Nicira, Inc.Download PDFPatent Trials and Appeals BoardFeb 2, 20212019006107 (P.T.A.B. Feb. 2, 2021) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/687,869 04/15/2015 Teemu Koponen N023.05.D1 (P0116DIV1) 1001 109858 7590 02/02/2021 ADELI LLP P.O. Box 516 Pacific Palisades, CA 90272 EXAMINER BELL, KALISH K ART UNIT PAPER NUMBER 2432 NOTIFICATION DATE DELIVERY MODE 02/02/2021 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): ipadmin@vmware.com mail@adelillp.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte TEEMU KOPONEN, RONGHUA ZHANG, PANKAJ THAKKAR, and MARTIN CASADO Appeal 2019-006107 Application 14/687,869 Technology Center 2400 Before ROBERT E. NAPPI, LARRY J. HUME, and MICHAEL T. CYGAN, Administrative Patent Judges. CYGAN, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Pursuant to 35 U.S.C. § 134(a), Appellant appeals from the Examiner’s decision to reject claims 22, 23, and 25–42, all of the claims pending in the application.1 Appeal Br. 25–29 (Claims App.). We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies the real parties in interest as VMware, Inc., and Nicira, Inc. Appeal Br. 2. Appeal 2019-006107 Application 14/687,869 2 CLAIMED SUBJECT MATTER The claimed invention generally relates to a system that allows several different logical firewalls to be specified for several different logical networks. Spec. 3:1–3. The logical firewall for a particular logical network is distributed across different physical machines that also host virtual machines of that logical network. Id. at 3:4–6. Each firewall analyzes received data packets, based on a stored set of rules, to determine whether the packets should be allowed through or rejected. Id. at 3:16–19. Independent claim 22 is illustrative: 22. For a firewall application operating on a physical machine, a method for implementing a distributed firewall for a logical network implemented across a plurality of managed forwarding elements, the method comprising: receiving a packet, from a managed forwarding element operating within the physical machine, through a software port between the managed forwarding element and the firewall application; identifying which of a plurality of sets of processing rules applies to the packet, wherein each set of processing rules is for implementing a different one of a plurality of distributed firewalls, wherein (i) each of the distributed firewalls is for a different one of a plurality of logical networks, (ii) each of the respective distributed firewalls is implemented by a respective plurality of firewall applications operating on a respective plurality of physical machines, (iii) each respective logical network logically connects a respective set of end machines operating on a respective plurality of physical machines, and (iv) each respective logical network is implemented by a respective plurality of managed forwarding elements operating on the respective plurality of physical machines; determining whether to allow the packet based on the identified set of processing rules; and Appeal 2019-006107 Application 14/687,869 3 when the packet is allowed, sending the packet back to the managed forwarding element through the software port. REFERENCES Name Reference Date Jain et al. (“Jain”) US 2003/0131116 A1 July 10, 2003 Wesinger, Jr. et al. (“Wesinger”) US 2007/0101421 A1 May 3, 2007 Trojanowski US 2009/0025077 A1 Jan. 22, 2009 Soundararajan US 2010/0125667 A1 May 20, 2010 Srinivasan et al. (“Srinivasan”) US 2011/0255538 A1 Oct. 20, 2011 REJECTIONS Claims 22, 23, 25–34, 36–40, and 42 are rejected under 35 U.S.C. § 103(a) as being obvious over the combination of Trojanowski, Srinivasan, Wesinger, and Soundararajan. Claims 35 and 41 are rejected under 35 U.S.C. § 103(a) as being obvious over the combination of Trojanowski, Srinivasan, Soundararajan, and Jain. OPINION We have reviewed the Examiner’s obviousness rejections in light of Appellant’s contentions that the Examiner has erred. See generally, Final Act.; Ans.; Appeal Br.; Reply Br. The issues presented by Appellant are whether the Examiner’s combination of references teaches or suggests each and every limitation of the claims on appeal, and whether the Examiner presents a sufficient reason to combine the references. Appeal Br. 6–8. We are not persuaded by Appellant’s arguments that the Examiner’s Appeal 2019-006107 Application 14/687,869 4 combination fails to teach or suggest any particular element of the claims. We begin our analysis with claim 22. 