Embed Size (px)
DESCRIPTION
IPR instituted against Juniper's '612 patent
Citation preview
[email protected] Paper 16
571-272-7822 Entered: December 19, 2013
UNITED STATES PATENT AND TRADEMARK OFFICE
____________
BEFORE THE PATENT TRIAL AND APPEAL BOARD
____________
PALO ALTO NETWORKS, INC.,
Petitioner,
v.
JUNIPER NETWORKS, INC.,
Patent Owner.
____________
Case IPR2013-00369
Patent 7,107,612 B1
____________
Before MICHAEL R. ZECHER, JAMES A. TARTAL, and
MIRIAM L. QUINN, Administrative Patent Judges.
TARTAL, Administrative Patent Judge.
DECISION
Institution of Inter Partes Review
37 C.F.R. § 42.108
Case IPR2013-00369
Patent 7,107,612 B1
2
Palo Alto Networks, Inc. (“Petitioner”) filed a Petition (Paper 3,
“Pet.”) requesting inter partes review of claims 1-13 and 22-27 of U.S.
Patent No. 7,107,612 B1 (Ex. 1001, “the ’612 patent”). Juniper Networks,
Inc. (“Patent Owner”) timely filed a Patent Owner’s Preliminary Response
(Paper 14, “Prelim. Resp.”). We have jurisdiction under 35 U.S.C. § 314.
I. INTRODUCTION
The standard for instituting an inter partes review is set forth in 35
U.S.C. § 314(a), which provides:
THRESHOLD.—The Director may not authorize an inter
partes review to be instituted unless the Director determines
that the information presented in the petition filed under section
311 and any response filed under section 313 shows that there
is a reasonable likelihood that the petitioner would prevail with
respect to at least 1 of the claims challenged in the petition.
For the reasons set forth below, we conclude that the information
presented in the Petition establishes that there is a reasonable likelihood that
Petitioner will prevail in challenging as unpatentable claims 1-13 and 22-27
of the ’612 patent. Accordingly, pursuant to 35 U.S.C. § 314, we authorize
inter partes review to be instituted as to claims 1-13 and 22-27 of the ’612
patent.
A. Related Matters
Petitioner states that the ’612 patent was asserted against it in a
complaint served on September 25, 2012, in Juniper Networks, Inc. v. Palo
Case IPR2013-00369
Patent 7,107,612 B1
3
Alto Networks, Inc., No. 11-1258-SLR (D. Del.) (the “Concurrent
Litigation”). Pet. 10.
B. The ’612 Patent
The application for the ’612 patent, filed July 19, 2004, was a
continuation of an application, filed March 15, 2000, that issued as U.S.
Patent No. 6,772,347 (“the ’347 patent”). The application that issued as the
’347 patent was a continuation-in-part of an application, filed April 1, 1999,
that issued as U.S. Patent No. 6,701,432 (“the ’432 patent”). Petitioner
asserts that because claims of the ’612 patent are directed to new matter
added to the continuation-in-part application for the ’347 patent, the earliest
priority date for the ’612 patent is March 15, 2000. Pet. 1. Patent Owner
has not contended that the ’612 patent is entitled to an earlier priority date.
Prelim. Resp. 4.
The ’612 patent, titled “Method, Apparatus and Computer Program
Product for a Network Firewall,” relates to methods and network devices for
providing network security, and describes an improved firewall that includes
both conventional fixed rules and dynamic rule generation. Ex. 1001,
Abstract, 1:16-19.
The ’612 patent states “a firewall is a device that can be coupled in-
line between a public network and a private network for screening packets
received from the public network.” Id. at 1:59-61. A packet is the
fundamental unit of transfer in a packet switch communication system. Id.
at 1:25-26. “A packet switch communication system includes a network of
one or more routers connecting a plurality of users.” Id. at 1:23-24. In a
Case IPR2013-00369
Patent 7,107,612 B1
4
conventional system, a firewall engine processes the packets to enforce an
access control policy by screening the packets in accordance with one or
more sets of rules. Id. at 2:16-19. As explained in the ’612 patent:
As known in the art, a rule is a control policy for filtering
incoming and outgoing packets. Rules specify actions to be
applied as against certain packets. When a packet is received
for processing through a rule search, the packet’s IP header,
TCP header, or UDP header may require inspecting. A rule
will generally include, at a minimum, source/destination IP
addresses, UDP/TCP source/destination ports and transport
layer protocol. Additional criteria may be used by the rules as
well.
Id. at 2:38-46.
The firewall of the ’612 patent includes a first engine using a fixed set
of rules for initially sorting incoming packets into packets that are allowed
and denied. Id. at 3:19-21. The initially denied packets then are sorted
further by a second engine into allowed packets and denied packets using
dynamically generated rules. Id. at 3:21-25. This second engine is a
dynamic filter that generates rules using criteria, such as port number and IP
address, which are extracted from incoming packets for applications, such as
RealAudio, Netmeeting (which uses the H3232 protocol), and network file
system (“NFS”). Id. at 6:6-11.
Case IPR2013-00369
Patent 7,107,612 B1
5
C. Illustrative Claims
Claims 1, 13, 22, and 27 are independent claims. Claims 2-12
depend, directly or indirectly, from independent claim 1. Claims 23-26
depend directly from independent claim 22.
Claims 1 and 13 are illustrative of the method and the network device
claims at issue, and are reproduced below:
1. A method, comprising:
establishing a set of rules for controlling access to and
from a network device for incoming and outgoing data units;
receiving, at the network device, a first sequence of data
units; and
adding one or more first rules to the set of rules based on
data extracted from the received first sequence of data units.
