Obviousness

For a patent to be deemed obvious under 35 U.S.C. § 103, the differences between the claimed invention and the prior art must be such that the claimed invention as a whole would have been obvious to a person having ordinary skill in the art to which the invention pertains at the time the invention was made. This analysis often involves combining existing prior art references.

The US patent 10511572 describes a method and system for rule swapping in a packet network. The core idea involves preprocessing multiple rule sets and then efficiently switching between these preprocessed rule sets, particularly in a multi-processor network protection device, to minimize service interruption.

The patent itself references three prior art documents in its detailed description that are relevant to packet filtering technologies:

• United States Patent Application Publication No. 2006/0195896 to Fulp et al.
• United States Patent Application Publication No. 2006/0248580 to Fulp et al.
• United States Patent Application Publication No. 2011/0055916 to Ahn.

These publications are acknowledged in US10511572 as describing "advanced packet filtering technologies" that have "reduced the time required to apply large rule sets to network traffic."

A person having ordinary skill in the art (POSA) in network security and packet processing would be familiar with the concepts of:

• Network protection devices (e.g., firewalls, gateways, routers, switches) that implement rules to manage packet traffic.
• Rule sets and policies for defining network traffic criteria and associated actions (e.g., allow, deny, forward).
• Preprocessing or optimizing rule sets to improve performance, as explicitly mentioned in the cited prior art.
• The challenges associated with switching between rule sets, especially the time required and potential for resource contention or processing with outdated rules, which is the problem US10511572 aims to solve.
• Multi-processor systems for handling high volumes of network traffic.
• Caching to temporarily store data for faster access.

Here's an analysis of potential obviousness based on combinations of the cited prior art:

Combination 1: Fulp et al. (US 2006/0195896 or US 2006/0248580) + Ahn (US 2011/0055916) + General POSA Knowledge of Multi-processor Systems and Caching

• Fulp et al. (US 2006/0195896 and US 2006/0248580) and Ahn (US 2011/0055916) teach methods for efficiently applying large rule sets and reducing the time required for such operations. US10511572 itself states that these references describe "advanced packet filtering technologies" and reduce the "time required to apply large rule sets to network traffic." This establishes that the concept of optimized or preprocessed rule sets for faster application was known in the art.
• Motivation for Combination: A POSA encountering the problem of delayed rule set switching in a network protection device (as described in the background of US10511572) would naturally look to existing solutions for efficient rule application. The Fulp and Ahn references provide such solutions by optimizing the rule sets themselves.
• Obvious Step: Preprocessing multiple rule sets in advance. Given the teachings of Fulp and Ahn regarding optimizing rule sets for performance, it would be obvious for a POSA to apply this optimization to multiple rule sets in advance, rather than on-demand, especially when anticipating the need to switch between them quickly. The problem statement in US10511572 highlights the "time required for preprocessing a rule set may adversely affect the performance of network protection device 100" when "rule sets are being swapped live," suggesting that performing this preprocessing before a live swap would be a logical improvement.
• Obvious Step: Synchronizing multi-processor systems during a swap. The patent explicitly states that a "network protection device may include multiple processors" and describes the challenge of unsynchronized processing during a rule swap (e.g., processor 302 finishing quickly while processor 300 is still processing old rules). A POSA working with multi-processor network devices would be motivated to synchronize these processors during a critical operation like a rule set swap to ensure consistent policy enforcement and avoid security vulnerabilities or inefficient packet handling. Methods for synchronizing processors and caching unprocessed data during reconfiguration are common in multi-processor computing environments to ensure data integrity and smooth transitions.
• Obvious Step: Caching unprocessed packets. When synchronizing processors during a rule set swap, a POSA would find it obvious to temporarily cache any unprocessed packets. This ensures that no packets are dropped and that all packets are eventually processed according to the new rule set once the reconfiguration is complete. Caching is a fundamental technique in computer science for handling temporary data during state changes or resource unavailability.

Specific Claims and Obviousness:

• Claim 1 of US10511572 claims a method including: "receiving a first rule set; modifying... the first rule set; configuring the network device...; receiving... a plurality of packets; processing... a first portion...; receiving... a second rule set; modifying... the second rule set; and based on a signal... ceasing processing... caching... reconfiguring... and after completion... processing the one or more cached packets...".

  • The "modifying" step is equivalent to the "preprocessing" or "optimizing" taught by Fulp et al. and Ahn. The motivation to perform this modification on both rule sets in advance to enable fast swapping is driven by the recognized problem of slow rule set switching during live operation.
  • The steps of "ceasing processing," "caching," "reconfiguring," and then "processing the one or more cached packets" in response to a signal to switch rule sets in a multi-processor context would be obvious to a POSA. The problem of unsynchronized processing and the need to apply a new rule set uniformly are explicitly identified in the patent's background. Standard multi-processor system design principles would lead to such synchronization and caching mechanisms during a critical configuration change to prevent data loss or inconsistent processing.

• Claim 9 claims a network device with memory comprising instructions to perform the method of Claim 1. If the method is obvious, then a device configured to perform that method would also be obvious.

• Claim 17 claims one or more non-transitory computer-readable media comprising instructions to perform the method of Claim 1. Similarly, if the method is obvious, then storing instructions for it on a computer-readable medium would also be obvious.

In summary, the combination of the known packet filtering optimization techniques from Fulp et al. and Ahn, coupled with common knowledge in the art regarding multi-processor system synchronization, caching, and the recognized need for fast rule set switching in network protection devices, would have motivated a POSA to implement the claimed rule swapping methodology, rendering the claims of US10511572 obvious under 35 U.S.C. § 103.