1. Examiner’s combination The Examiner finds Trojanowski to teach or suggest a firewall application operating on a physical machine having a method including the “identifying which of a plurality of sets of processing rules applies to the packet,” “determining whether to allow the packet,” and “when the packet is allowed, sending the packet back” steps of the claimed invention. That is, the Examiner finds Trojanowski to describe, for a firewall application (125) operating on a physical machine (120), a method of implementing a distributed firewall (151), the method comprising receiving a packet (340), identifying which of a plurality of sets of rules (145a…n) applies to the packet, where each set of rules is for implementing a different distributed firewall, and determining whether to allow the packet and sending it along if allowed (Figure 5). Final Act. 7–8. The Examiner relies on Srinivasan for teaching the receiving of a packet (616) from a managed forwarding element (630) within a physical machine (106) through a software port (612) between the managed forwarding element and the firewall application. Id. at 9 (citing Srinivasan Fig. 6A, ¶ 38). The Examiner further relies upon Srinivasan for teaching that each of the distributed firewalls (112) is for a different one of a plurality of logical networks (106). Id. (citing Srinivasan Fig. 1, ¶ 25). The Examiner also relies upon Srinivasan for teaching, when a packet is allowed, sending it back to the managed forwarding element through the software port (612). Id. (citing Srinivasan ¶ 38). Appeal 2019-006107 Application 14/687,869 5 The Examiner relies upon Wesinger for teaching that each set of processing rules (CN, Fig. 5) is for implementing a different one of a plurality of distributed firewalls (VHN, Fig. 5). Id. at 10. The Examiner relies upon Soundararajan for teaching that each respective logical network (102, Fig. 2) logically connects a respective set of end machines (200–206, Fig. 3A) operating on a respective plurality of physical machines, and is implemented by a plurality of respective managed forwarding elements (110, 114). Id. at 10–11 (citing Soundararajan ¶¶ 15– 17, 21, 24). The Examiner further relies upon Soundararajan for teaching application to a distributed computing environment across a plurality of physical machines. Id. at 11; Ans. 10. 2. Multiple distributed firewalls/physical machines First, Appellant argues that the combination does not teach or suggest multiple distributed firewalls, each being for a different logical network, that are each implemented by multiple firewall applications operating on multiple physical machines. Appeal Br. 6, 8. Appellant argues that Trojanowski discloses only a single firewall that is divided into discrete steps implemented in multiple modules within a security agent on a single host. Id. at 12. Appellant further argues that Srinivasan teaches separate, distinct firewalls for their respective servers, not distributed firewalls. Id. at 13. Appellant further argues that Wesinger teaches different virtual hosts executing on a single firewall physical machine (500), and are not distributed firewalls because they all execute on a single physical machine. Id. at 13–14. Appellant argues that the Examiner’s reliance on Soundararajan to teach or suggest application of distributed firewalls to multiple physical machines amounts to a change in the Examiner’s position Appeal 2019-006107 Application 14/687,869 6 from the Final Action, in which the Examiner cited Soundararajan only for limitations relating to the logical network. Reply Br. 9. Appellant further argues that the Examiner has ignored the claim limitation that each distributed firewall is implemented across multiple physical machines. Id. at 12. Appellant states, “a distributed firewall is not merely a firewall for which [a] configuration has been sent (distributed) to a host to implement a firewall or a set of separate firewalls spread out (distributed) throughout a physical network.” Reply Br. 8. Appellant argues that the claim language requires that the firewall be implemented on multiple machines. Id. at 10. We are not persuaded by this argument that none of the references, or their combination, teaches or suggests implementing a distributed firewall across multiple machines. The test for obviousness is “what the combined teachings of the references would have suggested to those of ordinary skill in the art.” In re Keller, 642 F.2d 413, 425 (CCPA 1981). Here, the Examiner relies upon a combination of, inter alia, Wesinger’s teaching of firewalls distributed among virtual machines, and Soundararajan’s teaching that a distributed computing environment may be across a plurality of physical machines. Appellant argues that Wesinger does not teach plural physical machines, and that Soundararajan was newly applied to firewalls, but has not explained why their combination does not teach or suggest the claimed “each of the respective distributed firewalls is implemented by a respective plurality of firewall applications operating on a respective plurality of physical machines.” Consequently, Appellant’s piecemeal arguments against the individual references are not persuasive. Appeal 2019-006107 Application 14/687,869 7 Nor are we persuaded by Appellant’s arguments against the Examiner’s reliance on Soundararajan’s teachings as related to multiple distributed firewalls, because they are allegedly newly presented in the Examiner’s Answer. The rules provide for seeking review of an alleged undesignated new ground of rejection in an Examiner’s Answer, and any such review “must be by way of a petition to the Director under § 1.181 of this title,” and be timely filed. 