13. A network device, comprising:
an access control engine configured to establish a set of
rules for controlling access to and from the network device for
incoming and outgoing data units; and
a dynamic filter configured to add one or more first rules
to the set of rules based on data extracted from a first sequence
of data units received at the network device.
D. Asserted Grounds of Unpatentability
Petitioner challenges claims 1-13 and 22-27 of the ’612 patent based
on the alleged grounds of unpatentability set forth in the table below, as
further supported by the Declaration of Dr. John Mitchell (Ex. 1004).
Case IPR2013-00369
Patent 7,107,612 B1
6
Reference(s) Basis Claims Challenged
Julkunen1 § 102 1-3, 8-13, and 22-27
Schneider2 § 102 1-4, 6, 8-13, and 22-27
Brenton3 § 102 1-4, 6, 10, 12, 13, 22-24, and 26
Julkunen and Brenton § 103 4 and 6
Julkunen, Brenton, and
IETF NAT4
§ 103 5 and 7
Schneider and Brenton or
IETF NAT
§ 103 4-7
II. CLAIM CONSTRUCTION
As a step in our analysis for determining whether to institute trial, we
determine the meaning of the claims. Consistent with the statute and
legislative history of the Leahy-Smith America Invents Act (“AIA”), Pub. L.
112-29, 125 Stat. 284, 329 (2011), claims of unexpired patents are construed
by applying the broadest reasonable interpretation, in light of the
specification. 37 C.F.R. § 42.100(b); see also Office Patent Trial Practice
Guide, 77 Fed. Reg. 48,756, 48,766 (Aug. 14, 2012). Under the broadest
reasonable construction standard, claim terms are given their ordinary and
1 Heikki Julkunen and C. Edward Chow, Enhanced Network Security with
Dynamic Packet Filter (Department of Computer Science, University of
Colorado at Colorado Springs) (April 1997) (Ex. 1006, “Julkunen”). 2 U.S. Patent No. 6,178,505 B1, issued Jan. 23, 2001 (Ex. 1007,
“Schneider”). 3 Brenton, Chris, “Mastering™ Network Security,” (1998) (Ex. 1008,
“Brenton”). 4 Holdrege, Matt, and Srisuresh, Pyda, “Protocol Complications with the IP
Network Address Translator (NAT),” (Feb. 1999) (Ex. 1010, “IETF NAT”).
Case IPR2013-00369
Patent 7,107,612 B1
7
customary meaning, as would be understood by one of ordinary skill in the
art in the context of the entire disclosure. In re Translogic Tech. Inc., 504
F.3d 1249, 1257 (Fed. Cir. 2007). Any special definition for a claim term
must be set forth with reasonable clarity, deliberateness, and precision. In re
Paulsen, 30 F.3d 1475, 1480 (Fed. Cir. 1994).
A. “rules”
Each of the challenged claims recites “a set of rules.” As noted by
Petitioner, the specification of the ’612 patent states “a rule is a control
policy for filtering incoming and outgoing packets.” Pet. 15 (citing Ex.
1001, 2:38-39). Petitioner offers no specific construction of the term
“rules.” Instead, Petitioner asserts both that a “lookup table” is not a “rule,”
and that, in the Concurrent Litigation, Patent Owner appears to contend that
“rules” include “application-specific rules.” Pet. 15-16. Petitioner and
Patent Owner agree that “rules” must exist across multiple sessions. Pet. 16;
Prelim. Resp. 4. Patent Owner contends that further construction is not
needed for the term “rules.” Prelim. Resp. 4-5.
The construction of the term “rules” does not turn on whether a
particular thing, like a “lookup table,” is, or is not, a set of “rules,” but rather
on what the term, itself, means. Moreover, notwithstanding their agreement,
the parties have identified no support in the specification for defining “rules”
to include a requirement that they exist across “multiple sessions.” Indeed,
the specification makes no reference to “multiple sessions.” Consequently,
the term “rules,” in light of the express definition provided by the
Case IPR2013-00369
Patent 7,107,612 B1
8
specification, means “control policies for filtering incoming and outgoing
packets.” Ex. 1001, 2:38-39.
B. “access control engine”
Claims 13 and 27 recite an “access control engine configured to
establish a set of rules for controlling access to and from the network device
for incoming and outgoing data units.” The specification does not use the
term “access control engine” apart from the claims. Petitioner contends that
“access control engine” should be interpreted as “firewall engine” or “ACL
engine.” Pet. 17-18. Petitioner’s asserted rationale for such a construction,
which we find insufficient, is that “‘firewall engine’ or ‘ACL engine’ is an
admitted element of a prior art firewall.” Pet. 18 (citing Ex. 1001, 2:7-19,
59-61, Fig. 2a). Patent Owner offers no construction of “access control
engine.”
An ordinary and customary definition, to one of ordinary skill in the
relevant art, of the term “access control” is the “prevention of unauthorized
use of a resource, including the prevention of use of a resource in an
unauthorized manner.” THE IEEE STANDARD DICTIONARY OF ELECTRICAL
AND ELECTRONICS TERMS 5 (6th ed. 1996). An ordinary and customary
definition in the relevant art of the term “engine” is a “dedicated processor,
architecture, or system component that is used for a single and special
purpose.” Id. at 360. Consequently, the term “access control engine” means
“a dedicated processor, architecture, or system component that is used for
the prevention of unauthorized use of a resource, including the prevention of
use of a resource in an unauthorized manner.” For purposes of this decision,
Case IPR2013-00369
Patent 7,107,612 B1
9
we adopt the aforementioned claim construction, because it is consistent
with the ordinary and customary meaning of “access control engine,” as
would be understood by one with ordinary skill in the art in light of the ’612
patent.
