13803871 - (D) (P.T.A.B. May. 28, 2019)

Ex Parte Xie et al

Patent Trials and Appeals BoardMay 28, 2019

13803871 - (D) (P.T.A.B. May. 28, 2019)

UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE FIRST NAMED INVENTOR 13/803,871 03/14/2013 Michael Xie 64128 7590 05/30/2019 MICHAEL A DESANCTIS JAFFERY WATSON MENDONSA & HAMILTON LLP 7501 Village Square Drive, Ste. 206 Castle Pines, CO 80108 UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. FORT-009100 2273 EXAMINER AMORIN, CARLOS E ART UNIT PAPER NUMBER 2498 NOTIFICATION DATE DELIVERY MODE 05/30/2019 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): mdesanctis@hdciplaw.com eofficeaction@appcoll.com mike.desanctis@jwrnhlaw.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte MICHAEL XIE and XIN GU Appeal2018-006476 Application 13/803,871 1 Technology Center 2400 Before STEPHEN C. SIU, DAVID M. KOHUT, and BETH Z. SHAW, Administrative Patent Judges. KOHUT, Administrative Patent Judge. DECISION ON APPEAL Appellants seek our review, under 35 U.S.C. Â§ 134(a), of the Examiner's Non-Final Rejection2 of claims 50-54 and 56-60. 3 We have jurisdiction under 35 U.S.C. Â§ 6(b). We REVERSE and enter a NEW GROUND OF REJECTION under 37 C.F.R. Â§ 41.50(b). 1 According to Appellants, the real party in interest is Fortinet, Inc. Br. 4. 2 The Non-Final Rejection mailed on March 13, 2017 is the third rejection of the pending claims. 3 Claims 1--49, 55, and 61 have been previously cancelled. Br. 6. Appeal2018-006476 Application 13/803,871 INVENTION The present invention is a system for providing notifications to users within a protected network. Spec. ,r 5. The system includes a filtering device that makes a determination whether to block or allow a request originating on an application running on a client device. Id. If the filtering device blocks the request, a notification is provided to a user of the client device regarding the determination by causing the application to display a predefined message. Id. Claim 50 is illustrative and reproduced below. 50. A method comprising: establishing a communication channel between an endpoint protection suite running on a client device associated with a protected network and a network security device within the protected network, wherein the endpoint protection suite protects the client device and the protected network by ensuring the client device complies with security requirements of the protected network and performs security features including one or more of antivirus scanning, antispam detection and web content filtering, wherein the network security device comprises a filtering device, a network gateway device or a unified threat management (UTM) appliance that protects the client device and the protected network by performing firewall functionality and wherein the communication channel is for communicating information regarding policy violations associated with requests issued by the client device directed to servers external to the protected network and detected by the network security device; receiving, by a proxy module running within the network security device, a request originated by an application running on the client device and directed to a server external to the protected network; determining, by the proxy module, an action to take on the request based on a firewall policy of a plurality of firewall policies that matches a source Internet Protocol (IP) address, a 2 Appeal2018-006476 Application 13/803,871 destination IP address and a protocol associated with the request; when the determined action is to allow the request, then allowing, by the proxy module, the request to be forwarded by the network security device to the destination IP address; when the determined action is to block the request, then: dropping, by the network security device, the request; obtaining, by the proxy, a predetermined notification message of a plurality of predetermined notification messages based on the matching firewall policy; and notifying, by the proxy, a user of the client device regarding the determined action by sending, via the communication channel, the predetermined notification message to the endpoint protection suite, which causes the predetermined notification message to be displayed to the user by embedding the predetermined notification message into a toolbar presented within the application. REJECTIONS Claims 50, 51, 53, 54, 56, 57, 59, and 60 stand rejected under 35 U.S.C. Â§ I03(a) as unpatentable over Mullick et al. (US 8,869,262 B2 iss. Oct. 21, 2014) ("Mullick") and Surasathian (US 2011/0247073 Al; publ. Oct. 6, 2011) ("Surasathian"). Non-Final Act. 3-9. Claims 52 and 58 stand rejected under 35 U.S.C. Â§ I03(a) as unpatentable over Mullick, Surasathian, and Groll et al. (US 2009/132718 Al; publ. May 21, 2009) ("Groll"). Non-Final Act. 9-10. 