37 C.F.R. § 41.40 (2018). Because § 41.40 provides a separate and exclusive procedure for addressing alleged new findings and conclusions in an Examiner’s Answer, we are not persuaded by Appellant’s request in the Reply Brief to discount such alleged new positions by the Examiner. 3. Multiple logical networks/end machines Next, Appellant argues that the Examiner’s combination does not disclose or suggest multiple logical networks connecting sets of end machines on multiple physical machines. Appeal Br. 6, 14–15. Appellant argues against the Examiner’s reliance on Soundararajan’s ESX server 102 as the claimed logical network, and on ESX servers 200–206 as the claimed end machines connected by the logical network. Appeal Br. 15. Appellant argues that Soundararajan describes individual physical machines (servers) internally operating independent logical networks, not multiple physical machines, each operating at least one end machine, that are connected by a logical network that spans the multiple physical machines. Reply Br. 11. Appellant further argues against the Examiner’s interpretation of Srinivasan as teaching servers 106 that logically connect a set of end machines 110 operating on multiple physical machines, relying on the connectivity of the devices to show those logical connections. Id. Appellant Appeal 2019-006107 Application 14/687,869 8 argues that the Examiner has failed to explain how the end devices appear to be connected so as to read on the claimed limitations. Id. Appellant further argues that the Examiner has improperly changed position in the Examiner’s Answer. Id. at 11–12. With respect to the argument that Srinivasan, by itself, does not teach or suggest the claimed limitations, the Examiner does not rely on Srinivasan for the entirety of the disputed limitation. The Examiner states, “Trojanowski in view of Srinivasan does not explicitly disclose . . . each respective logical network logically connects a respective set of end machines operating on a respective plurality of physical machines,.” Final Act. 10. Further, although Appellant alleges a change of position in the Examiner’s Answer, Appellant has not followed the exclusive procedure set forth in 37 C.F.R. § 41.40 for seeking relief of alleged new arguments in an Examiner’s Answer. Accordingly, we are not persuaded by Appellant’s request in the Reply Brief to discount such alleged new arguments. With respect to the combined teachings of Soundararajan and Srinivasan, we are not persuaded that the Examiner’s combination does not teach or suggest multiple logical networks connecting sets of end machines on multiple physical machines. The test for obviousness is “what the combined teachings of the references would have suggested to those of ordinary skill in the art.” Keller, 642 F.2d at 425. Here, the Examiner relies upon a combination of, inter alia, Srinivasan’s teaching of servers 106 that logically connect a set of end machines 110 in a logical network having one of a plurality of distributed firewalls 112 (Final Act. 9; Srinivasan Fig. 1; Ans. 20), and Soundararajan’s teaching that end machines operating on a logical network can be implemented as operating on multiple physical Appeal 2019-006107 Application 14/687,869 9 machines (Final Act. 10; Ans. 19). Appellant has not persuasively explained why their combination does not teach or suggest the claimed “each respective logical network logically connects a respective set of end machines operating on a respective plurality of physical machines.” Consequently, we are not persuaded that the Examiner errs in finding the claimed combination to teach or suggest this limitation. 4. Multiple logical networks/forwarding elements Next, Appellant argues that the Examiner’s combination does not disclose or suggest multiple logical networks that are each implemented by multiple managed forwarding elements operating on multiple physical machines. Appeal Br. 6, 16. Appellant argues that the Examiner interprets the ESX servers in Soundararajan as corresponding to logical networks, and interprets two virtual switches 110 and 114 within the ESX server 102 as corresponding to the managed forwarding elements (“MFEs”) that implement the logical network. Id. at 16. Appellant argues that these virtual switches merely operate on the ESX server, and do not “implement” the ESX server; i.e., the logical network. Id. Appellant further argues that each ESX server is a single physical server, not multiple physical servers as claimed. Id. at 16–17. Appellant clarifies, “individual physical machines (servers) internally operating independent logical networks using internal forwarding elements as in Soundararajan is not equivalent to multiple physical machines each operating at least one MFE that implement a logical network.” Reply Br. 12 (citing claim 22). We are not persuaded by this argument. As discussed, we agree that the Examiner has shown the combination of references to teach or suggest “each respective logical network logically connects a respective set of end Appeal 2019-006107 Application 14/687,869 10 machines operating on a respective plurality of physical machines.” Supra at 8–9. Further, it is not contested by Appellant that Soundararajan teaches or suggests virtual switches operating on the ESX servers, i.e., the logical networks. Appellant argues that these switches do not “implement” the logical network, but does not explain how their operation is not implementation. Appeal Br. 16. The Examiner cites switches 110 and 114 as the MFEs; Soundararajan describes these switches as providing access to an external local area network and to each of the virtual machines, respectively. Soundararajan ¶ 16. Thus, we are not persuaded that the Examiner errs in characterizing the action of the switches as “implementing” the logical network. Nor are we persuaded by Appellant’s argument against the Examiner’s reliance on MFEs within a single server; i.e., a single logical network. As discussed, we agreed with the Examiner’s finding that Srinivasan taught or suggested servers that logically connect a set of end machines operating on multiple physical machines. Supra at 8–9. In arguing solely against the teachings of Soundararajan, Appellant has not explained how the combined teachings of Soundararajan and Srinivasan fail to teach or suggest the claimed “each respective logical network is implemented by a respective plurality of managed forwarding elements operating on the respective plurality of physical machines.” Consequently, we are not persuaded that the Examiner errs in finding the claimed combination to teach or suggest this limitation. 5. Hindsight reconstruction of the claim Appellant argues that the Examiner’s combination of Trojanowski, Srinivasan, Wesinger, and Soundararajan “appears to start from the Appeal 2019-006107 Application 14/687,869 11 conclusion that the claim is obvious and then, using hindsight, find[s] pieces of the claimed invention in disparate references.” Appeal Br. 19. It has been noted that, [a]ny judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning, but so long as it takes into account only knowledge which was within the level of ordinary skill [in the art] at the time the claimed invention was made and does not include knowledge gleaned only from applicant’s disclosure, such a reconstruction is proper. In re McLaughlin, 443 F.2d 1392, 1395 (CCPA 1971). Furthermore, the test for obviousness is “not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference,” but instead “what the combined teachings of the references would have suggested to those of ordinary skill in the art.” Keller, 642 F.2d at 425. The Examiner, starting with Trojanowski’s teachings, has provided reasons for combining the teachings of each additional reference with those of Trojanowski. In combining Srinivasan, the Examiner states, it would have been obvious to respectively incorporate Srinivasan’s foregoing (1) virtual forwarding technique and (2) plurality of logical networks into (1) the system of Trojanowski and (2) its networks, in order to: (1) make it more comprehensive by providing the system with a scheme for forwarding its packets to and from its virtual firewall(s) for processing (see Srinivasan ¶ 38); and (2) to provide Trojanowski’s networks with a topology for their firewalls (see Srinivasan ¶ 25), respectively. Final Act. 9. Appellant asserts that Trojanowski does not need to forward packets to and from virtual firewalls or be provided a topology for its firewalls, and thus neither reason would provide an advantage that would suggest such a combination with Srinivasan. Appeal Br. 18. The Examiner Appeal 2019-006107 Application 14/687,869 12 responds to this argument by highlighting the relevant findings in the Final Action, citing to Trojanowski’s description of a firewall application receiving a packet and, when the packet passes the filtering operation, sending the packet. Ans. 22 (citing Trojanowski ¶¶ 50, 74; Figs. 3, 5). We agree, in the absence of explanation by the Appellant, why those sections do not teach packet forwarding to and from firewalls, that the discussion of packet operations involving the filtering operation in Trojanowski supports the Examiner’s finding. We do not agree with the Examiner’s alternate motivation, based on a perceived “level of abstraction” of claim 22, because the Examiner does not explain how that would motivate one having ordinary skill in the art to combine the two art teachings. Id. However, our agreement with one of the Examiner’s two alternative reasons to combine Trojanowski and Srinivasan is sufficient, and we are not persuaded that the Examiner’s reason includes knowledge gleaned only from Applicant’s disclosure. In combining Wesinger, the Examiner states, it would have been obvious to incorporate