Trials@uspto.gov
`571-272-7822
`
`
`Paper 8
`Entered: August 24, 2015
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`SOPHOS LTD. and SOPHOS INC.,
`Petitioner,
`
`v.
`
`FORTINET, INC.,
`Patent Owner.
`
`
`
`Case IPR2015-00911
`Patent 8,205,251 B2
`
`
`
`Before MICHAEL R. ZECHER, MATTHEW R. CLEMENTS, and
`MINN CHUNG, Administrative Patent Judges.
`
`CLEMENTS, Administrative Patent Judge.
`
`DECISION
`Denying Institution of Inter Partes Review
`37 C.F.R. § 42.108
`
`
`
`
`
`
`
`
`571-272-7822
`
`
`Paper 8
`Entered: August 24, 2015
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`SOPHOS LTD. and SOPHOS INC.,
`Petitioner,
`
`v.
`
`FORTINET, INC.,
`Patent Owner.
`
`
`
`Case IPR2015-00911
`Patent 8,205,251 B2
`
`
`
`Before MICHAEL R. ZECHER, MATTHEW R. CLEMENTS, and
`MINN CHUNG, Administrative Patent Judges.
`
`CLEMENTS, Administrative Patent Judge.
`
`DECISION
`Denying Institution of Inter Partes Review
`37 C.F.R. § 42.108
`
`
`
`
`
`
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`I.
`
`INTRODUCTION
`
`Sophos Ltd. and Sophos Inc. (“Petitioner”) filed a Petition requesting
`
`inter partes review of claims 1, 6, 9, 12, 17, 18, 22, 26, 27, 29, 31 and 32
`
`(“the challenged claims”) of U.S. Patent No. 8,205,251 B2 (Ex. 1001, “the
`
`’251 patent”). Paper 1 (“Pet.”). Fortinet, Inc. (“Patent Owner”) filed a
`
`Preliminary Response. Paper 6 (“Prelim. Resp.”). We have jurisdiction
`
`under 35 U.S.C. § 314, which provides that an inter partes review may be
`
`authorized only if “the information presented in the petition . . . and any
`
`[preliminary] response . . . shows that there is a reasonable likelihood that
`
`the petitioner would prevail with respect to at least 1 of the claims
`
`challenged in the petition.” 35 U.S.C. § 314(a). Upon consideration of the
`
`Petition and the Preliminary Response, we determine that Petitioner has not
`
`demonstrated a reasonable likelihood of prevailing in showing the
`
`unpatentability of any of the challenged claims of the ’251 patent.
`
`Accordingly, we do not institute an inter partes review for any of the
`
`challenged claims.
`
`A. Related Proceedings
`
`The ’251 patent is involved a co-pending district court case in the U.S.
`
`District Court for District of Delaware. Pet. 1; Paper 5, 2. Petitioner also
`
`filed petitions in Cases IPR2015-00910 and IPR2015-00912 involving
`
`related U.S. Patent Nos. 7,966,654 B2 and 8,656,479 B2, respectively.
`
`Paper 5, 2.
`
`B. The ’251 Patent
`
`The ’251 patent relates generally to network security and specifically
`
`to application-level content processing of network service protocols using a
`
`2
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`firewall. Ex. 1001, 1:23–26. According to the ’251 patent, “critical network
`
`threats, like viruses and worms, are embedded in the application-level
`
`contents of packet streams.” Id. at 1:36–38. Moreover, “[m]any existing
`
`firewall systems use global configuration settings, such as global lists of
`
`[Uniform Resource Locators] to block, lists of spam addresses, options to
`
`scan for viruses, spam, and other similar parameters,” and “[t]hese settings
`
`are applied globally to all policies within the firewall.” Id. at 2:6–10. Such
`
`an approach, according to the ’251 patent, did not provide administrators
`
`with sufficient flexibility to, for example, block certain members, but not
`
`others, from accessing certain websites. Id. at 2:11–23.
`
`The ’251 patent describes a firewall system in which a configuration
`
`scheme is associated with a specific firewall policy and, when a new
`
`communication session matching the firewall policy is initiated, the proxy
`
`program to which the communication connection is redirected looks up the
`
`scheme settings from a configuration database. Id. at 4:52–66. Figure 1 of
`
`the ’251 patent is reproduced below:
`
`
`
`3
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`Figure 1 illustrates a topology of firewall-protected network 100 in
`
`accordance with an embodiment of the ’251 patent. Id. at 5:3–5. Firewall
`
`101 is disposed within the network communication channel between two
`
`user systems 104 and 105, and monitors network packet exchanges between
`
`them. Id. at 5:16–19. Network subsystem 106 may redirect packets to
`
`proxy 107, which then builds and interprets the data buffer. Id. at 5:37–40.