C. “dynamic filter”
Claim 13 requires “a dynamic filter configured to add one or more
first rules to the set of rules based on data extracted from a first sequence of
data units received at the network device.” Claim 27 requires, in relevant
part, a “dynamic filter” configured to “modify the set of rules,” “filter
second data units,” “modify the first modified set of rules,” and “filter third
data units.” Petitioner does not offer a specific construction of the term
“dynamic filter.” Instead, Petitioner contends that in the Concurrent
Litigation, Patent Owner construes implicitly “dynamic filter” to mean
“software that performs the function recited in the claim.” Pet. 19. Patent
Owner offers no construction of “dynamic filter.”
Although the specification does not define expressly the term
“dynamic filter,” it states that a “dynamic filter” processes packets, conducts
a search through a set of dynamically generated rules, generates rules, and
controls the passage of packets through the firewall to allow entry to a
private network. Ex. 1001, 6:1-27. The specification further states that use
of the dynamic filter “advantageously allows the use of dynamically-
generated rules, without increasing the processing time for those IP packets,
which are initially allowed [] by the ACL engine [] based on the fixed rule
set.” Id. at 6:32-38.
Case IPR2013-00369
Patent 7,107,612 B1
10
The specification does not use the terms “dynamic” or “filter”
contrary to their ordinary and customary meanings. An ordinary and
customary definition, to one of ordinary skill in the relevant art, of the term
“dynamic” is “[p]ertaining to an event or process that occurs during
computer program execution.” THE IEEE STANDARD DICTIONARY OF
ELECTRICAL AND ELECTRONICS TERMS 325 (6th ed. 1996). An ordinary and
customary definition, to one of ordinary skill in the relevant art, of the term
“filter” is a “device or program that separates data, signals, or material in
accordance with specified criteria.” Id. at 408.
Consequently, the term “dynamic filter” means “a device or program
that separates data in accordance with specified criteria through a process
that occurs during computer program execution.” For purposes of this
decision, we adopt the aforementioned claim construction because it is
consistent with the ordinary and customary meaning of “dynamic filter,” as
would be understood by one with ordinary skill in the art in light of the
’612 patent.
D. Remaining Claim Terms or Phrases
For purposes of this decision, all remaining claim terms or phrases
recited in claims 1-13 and 22-27 of the ’612 patent are given their ordinary
and customary meaning, as would be understood by one of ordinary skill in
the art.
Case IPR2013-00369
Patent 7,107,612 B1
11
III. ANALYSIS
A. Petitioner is Not Precluded from Requesting Inter Partes Review
As a threshold issue, Patent Owner argues that the Petition should be
denied because it “violates the doctrine of assignor estoppel” and
“contradicts the oath that [Palo Alto Networks, Inc.] co-Founder Yuming
Mao submitted to the PTO attesting to the validity of the ’612 patent.” See
Prelim. Resp. 45. Mr. Yuming Mao is one of three inventors named on the
face of the ’612 patent.
The Board has determined previously, and we agree, that assignor
estoppel is not a basis for denying a petition requesting inter partes review:
Under the AIA, “a person who is not the owner of a
patent may file with the Office a petition to institute an inter
partes review of the patent.” 35 U.S.C. § 311(a) (emphasis
added). Consequently, under the statute, an assignor of a
patent, who is no longer an owner of the patent at the time of
filing, may file a petition requesting inter partes review. This
statute presents a clear expression of Congress’s broad grant of
the ability to challenge the patentability of patents through inter
partes review.
Athena Automation Ltd. v. Husky Injection Molding Systems Ltd.,
IPR2013-00290, slip op. at 12-13 (PTAB Oct. 25, 2013), Paper No.
18.
Patent Owner’s reliance on 37 C.F.R. § 42.101(c), which provides in
relevant part that a person may not file a petition if the petitioner “or a privy
of the petitioner is estopped from challenging the claims on the grounds
identified in the petition,” is misplaced. See Prelim. Resp. 47. The grounds
Case IPR2013-00369
Patent 7,107,612 B1
12
for estoppel, as referenced in § 42.101(c), are discussed expressly in 37
C.F.R. § 42.73(d), which states:
Estoppel. (1) Petitioner other than in derivation proceeding. A
petitioner, or the real party in interest or privy of the petitioner,
is estopped in the Office from requesting or maintaining a
proceeding with respect to a claim for which it has obtained a
final written decision on patentability in an inter partes review,
post-grant review, or a covered business method patent review,
on any ground that the petitioner raised or reasonably could
have raised during the trial, except that estoppel shall not apply
to a petitioner, or to the real party in interest or privy of the
petitioner who has settled under 35 U.S.C. 317 or 327.
Patent Owner does not contend that Petitioner, or the real party in
interest or privy of the Petitioner, “has obtained a final written decision on
patentability in an inter partes review, post-grant review, or a covered
business method patent review, on any ground that the petitioner raised or
reasonably could have raised during the trial,” as is required for Petitioner to
be estopped under 37 C.F.R. § 42.101(c). Patent Owner, therefore, has
failed to show that estoppel applies pursuant to 37 C.F.R. §§ 42.73 and
42.101(c). Furthermore, we are not persuaded that the equitable doctrine of
assignor estoppel provides an exception to the statutory mandate that any
person who is not the owner of a patent may file a petition for inter partes
review. Accordingly, we decline to deny the Petition based on Patent
Owner’s estoppel arguments.