Wesinger’s foregoing processing rule technique into the system of Trojanowski in view of Srinivasan in order to make it more comprehensive by thus enabling the system to customize the configuration of each of its firewalls individually (see Wesinger ¶[¶] 76, 79). Final Act. 10. Appellant argues that Wesinger initializes multiple virtual hosts in a physical firewall machine, which would “not make sense to implement a firewall that is not assumed to have the defects relating to proxy use that Wesinger was trying to remedy.” Appeal Br. 18 We are not persuaded. The Examiner finds advantage in adding the ability to customize the configuration of each of its firewalls individually. Appeal 2019-006107 Application 14/687,869 13 Final Act. 10; Ans. 24. Appellant argues that Wesinger’s features would only be relevant to a system having Wesinger’s specific problem; i.e., the defects relating to proxy use that Wesinger was trying to remedy. However, the reason for combining references is not limited to the purpose or problem addressed by Appellant, but “any need or problem known in the field and addressed by the patent can provide a reason for combining the elements in the manner claimed . . . a person of ordinary skill often will be able to fit the teachings of multiple patents together like pieces of a puzzle.” KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 402 (2007). Thus, we are not persuaded that the Examiner’s motivation of individual customization is improper motivation to combine the teachings and suggestions of Wesinger with those of Trojanowski and Srinivasan. In combining Soundararajan, the Examiner states, it would have been obvious to incorporate Soundara[ra]jan’s distributed logical network topology into the system of Trojanowski in view of Srinivasan further in view of Wesinger’s logical networks in order to improve stability, thus making the system more robust: (1) by having its logical networks manage their internal and external traffic independently of one another and (2) by implementing the system’s logical networks in a distributed computing environment (see Soundararajan ¶[¶] 4, 5, 16). Final Act. 11. Appellant argues that Soundararajan’s benefit of providing networks internal to individual machines does not provide a motivation to incorporate any elements of Soundararajan into a networking context across multiple physical machines. Appeal Br. 18–19. We are not persuaded. The Examiner finds advantages both in Soundararajan’s “improved stability” and in the advantages of Appeal 2019-006107 Application 14/687,869 14 Soundararajan’s “distributed computing environment; i.e., across multiple physical machines. Ans. 10. Further, Appellant’s argument does not take into account the “inferences and creative steps that a person of ordinary skill in the art would employ.” KSR, 550 U.S. at 418. The person of ordinary skill is the person of ordinary skill in the art is “a person of ordinary creativity, not an automaton.” Id. at 421. Accordingly, we are not persuaded that one having ordinary skill in the art would not recognize the advantages found by the Examiner as a reason to combine the teachings of Soundararajan with those of Trojanowski, Srinivasan, and Wesinger. Consequently, Appellant has not shown that the Examiner’s reason to combine the teachings or suggestions of the references “includes knowledge gleaned only from applicant’s disclosure.” Thus, we are not persuaded by Appellant’s argument that the Examiner’s motivation for combining the teachings of the references relies improperly on hindsight reconstruction of the claim. For the reasons discussed above, we are not persuaded of error in the Examiner’s rejection of claim 22. The Examiner advanced a separate reason for obviousness, based upon a finding that certain elements of the claim were merely intended use. Final Act. 2–3. Because we agree with the Examiner that all such elements are taught or suggested by the applied prior art references, we need not address this alternate argument. Appellant argues against the rejection of independent claim 36 on the same reasoning as claim 22. Because independent claim 36 is rejected under the same rationale, and using the same combination of prior art references as claim 22, we are not persuaded of error in the Examiner’s rejection of claim 36. Therefore, we sustain the Examiner’s rejection of claims 22 and 36. Appeal 2019-006107 Application 14/687,869 15 6. Dependent claims 23, 25–34, 36–40, and 42 a) Claims 23 and 37 Appellant argues that the references cited by the Examiner do not teach or suggest the limitation that multiple sets of processing rules are received from a network control system that also configures the managed forwarding element. Appeal Br. 20. Appellant argues that Wesinger is cited for sets of processing rules, Trojanowski for the network control system from which the processing rules are received, and Srinivasan for configuring the managed forwarding element. Id. Appellant argues that none