`
`Specifically, proxy 107 assembles the formatted packets intercepted by
`
`networking subsystem 106 in accordance with the specification of the
`
`respective communication protocol to arrive at the transmission content. Id.
`
`at 6:5–9. Configuration database 110 stores various firewall policies,
`
`configuration schemes, and other parameters used by firewall system 101.
`
`Id. at 6:13–15. The stored parameters are retrieved from configuration
`
`database 110 by proxy 107. Id. at 6:15–16.
`
`Figure 2 of the ’251 patent is reproduced below.
`
`Figure 2 illustrates an operating sequence of firewall system 101 when
`
`establishing a basic network communication session. Id. at 6:30–32.
`
`
`
`4
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`Incoming connection 201 is accepted by networking subsystem 106 after a
`
`lookup of an applicable firewall policy. Id. at 6:32–34. The policy indicates
`
`that the session should be redirected to proxy 107, as shown in step 202. Id.
`
`at 6:34–36. Proxy 107 queries the kernel (step 203) to retrieve the
`
`configuration scheme associated with the session. Id. at 6:36–39. Once
`
`retrieved (step 204), proxy 107 queries (step 205) configuration database
`
`110 to retrieve the settings for the configuration scheme matching the
`
`specified identifier. Id. at 6:39–42. Once the settings are retrieved (step
`
`206), proxy 107 continues with filtering tasks or other tasks necessary to
`
`handle the network session. Id. at 6:42–45.
`
`C. Illustrative Claim
`
`Of the challenged claims, claims 1, 17, and 26 are independent.
`
`Claim 1 is reproduced below:
`
`A computer-implemented method for processing
`1.
`
`application-level content of network service protocols, the
`method comprising:
`
`redirecting a network connection, by a networking
`subsystem implemented within a kernel of an operating system
`of a firewall device, to a proxy module of one or more proxy
`modules within the firewall device that is configured to support
`a network service protocol associated with the network
`connection;
`
`retrieving, by the proxy module, one or more content
`processing configuration schemes associated with a matching
`firewall policy for the network service protocol and the network
`connection, the one or more content processing configuration
`schemes each including a plurality of content processing
`configuration settings for each of one or more network service
`protocols; and
`
`5
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`the proxy module, application-level
`processing, by
`content of a packet stream associated with the network
`connection by
`
`the application-level content
`reassembling
`plurality of packets of the packet stream; and
`
`from a
`
`scanning the application-level content based on the
`retrieved one or more content processing configuration
`schemes.
`
`Ex. 1001, 12:37–60.
`
`D. References Relied Upon
`
`Petitioner relies upon the following references:
`
`Taylor
`
`US 6,728,885 B1 Apr. 27, 2004
`
`Sonnenberg
`
`US 7,076,650 B1
`
`July 11, 2006
`
`Astaro Security Linux V5 (Version 5.026) User Manual,
`Release 8.0, © Astaro AG (2004) (“Astaro”).
`
`Ex. 1006
`
`Ex. 1007
`
`Ex. 1008
`
`Pet. 3–4. Petitioner also relies upon the Declaration of Dr. Charles P.
`
`Pfleeger (“Pfleeger Decl.”) (Ex. 1009).
`
`E. The Asserted Grounds of Unpatentability
`
`Petitioner argues that the challenged claims are unpatentable as
`
`obvious over the following grounds (Pet. 3–4, 6–59):
`
`Basis Claims challenged
`References
`§ 103 1, 6, 12, 17, 18, 26, 27, 29, and 31
`Taylor
`§ 103 1, 12, 17, 18, 26, 27, and 29
`Sonnenberg
`§ 103 9, 22, and 32
`Taylor and Astaro
`Sonnenberg and Astaro § 103 6, 9, 22, 31, and 32
`
`II. ANALYSIS
`
`A. Claim Construction
`
`In an inter partes review, claim terms in an unexpired patent are
`
`interpreted according to their “broadest reasonable construction in light of
`
`6
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`the specification of the patent” in which they appear. 37 C.F.R. § 42.100(b);
`
`see In re Cuozzo Speed Techs., LLC., No. 2014-1301, 2015 WL 4097949,
`
`*7–8 (Fed. Cir. July 8, 2015) (“Congress implicitly approved the broadest
`
`reasonable interpretation standard in enacting the AIA,” and “the standard
`
`was properly adopted by PTO regulation.”). Applying that standard, we
`
`interpret the claim terms according to their ordinary and customary meaning
`
`in the context of the patent’s written description. In re Translogic Tech.,
`
`Inc., 504 F.3d 1249, 1257 (Fed. Cir. 2007).