Patent Owner further asserts that even if Petitioner is not barred from
requesting inter partes review, the Board should exercise its discretion to
deny institution of trial because of the relationship between Mr. Mao and
Case IPR2013-00369
Patent 7,107,612 B1
13
Petitioner.5 See Prelim. Resp. 48-49. Patent Owner argues that the Board’s
discretion provides an alternative ground for applying the principles of
equitable estoppel. Id. Patent Owner further argues, more generally, that
equitable considerations weigh against granting the Petition, including that
Patent Owner is denied the opportunity to submit “inventor declarations
under 37 C.F.R. [§] 1.131 to identify the circumstances of conception and
reduction to practice so as to ‘swear behind’ what might otherwise constitute
prior art,” because Mr. Mao is adverse to Patent Owner. Prelim. Resp. at 48-
49.
To the extent the Board has discretion to consider equitable
considerations in determining whether to institute trial, in this case, Patent
Owner has not made a showing that warrants exercise of that discretion. For
the same reasons discussed above, Patent Owner has not shown that the
Board should exercise discretion to apply principles of assignor estoppel to
circumvent the express statutory language that permits any person “who is
not the owner of a patent” to request inter partes review. With regard to
other equitable considerations, Patent Owner’s arguments are, at best,
speculative. Patent Owner does not identify any specific prior art it seeks to
“swear behind,” and makes no showing that it is unable to do so merely
because one of a multiple number of inventors on the face of the patent may
5 This case does not require us to reach the issue of whether Mr. Mao is in
privity with Petitioner, as asserted by Patent Owner (Prelim. Resp. 52-58),
because we conclude that even if Patent Owner established such a
relationship, Patent Owner has not shown a sufficient basis to preclude
Petitioner from requesting inter partes review.
Case IPR2013-00369
Patent 7,107,612 B1
14
have a relationship with Petitioner. Accordingly, we conclude that Patent
Owner has not shown that Petitioner is barred or estopped, or otherwise
should be precluded, from petitioning to institute inter partes review of the
’612 patent.
B. Anticipation Based on Julkunen
Petitioner contends that Julkunen is prior art to the ’612 patent and
anticipates claims 1-3, 8-13, and 22-27 under 35 U.S.C. § 102. Pet. 21.
Petitioner relies upon claim charts, as well as the Declaration of Dr. John
Mitchell (Ex. 1004), to explain how Julkunen anticipates these claims of the
’612 patent. Pet. 21-30.
Julkunen is a report that “presents the study, design and
implementation of a firewall, in particular a major component of a firewall:
the dynamic packet filter.” Ex. 1006, p. 1 (Abstract).6 According to
Petitioner, Julkunen discloses the modification of a standard Linux firewall
that uses administrator-programmed rules with what Julkunen calls a
dynamic packet filter (“DPF”). Pet. 21 (citing Ex. 1006, 3-4; 12-14).
Julkunen explains that a “dynamic packet filter checks on the fly the
outgoing IP packets from a computer and then allows incoming packets to
get through the packet filter if the packets are from the same computer as the
outgoing packets were sent to.” Ex. 1006, p. 1 (Abstract). Petitioner also
asserts that Julkunen describes dynamically generating rules based on
6 In this decision, citations to Julkunen refer to the page numbers as they
appear on the original document, not to the page numbers labeled by
Petitioner for Exhibit 1006.
Case IPR2013-00369
Patent 7,107,612 B1
15
information extracted from the Network File System (“NFS”) data packets,
and that dynamically generated rules operate across multiple sessions. Pet.
22 (citing Ex. 1006, 39-43).
1. Whether Julkunen is Prior Art
Petitioner states that Julkunen was published in April, 1997. Pet. 21.
Patent Owner contests the prior art status of Julkunen and contends that
Petitioner “has failed to present any evidence that Julkunen qualifies as a
‘printed publication’ that was publicly available before the critical date.”
Prelim. Resp. 7-11.
Patent Owner cites Synopsys, Inc. v. Mentor Graphics Corp., for the
proposition that absent evidence of publication or public accessibility of a
reference, a petition for inter partes review, with respect to grounds based
on that reference, should be denied. Prelim. Resp. 10-11 (citing IPR2012-
00042, slip op. at 35-36 (PTAB Feb. 22, 2013), Paper No. 16). Indeed, the
determination of whether a given reference qualifies as a prior art “printed
publication” involves a case-by-case inquiry into the facts and circumstances
surrounding the reference’s disclosure to members of the public. In re
Klopfenstein, 380 F.3d 1345, 1350 (Fed. Cir. 2004).
Unlike the reference at issue in Synopsys, which was a company’s
product brochure that lacked any date on its face, Julkunen is a dated report
with a Bibliographic Data Sheet, a “Performing Organization Rept. No.,”
and a “Performing Organization Name” listed as the Department of
Computer Science at the University of Colorado at Colorado Springs. Ex.
1006, 73. The Bibliographic Data Sheet also identifies the “Report Date” as
Case IPR2013-00369
Patent 7,107,612 B1
16
“April, 1997.” Id. We are not convinced that institution of inter partes
review based on Julkunen should be denied in this instance based on Patent
Owner’s assertions that Julkunen “merely includes the words ‘April 1997’
on its first page,” and that a space labeled “Availability Statement” on the
“Bibliographic Data Sheet” page of Julkunen is blank. See Prelim. Resp. 9-
10; see also Ex. 1006, cover page and 73. On this record, we are persuaded
that Petitioner has made a threshold showing that Julkunen is a “printed
publication” within the meaning of 35 U.S.C. § 102. As a consequence, for
purposes of this decision, Julkunen is available as prior art for Petitioner to
demonstrate a reasonable likelihood that the challenged claims are
unpatentable.