of the references individually teach the entirety of the limitation. Id. Reply Br. 14–15. We are not persuaded by this argument. The Examiner has pointed to each element of the limitation either in individual references or in their arrangement as combined in the rejection. Appellant does not explain how the combined teachings of Wesinger, Trojanowski, and Srinivasan do not teach or suggest the claimed limitation. The test for obviousness is “what the combined teachings of the references would have suggested to those of ordinary skill in the art.” Keller, 642 F.2d at 425. Consequently, we are not persuaded that the Examiner errs in finding the combined teachings of Wesinger, Trojanowski, and Srinivasan do not teach or suggest the claimed limitation, and we sustain the Examiner’s rejection of claims 23 and 37. b) Claim 25 Appellant argues that the references do not teach or suggest claim 25’s limitation of a logical network logically connecting a set of end machines through a set of logical forwarding elements. Appeal Br. 20–21. Appellant argues that the Examiner relies upon the same elements as being Appeal 2019-006107 Application 14/687,869 16 both the managed forwarding elements and the logical forwarding elements. Id. The Examiner replies that “element 630 of FIG. 6A conflates the features of Srinivasan's managed forwarding element 212 and Srinivasan’s logical forwarding element 108, which are illustrated separately in FIG. 2 of Srinivasan.” Ans. 29. In response, Appellant argues that “elements 212 and 108 are a hypervisor and a virtual switch while element 630 is a virtual switch.” Reply Br. 16 (citing Srinivasan ¶¶ 24, 27, 38). Appellant argues that the Examiner does not support the assertion that a hypervisor is a managed forwarding element, or that a virtual switch is a logical forwarding element. Id. The Federal Circuit has explained the burdens on Examiner and Appellant during patent examination: The concept of prima facie obviousness establishes the framework for the obviousness determination and the burdens the parties face. See Kennametal, Inc. v. Ingersoll Cutting Tool Co., 780 F.3d 1376, 1384 (Fed.Cir.2015). Under this framework, the patent examiner must first set forth a prima facie case, supported by evidence, showing why the claims at issue would have been obvious in light of the prior art. In re Sullivan, 498 F.3d 1345, 1351 (Fed.Cir.2007). Once the examiner sets out this prima facie case, the burden shifts to the patentee to provide evidence, in the prior art or beyond it, or argument sufficient to rebut the examiner’s evidence. ACCO Brands Corp. v. Fellowes, Inc., 813 F.3d 1361, 1365–1366 (Fed. Cir. 2016). Here, the Examiner has pointed to two elements, Srinivasan’s managed forwarding element 212 and Srinivasan’s logical forwarding element 108, as teaching or suggesting the claimed managed forwarding element and the claimed logical forwarding element, respectively. Appellant argues that the Examiner has not provided further support to show that these elements 212 and 108 actually do correspond to those features. However, Appeal 2019-006107 Application 14/687,869 17 the Examiner has met their burden by explaining what features in Srinivasan correspond to the claimed features. The burden now shifts to Appellant to explain why those features in Srinivasan do not correspond to the claimed features. Appellant has characterized elements 212 and 108 as a hypervisor and a virtual switch. However, Appellant does not explain why a hypervisor does not teach a managed forwarding element and why a virtual switch does not teach a logical forwarding element. Srinivasan, at the location cited by the Examiner, describes that the virtual switch 108 “routes traffic between the VMs [(virtual machines)]” and that the hypervisor 212 “dynamically allocates hardware resources to the virtual machines.” Srinivasan ¶ 27. Appellant characterizes the logical forwarding element as connecting a set of end machines. Appeal Br. 4. Appellant characterizes the managed forwarding element as implementing a logical network that connects a set of end machines. Id. Appellant has not explained how the elements of Srinivasan are inconsistent with the Appellant’s explanation of the corresponding claim terms. Thus, Appellant has not met its burden to show error in the Examiner’s finding. Further, Appellant’s characterization of elements 212 and 108 appears to admit, contrary to the argument in the Appeal Brief, that the Examiner maps separate elements to the separate claimed managed forwarding element and logical forwarding element. Accordingly, we are not persuaded of error in the Examiner’s rejection of claim 25, and we sustain the Examiner’s rejection of that claim. Appeal 2019-006107 Application 14/687,869 18 c) Claim 26 Appellant argues that none of the references disclose or suggest a logical router implemented by the managed forwarding element. Appeal Br. 21. Appellant further argues that the Examiner identifies the same element, Srinivasan