`
`Petitioner contends that all terms should be given their ordinary and
`
`customary meaning as understood by a person of ordinary skill in the art and
`
`consistent with the disclosure. Pet. 6.
`
`Patent Owner “accepts the use of ordinary and customary meanings of
`
`the claim terms” (Prelim. Resp. 7), but proposes constructions for the terms
`
`“content processing configuration settings” and “by.” Prelim. Resp. 8–9.
`
`For purposes of this decision, we need not construe either term. See,
`
`e.g., Vivid Techs., Inc. v. Am. Sci. & Eng’g, Inc., 200 F.3d 795, 803 (Fed.
`
`Cir. 1999) (only those terms that are in controversy need to be construed,
`
`and only to the extent necessary to resolve the controversy).
`
`B. Claims 1, 6, 12, 17, 18, 26, 27, 29, and 31 –
`Obviousness over Taylor
`
`Petitioner argues that the claims 1, 6, 12, 17, 18, 26, 27, 29, and 31 are
`
`unpatentable under 35 U.S.C. § 103(a) as obvious over Taylor. Pet. 6–27.
`
`Taylor (Exhibit 1006)
`
`Taylor describes a firewall that includes a dynamic packet filter that
`
`communicates with a proxy. Ex. 1006, 3:40–44. Figure 2 of Taylor is
`
`reproduced below.
`
`7
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`
`
`Figure 2 is a schematic illustration of internal modules of the firewall of
`
`Taylor. Id. at 4:18–19. As shown, firewall 201 includes Dynamic Packet
`
`Filter module 207 (“DPF 207”) coupled to proxy 211. Id. at 4:27–37. DPF
`
`207 is located in the kernel space of the operating system of firewall 201.
`
`Id. at 4:51–58. Proxy 211 is located in the user space—or “application
`
`layer”—of the operating system of firewall 201. Id. at 4:58–60.
`
`When DPF 207 receives a connection establishing packet—i.e., a
`
`synchronization (SYN) packet—on a registered port, it transfers attribute
`
`information of the packet—i.e., source and destination address; the port on
`
`which the packet was received—to proxy 211. Id. at 5:56–6:20. Upon
`
`receiving the attribute information, proxy 211 determines whether to allow
`
`the connection and, if it is to be allowed, which dynamic filter rule to apply.
`
`Id. at 6:21–25. That information is then transferred to DPF 207. Id. at 6:58–
`
`60.
`
`Analysis
`
`In light of the arguments and evidence, Petitioner has not established a
`
`reasonable likelihood that claims 1, 6, 12, 17, 18, 26, 27, 29, and 31 are
`
`unpatentable as obvious over Taylor.
`
`8
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`Independent claim 1 recites:
`
`the proxy module, application-level
`processing, by
`content of a packet stream associated with the network
`connection by
`
`the application-level content
`reassembling
`plurality of packets of the packet stream; and
`
`from a
`
`scanning the application-level content based on the
`retrieved one or more content processing configuration
`schemes.
`
`Ex. 1001, 12:53–60. Independent claims 17 and 26 recite commensurate
`
`limitations. Id. at 14:44–53, 15:42–16:5.
`
`For the processing step, Petitioner relies on Taylor’s teaching of
`
`examining “at the application layer” packets passing through the firewall
`
`(Ex. 1006, 2:60–63), “applying a proxy filter at the application layer” (id. at
`
`6:40–44), and forwarding packets to “proxy 211 to be filtered at the
`
`application layer level” (id. at 11:46–48). Pet. 11–12. For the reassembling
`
`and scanning steps, Petitioner relies on largely the same teachings and
`
`argues that “it is inherent that in order to process and scan for ‘application
`
`level content,’ packets received by the proxy must necessarily be
`
`[reassembled / scanned]” or, in the alternative, one of ordinary skill in the art
`
`would have understood that packets must necessarily be
`
`[reassembled/scanned]. Id. at 12–14 (citing Ex. 1009 (Pfleeger Decl.) ¶¶
`
`83–88).