2. Whether Petitioner Has Shown a Reasonable Likelihood that
Claims 1-3, 8-13, and 22-27 are Anticipated by Julkunen
Patent Owner contends that review should not be instituted based on
the alleged anticipation by Julkunen. In addition to disputing the status of
Julkunen as prior art, Patent Owner argues that Julkunen does not disclose
“‘rules’ that exist ‘across multiple sessions,’ as required in all independent
claims.” Prelim. Resp. 7. Contrary to Patent Owner’s argument, none of the
challenged claims recites “across multiple sessions.” As discussed above,
even though Petitioner and Patent Owner agree that “rules” must exist across
multiple sessions, neither party has offered support for the contention that
such a requirement, which does not appear on the face of the claims and is
not discussed in the specification, should be read into the claims. Therefore,
we find Patent Owner’s argument not persuasive, because it is not
Case IPR2013-00369
Patent 7,107,612 B1
17
commensurate with the scope of the claims, as they are construed for
purposes of this decision.
Patent Owner also contends that Petitioner fails to allege that “the
purported ‘rules’ in Julkunen are based on a ‘sequence of data units’ or
multiple ‘data units.’” Prelim. Resp. 15-16. Again, Patent Owner’s
argument is not persuasive, because it is not commensurate with the scope of
the claims. The claims recite either adding or modifying rules “based on
data extracted” from either “the received first sequence of data units” (claim
1), “a first sequence of data units” (claim 13), or “first data units” (claims 22
and 27). Thus, based on the record before us, the ’612 patent requires that
rules must be based on “data” extracted from “data units,” not that rules
must be based on a ‘sequence of data units’ or multiple ‘data units,’ as
Patent Owner contends.
With respect to claims 8, 21, and 27, Patent Owner contends that
Petitioner fails to support the assertion that Julkunen discloses further action
upon “second data units,” because Petitioner supports that assertion by citing
to the same disclosure relied upon for the “first sequence of data units.”
Prelim. Resp. 16-17. We are not persuaded by Patent Owner’s argument.
Claim 21 is not challenged in the Petition. Claims 8 and 27 require
modifying rules based on data extracted from a “second sequence of data
units,” or from “second data units,” respectively. There is no indication that
the disclosure of Julkunen relied upon by Petitioner suggests that the
disclosed dynamic packet filter acts only on a set of first data units. To the
contrary, Petitioner references Julkunen’s disclosure of adding rules to a set
Case IPR2013-00369
Patent 7,107,612 B1
18
of packet filtering rules, and modifying that set of rules based on data
received from another set of NFS packets. See Pet. 27 (citing Ex. 1006, 35
and 42-43). Based on the record before us, Petitioner’s citation to Julkunen
amounts to sufficient evidence showing a reasonable likelihood that claims 8
and 27 are anticipated by Julkunen.
With respect to claims 12 and 26, Patent Owner contends that
Petitioner fails to identify any disclosure in Julkunen that satisfies the
requirement that “the data extracted from the received first sequence of data
units comprises a port number and a network address associated with a
source of the data units.” Prelim. Resp. 16-17. In discussing claim 12,
Petitioner references citations to Julkunen that disclose modifying added
rules using source and destination network address and port information
extracted from received FTP and NFS packets. Pet. 28 (citing to Ex. 1006,
35 and 43, and referring to the support provided for claim 1 at pages 24-25).
Based on the record before us, Petitioner’s citation to Julkunen amounts to
sufficient evidence showing a reasonable likelihood that claims 12 and 26
are anticipated by Julkunen.
With respect to claim 13, Patent Owner contends that because
Petitioner offered no construction of the terms “access control engine” or
“dynamic filter,” Petitioner “offers no explanation for how Julkunen
discloses these claim limitations under any construction.” Prelim. Resp. 17.
We disagree, as Petitioner need not propose an express construction for a
claim term to identify how a related claim limitation is disclosed by a
particular reference. In this case, we interpret “access control engine” to
Case IPR2013-00369
Patent 7,107,612 B1
19
mean “a dedicated processor, architecture, or system component that is used
for the prevention of unauthorized use of a resource, including the
prevention of use of a resource in an unauthorized manner.” We are
persuaded that, with respect to claim 13, Petitioner identifies the disclosure
in Julkunen of a firewall, which constitutes an “access control engine”
consistent with our construction of that term. Pet. 29 (citing Ex. 1006, 3 and
13). Similarly, we interpret “dynamic filter” to mean “a device or program
that separates data in accordance with specified criteria through a process
that occurs during computer program execution.” We are further persuaded
that, with respect to claim 13, Petitioner identifies the disclosure in Julkunen
of a “dynamic packet filter” consistent with our construction of a “dynamic
filter.” Pet. 29 (citing Ex. 1006, p. 16). Based on the record before us,
Petitioner’s citation to Julkunen provides sufficient evidence to show a
reasonable likelihood that claim 13 is anticipated by Julkunen.
In summary, having considered all of the information Petitioner has
presented based on Julkunen with respect to claims 1-3, 8-13, and 22-27, we
conclude that Petitioner has shown a reasonable likelihood that these claims
are anticipated by Julkunen.
C. Anticipation Based on Brenton
Petitioner contends that Brenton is prior art to the ’612 patent and
anticipates claims 1-4, 6, 10, 12, 13, 22-24, and 26 under 35 U.S.C. §§
102(a) and (b). In particular, Petitioner relies upon claim charts, as well as
the Declaration of Dr. John Mitchell (Ex. 1004), to explain how Brenton
anticipates these claims of the ’612 patent. Pet. 43-52.