element 630, for the logical router and the managed forwarding element. Id. The Examiner replies that Srinivasan’s element 212 is a managed forwarding element that implements a virtual switch whose ports route traffic according to its network policy. Ans. 31. The Examiner finds this switch to be a local router implemented by the managed forwarding element. Appellant responds that the Examiner does not support the assertion that a hypervisor is a managed forwarding element, or that a virtual switch is a logical router. Reply Br. 17. Appellant further responds that the Examiner mischaracterizes the switch as a router, replacing “directs” with “routes” in support of that characterization. Id. We are not persuaded by this argument. As for claim 25, Appellant does not explain why Srinivasan’s hypervisor that dynamically allocates hardware resources to virtual machines does not teach or suggest the claimed managed forwarding element. Nor does Appellant explain why Srinivasan’s virtual switch does not teach or suggest the claimed logical router. Thus, Appellant has not met its burden to show error in the Examiner’s finding. Further, contrary to Appellant’s argument, Srinivasan states that the virtual switch “routes traffic.” Srinivasan ¶ 27. Consequently, we are not persuaded by Appellant’s arguments with respect to claim 26, and sustain the Examiner’s rejection of that claim. Appeal 2019-006107 Application 14/687,869 19 d) Claim 27 Appellant argues against the rejection of claim 27 on the same reasoning as presented for claim 25; i.e., that the references do not disclose or suggest a set of logical forwarding elements implemented by the managed forwarding element, and that the same element is identified as both the managed forwarding element and the logical forwarding element. Appeal Br. 22. We find this argument unpersuasive for the same reasons that we found this argument unpersuasive for claim 25, and we sustain the Examiner’s rejection of claim 27. e) Claims 32 and 39 Appellant argues that the references do not disclose or suggest a second slice identifier for a second set of processing rules associated with a distributed firewall for a second logical network. The Examiner cited Trojanowski as teaching or suggesting a second slice identifier, and Wesinger as teaching or suggesting a second set of processing rules C2 for implementing a second distributed firewall, and Soundararajan for a second logical network. Final Act. 16. Appellant argues that the “‘config_object_pointer’ in Trojanowski that identifies a configuration for a firewall at a particular point in time for a same physical network,” and the “processing rules in Wesinger that is used by a particular virtual host that is unrelated to any appended slice identifier” do not relate to the claimed second slice identifier. Appeal Br. 23. Appellant argues that these relate to configurations of a physical network, not to a logical network. Id. at 23. The Examiner replies that the rejection relies upon Soundararajan for the second logical network, and that Appellant has not taken into account that teaching. Ans. 34–35 (citing Final Act. 16). Appeal 2019-006107 Application 14/687,869 20 Appellant responds with the argument that the combination does not relate the second slide identifier to a second logical network. Reply Br. 18. We are not persuaded by this argument. The Examiner has pointed to each element of the limitation either in individual references or in their arrangement as combined in the rejection. Appellant does not explain how the combined teachings of Wesinger, Trojanowski, and Soundararajan do not teach or suggest the claimed limitation. The test for obviousness is “what the combined teachings of the references would have suggested to those of ordinary skill in the art.” Keller, 642 F.2d at 425. Consequently, we are not persuaded that the Examiner errs in finding the combined teachings of Wesinger, Trojanowski, and Soundararajan do not teach or suggest the claimed limitation, and we sustain the Examiner’s rejection of claims 32 and 39. f) Claims 28–31, 33–36, and 40–42 Appellant has argued against the rejection of claims 28–31, 33–36, and 40–42 only on the same reasons as against the rejection of claims 22 and 36. Because we have not found that reasoning persuasive, we sustain the Examiner’s rejections of claims 28–31, 33–36, and 40–42. DECISION For the above-described reasons, we affirm the Examiner’s rejections of claims 22, 23, and 25–42 as being obvious over the applied references under 35 U.S.C. § 103. Appeal 2019-006107 Application 14/687,869 21 CONCLUSION In summary: Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 22, 23, 25–34, 36–40, 42 103(a) Trojanowski, Srinivasan, Wesinger, Soundararajan 22, 23, 25– 34, 36–40, 42 35, 41 103(a) Trojanowski, Srinivasan, Soundararajan, Jain 35, 41 Overall Outcome 22, 23, 25–42 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). See 37 C.F.R. § 41.50(f). AFFIRMED Copy with citationCopy as parenthetical citation
