying on Bhogavilli’s description of “diverting traffic intended for one or more application servers to a mitigation site for filtering the traffic in the Appeal 2018-007850 Application 14/035,367 16 event of a DoS attack” (Bhogavilli ¶ 26). The Examiner further relies on (Final Act. 15–16) Pasko’s description of “[w]hen [network] traffic cannot be understood or processed . . . send the traffic to a second device” and “[w]hen the traffic is malicious, a mitigation service may be initiated” such that “traffic may be redirected to a third device” (Pasko ¶¶ 81–83). Thus, we agree with the Examiner that the combination of Bhogavilli, Leong, and Pasko teaches SDN “central controller . . . programming so as to divert the incoming traffic to different ones of the security servers according to the order of execution of the sequence of the at least one action and the condition defined in the respective execution security policy” (Final Act. 16). Appellant’s argument that Pasko does not teach an SDN (App. Br. 30) is unpersuasive because that argument does not address the Examiner’s combination of Bhogavilli and Leong to teach an SDN (Final Act. 10–11, 15). Further, Appellant’s argument that Pasko “use[s] a fixed sending of the traffic, rather than one programmed by a central controller of an SDN” (App. Br. 30 (emphasis omitted); Reply Br. 23) inappropriately attacks Pasko individually when the Examiner’s rejection is based on the combination of Bhogavilli, Leong, and Pasko (Keller, 642 F.2d at 426 (citation omitted)). In particular, Appellant does not persuasively address the Examiner’s combination, which relies on Bhogavilli, which teaches “programming so as to divert incoming traffic,” and Pasko, describing a “hierarchy” of different security servers to which traffic is diverted, to teach the disputed limitation (Final Act. 15–16). Appeal 2018-007850 Application 14/035,367 17 Additionally, Appellant’s arguments that the Examiner improperly combined Bhogavilli, Leong, Rayes, and Pasko (App. Br. 30 (emphasis omitted); Reply Br. 23) are similar to arguments presented regarding claim 1 and are similarly not persuasive. In particular, Appellant’s argument that combining the network features taught by Pasko with a software defined network “require[s] undue modification of the references” (App. Br. 30) is not supported by any evidence or explanation why undue modification is required. As discussed above, Leong suggests applying network teachings to software defined networks and non-software defined networks is within the ability of the ordinarily skilled artisan. Further, Appellant’s argument that there is “motivation . . . against” the combination of Pasko’s network with a software defined network (App. Br. 30 (emphasis omitted); Reply Br. 23) is not supported by any citation showing where the references “criticize, discredit, or otherwise discourage” combining non-software defined networks and software defined networks (Fulton, 391 F.3d at 1201). Accordingly, we are not persuaded the Examiner erred in finding the combination of Bhogavilli, Leong, Rayes, and Pasko teaches or suggests the limitations as recited in claim 5 or the Examiner erred in combining the teachings of Bhogavilli, Leong, Rayes, and Pasko. It follows, we sustain the Examiner’s rejection of claim 5, and claims 6–11 and 19, which Appellant argues are patentable for similar reasons (see App. Br. 31; 37 C.F.R. § 41.37(c)(1)(iv)). DECISION The Examiner’s rejection of claims 1, 4, 14–18, 20–22, 24, and 26 under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, and Rayes is affirmed. Appeal 2018-007850 Application 14/035,367 18 The Examiner’s rejection of claims 5–11 and 19 under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, Rayes, and Pasko is affirmed. The Examiner’s rejection of claims 12 and 13 under 35 U.S.C. §103 as being unpatentable over Bhogavilli, Leong, Rayes, and Porras is affirmed. The Examiner’s rejection of claims 2 and 3 under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, Rayes, and Hoefelmeyer is affirmed. The Examiner’s rejection of claims 23, 25, and 27 under 35 U.S.C. § 103 as being unpatentable over Bhogavilli, Leong, Rayes, and Tourrilhes is affirmed. In summary: Claims Rejected Basis Affirmed Reversed 1, 4, 14–18, 20–22, 24, and 26 § 103 in view of Bhogavilli, Leong, and Rayes 1, 4, 14–18, 20–22, 24, and 26 5–11 and 19 § 103 in view of Bhogavilli, Leong, Rayes, and Pasko 5–11 and 19 12 and 13 § 103 in view of Bhogavilli, Leong, Rayes, and Porras 12 and 13 2 and 3 § 103 in view of Bhogavilli, Leong, Rayes, and Hoefelmeyer 2 and 3 23, 25, and 27 § 103 in view of Bhogavilli, Leong, Rayes, and Tourrilhes 23, 25, and 27 Overall Outcome § 103 1–27 Appeal 2018-007850 Application 14/035,367 19 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a) (see 37 C.F.R. § 41.50(f)). AFFIRMED Copy with citationCopy as parenthetical citation