Case IPR2013-00369
Patent 7,107,612 B1
20
According to Petitioner, Brenton, a 672-page book describing a wide
range of computer network security technologies, discloses a dynamic
packet filter that extends the capabilities of a static packet filter by
maintaining a connection table or state table. Pet. 43 (citing Ex. 1008, 141-
182). 7 According to Petitioner, “the dynamic filter creates a state table to
store information” regarding a connection allowed by the static filter. Pet.
43-44. Petitioner appears to equate the “state table” to “additional rules of
the dynamic filter” that enable filtering beyond the capabilities of the static
filter, for example, by selectively filtering UDP packets that may have been
denied initially by a static filter. Pet. 44 (citing Ex. 1008, 163).
1. Whether Brenton is Prior Art
Petitioner states that Brenton was published in 1998. Pet. 43. Patent
Owner contends that Petitioner has failed to present “any competent
evidence” that Brenton qualifies “as a ‘printed publication’ that was publicly
available before the critical date.” Prelim. Resp. 25-28.
Exhibit 1008 includes a title page indicating a copyright of 1999 and a
Library of Congress Card Number 98-87201. Ex. 1008. Petitioner also
provided an undated copy of the corresponding Library of Congress Catalog
of Record, which indicates a “Published/Created” date of 1998. Ex. 1009.
Patent Owner suggests that the copyright date of 1999 draws into question
the asserted publication date of 1998. Prelim. Resp. 27. Patent Owner also
7 In this decision, citations to Brenton refer to the page numbers as they
appear on the original document, not to the page numbers labeled by
Petitioner for Exhibit 1008.
Case IPR2013-00369
Patent 7,107,612 B1
21
maintains that the United States Court of Appeals for the Federal Circuit
found evidence similar to that offered by Petitioner to be insufficient for
purposes of establishing public accessibility of a paper in a database.
Prelim. Resp. 26 (citing In re Lister, 583 F.3d 1307, 1316-17 (Fed. Cir.
2009)). The case cited by Patent Owner, however, addressed a paper
submitted by a patent applicant to the Copyright Office, not a published
book with a Library of Congress Card Number such as Brenton. See In re
Lister, 583 F.3d at 1309-10.
On this record, we are persuaded that Petitioner has made a threshold
showing that Brenton is a “printed publication” within the meaning of
35 U.S.C. § 102. As a consequence, for purposes of this decision, Brenton is
available as prior art for Petitioner to demonstrate a reasonable likelihood
that the challenged claims are unpatentable.
2. Whether Petitioner Has Shown a Reasonable Likelihood that
Brenton Anticipates Claims 1-4, 6, 10, 12, 13, 22-24, and 26
Petitioner has not provided a complete copy of “Mastering™ Network
Security,” a book by Chris Brenton. Instead, as set forth as Exhibit 1008,
the reference identified as “Brenton” consists of the book cover, a title page,
pages of the third chapter titled “Understanding How Network Systems
Communicate,” and pages of the fifth chapter titled “Firewalls.” Ex. 1008.
Patent Owner contends that by failing to submit a complete copy, Petitioner
“has rendered impossible any full and complete consideration of the
reference itself.” Prelim. Resp. 29. Patent Owner does not suggest that it
Case IPR2013-00369
Patent 7,107,612 B1
22
was unable to obtain a complete copy of the reference or further explain how
its preliminary response was hindered by an incomplete copy.
We conclude that on the record before us, material omitted by
Petitioner from Exhibit 1008 is not relevant to our determination of whether
Petitioner has presented information that establishes a reasonable likelihood
that it would prevail with respect to the claims challenged in the petition. To
the extent Patent Owner contends it has an objection to the evidence
presented as Exhibit 1008 based on the Federal Rules of Evidence, the Board
rules provide the specific manner and timing of properly making an
objection to evidence during trial.
Patent Owner further argues that Petitioner’s arguments based on
Brenton are improper because they rely on unrelated portions of the
reference, rather than the disclosure of one complete system. Prelim. Resp.
28-29. In particular, Patent Owner identifies citations by Petitioner to seven
specific pages from a span of 33 pages of Brenton. Prelim. Resp. 28 n.7.
Patent Owner is correct in recognizing that, to anticipate a claim, a reference
“must not only disclose all elements of the claim within the four corners of
the document, but must also disclose those elements arranged as in the
claim.” Prelim. Resp. 29 (emphasis omitted) (quoting Net MoneyIn, Inc. v.
VeriSign, Inc., 545 F.3d 1359, 1369 (Fed. Cir. 2008)).
Patent Owner, however, has not shown, by merely identifying the
applicable law and the number of pages cited, that Petitioner has cobbled
together improperly “something allegedly resembling the ’612 patent
claims.” See Prelim. Resp. 28. For example, Patent Owner contends
Case IPR2013-00369
Patent 7,107,612 B1
23
Petitioner has cited to “unrelated portions” of Brenton, yet all of the citations
identified by Patent Owner are from the fifth chapter of Brenton and relate
directly to firewalls. See Prelim. Resp. 28 n.7. Patent Owner also does not
articulate how the disclosure of Brenton fails to represent adequately the
arrangement of the claimed elements, as required by each challenged claim.
Accordingly, on this record, we are not convinced that review based on
Brenton should be denied on the premise that Petitioner relied on unrelated
portions of Brenton.
Patent Owner also argues that Petitioner has not demonstrated that
Brenton discloses adding rules to the set of rules, or modifying the set of
rules, as required by all of the challenged claims. Prelim. Resp. 32-33. In
particular, Patent Owner suggests that “adding and modifying must be
performed not on any set of rules, but on the antecedent set of rules
identified earlier in the claim.” Prelim. Resp. 32. Patent Owner’s argument
is premised on its interpretation of Brenton that “the set of rules” is limited
to the access control policy enforced by a static packet filter. Prelim. Resp.