3 Appeal2018-006476 Application 13/803,871 ANALYSIS 1. Claims 50, 51, 53, 54, 56, 57, 59, and 60 Independent claims 50 and 56 require "an endpoint protection suite" that "performs security features including one or more of antivirus scanning, antispam detection and web content filtering." The Examiner finds that Mullick discloses an endpoint protection suite that performs web content filtering by teaching a client agent that intercepts a request of a client application and determines whether to allow transmission of the intercepted request based on an application routing table. Non-Final Act. 4 (citing Mullick 27:45--49, 61-67). The Examiner construes web content filtering as "the filtering of web content," and explains that Mullick's client application may be a browser or web-based client and thus, Mullick's client agent performs web content filtering because it "can control access requests by a web browser." Ans. 11 (citing Mullick 7:21-28). Appellants disagree that Mullick's client agent performs web content filtering and argue that a person of ordinary skill in the art would understand "web content filtering" as screening of an incoming Web page to determine whether some or all of it should not be displayed to the user. Web content filtering involves checking the origin ( e.g., the domain or URL) and/or content of the Web page against a set of rules to make a filtering determination. Br. 15-16. Appellants argue that the Examiner has relied upon a client agent that "may determine not to transmit the intercepted request based on the application routing table 400." Br. 15. For that reason, Appellants argue that "Mullick teaches blocking applications (precluding network access by certain applications whose identifiers are included in the application 4 Appeal2018-006476 Application 13/803,871 routing table 400) - not filtering particular types/ categories of web content or web pages that are impermissible." Id. at 16. We are persuaded that the Examiner has not adequately shown that Mullick' s client agent performs web content filtering. At most, the Examiner has demonstrated that Mullick' s client agent can control access requests by a web browser. Non-Final Act. 4. That is, the access controlled by Mullick is a determination whether or not to transmit a web browser request based on an application routing table. Br. 16. Such a determination does not filter, or even consider, the content of a web page. See Br. 16. Instead, the determination merely checks whether a web browser is authorized for access to a network or server. Br. 16. Under either the Examiner's or Appellants' proposed construction of the term, we do not consider controlling a web browser's access to the network to constitute web content filtering because it does not filter any web content. Therefore, we agree with Appellants (Br. 15) that Mullick's client agent does not perform web content filtering and instead, performs a type of application control based upon an application routing table. While the Examiner's analysis does not sufficiently show where the references teach the security feature of web content filtering, we find that Mullick teaches one of the alternate security features, as claimed in claims 50 and 56. Specifically, Mullick teaches clients that include antivirus software and anti-spam software. Mullick, 25:15-24. As our analysis deviates from the Examiner's rejection, we designate our analysis to be a new ground of rejection of claims 50 and 56 under 35 U.S.C. Â§ 103(a) over Mullick and Surasathian. In light of the new ground of rejection, we leave it 5 Appeal2018-006476 Application 13/803,871 to the Examiner to determine whether the dependent claims should be rejected for obviousness based on the prior art. DECISION The Examiner's decision rejecting claims 50-54 and 56-60 is reversed. We enter a New Ground of Rejection for claims 50 and 56 under 35 U.S.C. Â§ 103(a) as obvious over the combination of Mullick and Surasathian. TIME PERIOD This decision contains new grounds of rejection pursuant to 37 C.F.R. Â§ 4I.50(b). 37 C.F.R. Â§ 4I.50(b) provides "[a] new ground of rejection pursuant to this paragraph shall not be considered final for judicial review." 37 CPRÂ§ 41.50(b) also provide that the appellants, WITHIN TWO MONTHS FROM THE DATE OF THE DECISION, must exercise one of the following two options with respect to the new ground of rejection to avoid termination of the appeal as to the rejected claims: ( 1) Reopen prosecution. Submit an appropriate amendment of the claims so rejected or new evidence relating to the claims so rejected, or both, and have the matter reconsidered by the examiner, in which event the proceeding will be remanded to the examiner .... (2) Request rehearing. Request that the proceeding be reheard underÂ§ 41.52 by the Board upon the same record .... No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. Â§ 1.136(a)(l)(iv). 6 Appeal2018-006476 Application 13/803,871 REVERSED 37 C.F.R. Â§ 4I.50(b) 7