32. Such an interpretation is not consistent with the ’612 patent, which
makes clear that a step involving dynamically generated rules, i.e., added or
modified rules, may be included after processing by the static filter to further
sort packets. Ex. 1001, 3:17-27. Therefore, we are persuaded that the
information presented by Petitioner amounts to sufficient evidence showing
a reasonable likelihood that Brenton discloses adding or modifying the set of
rules, as claimed. See Pet. 46 (citing to Ex. 1008, 150, 157, 160, 163).
Case IPR2013-00369
Patent 7,107,612 B1
24
Patent Owner also argues that Petitioner has not shown that Brenton
discloses rules that exist across multiple sessions, or that rules are added or
modified based on multiple data units. Prelim. Resp. 29-32, 33-34. Patent
Owner’s arguments are not persuasive for the same reasons discussed above
with respect to Patent Owner’s assertion of the same arguments with respect
to Julkunen—Patent Owner’s arguments are not commensurate with the
scope of the claims, as they are construed for purposes of this decision. See
III.B.2, above.
Patent Owner further argues that Brenton does not disclose specific
limitations of other challenged claims, without identifying these claims.
Prelim. Resp. 34. Instead, Patent Owner argues that Petitioner’s analysis is
deficient for the same reasons Patent Owner asserted with respect to
Julkunen. The claims challenged as anticipated by Brenton, however, do not
mirror the claims challenged as anticipated by Julkunen. Patent Owner has
not adequately set forth its argument, and we will not speculate as to what
Patent Owner intends by vague statements purporting to incorporate
arguments against grounds of unpatentability based on a different reference
for different claims.
In summary, having considered all of the information Petitioner has
presented based on Brenton with respect to claims 1-4, 6, 10, 12, 13, 22-24,
and 26, we conclude that Petitioner has shown a reasonable likelihood that
these claims are anticipated by Brenton.
Case IPR2013-00369
Patent 7,107,612 B1
25
D. Obviousness Based on: (1) Julkunen and Brenton; and (2) Julkunen,
Brenton, and IETF NAT
Petitioner contends that claims 4-7 are unpatentable under 35 U.S.C.
§ 103(a) over “Julkunen in combination with IETF NAT, Brenton, or the
knowledge of a person of ordinary skill in the art.” Pet. 52-57. Petitioner
relies upon claim charts, as well as the Declaration of Dr. John Mitchell (Ex.
1004), to explain how these cited prior art references teach claims 4-7 of the
’612 patent. Id.
Claims 4-7 depend, directly or indirectly, on claim 1 and are generally
further directed to adding network address translation (“NAT”) to the
method of claim 1. Petitioner admits that Julkunen does not disclose NAT,
and instead, asserts that Brenton discloses address translation as a standard
feature implemented in most firewall products. Pet. 53 (citing Ex. 1008,
174). Petitioner alleges that with NAT, “the firewall described in Julkunen
would have replaced the network addresses and port numbers in the packet
headers associated with a location within a private network with a network
address and a port number associated with the firewall.” Pet. 48-49, 53
(citing Ex. 1008, 174). IETF NAT is an internet-draft memo, titled
“Protocol Complications with the IP Network Address Translator (NAT),”
posted by the Internet Engineering Task Force. Ex. 1010. Petitioner asserts
that IETF NAT discloses how to apply NAT to packets with address
information embedded in their payload as claimed. Pet. 54-55 (citing Ex.
1010, 2).
Case IPR2013-00369
Patent 7,107,612 B1
26
Patent Owner contends that Petitioner has failed to sufficiently
identify the precise grounds of unpatentability upon which Petitioner
challenges claims 4-7, as required by 37 C.F.R. § 42.104(b). Prelim. Resp.
34-36. We disagree. The claim charts provided by Petitioner make clear the
combination of references asserted by Petitioner. See Pet. 52-57. We
understand Petitioner to argue that Claims 4 and 6 are unpatentable as
obvious over the combination of Julkunen and Brenton, and that claims 5
and 7 are unpatentable as obvious over the combination of Julkunen,
Brenton, and IETF NAT. See Pet. 52-57.
Patent Owner also argues that the asserted combination based on
Julkunen fails for the same reasons Patent Owner raised with respect to the
asserted anticipation by Julkunen of claim 1. Prelim. Resp. 36-37. As we
concluded Patent Owner’s arguments were not persuasive with respect to
claim 1, on the record before us, the same arguments are likewise
unpersuasive with respect to the obviousness grounds based on Julkunen.
We also have considered Patent Owner’s arguments against the
asserted combination based on Julkunen, including the contention that
Petitioner offered no rationale for the asserted combination. See Prelim.
Resp. 37-40. To the contrary, for the obviousness grounds based on
Julkunen with respect to claims 4-7 (see Pet. 52-57), we understand
Petitioner to contend that those claims require only the combination of
familiar elements according to known methods to yield predictable results.
See KSR Int’l Co. v. Teleflex, Inc., 550 U.S. 398, 416 (2007).
Case IPR2013-00369
Patent 7,107,612 B1
27
In addition, Patent Owner argues that “to the extent Julkunen suggests
the use of ‘proxying’ for address hiding, it actually ‘teaches away’ from the
use of NAT for that purpose.” Prelim. Resp. 38-39. Patent Owner also
contends that one skilled in the art would not have sought to combine
Brenton with Julkunen because Brenton suggests that a dynamic packet filter
cannot make filtering decisions based on payload. Id. at 38. We are not
persuaded by Patent Owner’s teaching away arguments, based on the record
before us, because Patent Owner has not sufficiently addressed the
combination of prior art references as a whole. See In re Keller, 642 F.2d
413, 425 (CCPA 1981) (“The test for obviousness is not . . . that the claimed
invention must be expressly suggested in any one or all of the references.
Rather, the test is what the combined teachings of the references would have
suggested to those of ordinary skill in the art.”). Moreover, Patent Owner
does not direct us to an explicit disclosure in Julkunen that criticizes,
discredits, or otherwise discourages using a NAT with the firewall disclosed
in Julkunen, namely, as a substitute for the proxying services. See In re
Fulton, 391 F.3d 1195, 1201 (Fed. Cir. 2004) (“The prior art’s mere
disclosure of more than one alternative does not constitute a teaching away
from any of these alternatives because such disclosure does not criticize,
discredit, or otherwise discourage the solution claimed in the . . .
application.”).
Patent Owner also asserts that review of claims 4-7 on obviousness
grounds should be denied because Petitioner did not address objective
indicia of non-obviousness. Prelim. Resp. 40-41. In particular, Patent
Case IPR2013-00369
Patent 7,107,612 B1
28
Owner asserts that in the Concurrent Litigation it has presented “substantial
evidence of objective indicia of non-obviousness.” Id. at 40. We are not
persuaded by Patent Owner’s arguments. Patent Owner does not argue here
that the previously presented evidence of secondary considerations rebuts or
outweighs the evidence presented by Petitioner supporting the
unpatentability of claims 4-7 over Julkunen, Brenton, and IETF NAT.
Moreover, the existence of previously presented evidence of secondary
considerations, evidence not before us at this juncture, neither bars the
institution of a trial nor constitutes an additional burden that the Petitioner
must overcome in demonstrating a reasonable likelihood that it would
prevail in demonstrating the unpatentability of claims 4-7 of the ’612 patent.
Cf. In re Rinehart, 531 F.2d 1048, 1052 (CCPA 1976) (“Facts established by
rebuttal evidence must be evaluated along with the facts on which the earlier
conclusion was reached, not against the conclusion itself.”).
In summary, having considered all of the information Petitioner has
presented based on a combination of Julkunen, Brenton, and IETF NAT with
respect to claims 4-7, we conclude that Petitioner has shown a reasonable
likelihood that claims 4 and 6 would have been obvious over Julkunen and
Brenton, and that claims 5 and 7 would have been obvious over Julkunen,
Brenton, and IETF NAT.
E. Anticipation and Obviousness Based on Schneider
Petitioner contends that claims 1-4, 6, 8-13, and 22-27 are
unpatentable as anticipated by Schneider, and that claims 4-7 are
unpatentable for obviousness over Schneider in combination with Brenton or
Case IPR2013-00369
Patent 7,107,612 B1
29
IETF NAT. Pet. 30-42, 57-60. We exercise our discretion and determine
that those grounds of unpatentability are redundant to the grounds of
unpatentability on which we initiate inter partes review. Accordingly, we
do not authorize inter partes review on the remaining grounds of
unpatentability asserted by Petitioner against claims 1-13 and 22-27 of the
’612 patent. See 37 C.F.R. § 42.108(a).
IV. CONCLUSION
For the foregoing reasons, we conclude that the information presented
in the Petition establishes that there is a reasonable likelihood that Petitioner
would prevail in showing that claims 1-13 and 22-27 are unpatentable.
However, we have not made a final determination with respect to the
patentability of these claims.
V. ORDER
For the foregoing reasons, it is:
ORDERED that pursuant to 35 U.S.C. § 314(a), inter partes review is
hereby instituted as to claims 1-13 and 22-27 of the ’612 patent based on the
following grounds of unpatentability:
A. Claims 1-3, 8-13, and 22-27 as anticipated under 35 U.S.C.
§ 102 by Julkunen;
B. Claims 1-4, 6, 10, 12, 13, 22-24, and 26 as anticipated under 35
U.S.C. § 102 by Brenton;
C. Claims 4 and 6 as unpatentable for obviousness under 35
U.S.C. § 103 over the combination of Julkunen and Brenton; and,
Case IPR2013-00369
Patent 7,107,612 B1
30
D. Claims 5 and 7 as unpatentable for obviousness under 35
U.S.C. § 103 over the combination of Julkunen, Brenton, and IETF NAT;
FURTHER ORDERED that no other grounds of unpatentability are
authorized for the inter partes review as to claims 1-13 and 22-27 of the
’612 patent;
FURTHER ORDERED that pursuant to 35 U.S.C. § 314(c) and 37
C.F.R. § 42.4, notice is hereby given of the institution of a trial. The trial
will commence on the entry date of this decision; and
FURTHER ORDERED that an initial conference call with the Board
is scheduled for 3:30 p.m. on January 9, 2014. The parties are directed to
the Office Trial Practice Guide, 77 Fed. Reg. 48,756, 48,765-66 (Aug. 14,
2012) for guidance in preparing for the initial conference call, and should be
prepared to discuss any proposed changes to the Scheduling Order entered
herewith, and any motions the parties anticipate filing during the trial.
Case IPR2013-00369
Patent 7,107,612 B1
31
PETITIONER:
Matthew Kreeger
Brian Ho
MORRISON & FOERSTER LLP
Michael J. Schallop
Van Pelt, Yi & James LLP
PATENT OWNER:
David McPhie
Ben Haber
Irell & Manella LLP
![[Palo Mayombe] El Libro de Palo](https://img.dokumen.tips/doc/110x75/55cf945d550346f57ba1843c/palo-mayombe-el-libro-de-palo.jpg)