`
`Patent Owner argues that Taylor’s teaching that individual packets are
`
`“examined at the application layer” is not a teaching that “application level
`
`content of a packet stream” is examined. Prelim. Resp. 19 (emphasis
`
`original). Patent Owner further argues that “the content filtering in Taylor is
`
`not performed by proxy 211, but rather is described as being performed in
`
`9
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`the kernel (i.e., by DPF 207) at the direction of proxy 211.” Id. at 20 (citing,
`
`inter alia, Ex. 1006, 6:58–60 (“Once proxy 211 determines whether to allow
`
`the connection and which of the rules to apply to the connection, that
`
`information is transferred to DPF 207.”). Patent Owner acknowledges that
`
`Taylor teaches a transparency function in which “specific packets are
`
`processed at the application layer by proxy 211,” but argues that “there is no
`
`reconstruction of application-level content from a plurality of packets as
`
`required by independent claim 1.” Id. at 20–21; see also id. at 21–24
`
`(Arguing the following: (1) no reassembling “by the proxy module” because
`
`filter rules are applied by DPF 207, not by proxy 211; and (2) no
`
`reassembling of “application-level content from a plurality of packets”
`
`because the transparency function is performed on a packet-by-packet basis),
`
`24–26 (Arguing the following: (1) no scanning “by the proxy module”
`
`because filter rules are applied by DPF 207, not by proxy 211; and (2) no
`
`scanning of “application-level content” because the transparency function is
`
`performed on a packet-by-packet basis).
`
`We are persuaded by Patent Owner’s arguments. As Patent Owner
`
`correctly points out, Taylor describes DPF 207, not proxy 211, as applying
`
`the disclosed filtering rules. Ex. 1006, 6:58–60 (“Once proxy 211
`
`determines whether to allow a new connection and which one of the rules to
`
`apply to the connection, that information is transferred to DPF 207.”), 3:63–
`
`65 (“Subsequent packets received with the same attribute information are
`
`then automatically forwarded without consulting the proxy”). Because those
`
`rules are applied by DPF 207, not proxy 211, we are not persuaded that such
`
`filtering constitutes “processing, by the proxy module,” as recited in
`
`independent claim 1, and similarly recited in independent claims 17 and 26.
`
`10
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`With respect to Taylor’s processing of connection control packets and
`
`packets received on ports for which transparency is on, we agree with Patent
`
`Owner that, even assuming that proxy 211 processes those packets as
`
`described, such processing is performed only on a packet-by-packet basis
`
`and, therefore, does not teach “reassembling the application-level content
`
`from a plurality of packets of the packet stream,” as recited in independent
`
`claim 1, and similarly recited in independent claims 17 and 26.
`
`We are not persuaded by Petitioner’s argument that reassembling and
`
`scanning is inherent in Taylor. Petitioner argues that such steps are inherent
`
`“in order to process and scan for ‘application level content” (Pet. 12, 14), but
`
`the phrase “application level content,” is not used by Taylor. Petitioner
`
`appears to be quoting claim language. Although Taylor uses the term
`
`“application layer” with respect to proxy 211, the term is used to describe
`
`where proxy 211 is executing (Ex. 1006, 4:58–60 (“Proxy 211 is located in
`
`the user space, i.e., the application layer, of firewall 201.”)), not to describe
`
`what type of content proxy 211 is filtering. Taylor’s description of
`
`“applying a proxy filter at the application layer to all packets received”
`
`(6:40–44) and of forwarding a packet “to proxy 211 to be filtered at the
`
`application layer” (11:46–48) is consistent with the use of “application
`
`layer” to refer to user-space, as opposed to kernel space, within the operating
`
`system of firewall 201. Because Taylor does not describe processing
`
`“application-level content,” we are not persuaded by Petitioner’s argument
`
`that reassembling and scanning are inherent in Taylor.
`
`We, therefore, are not persuaded that Taylor renders obvious
`
`independent claims 1, 17, and 26. For the same reasons discussed above, we
`
`11
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`are not persuaded that Taylor renders obvious the claims that depend from
`
`these independent claims.
`
`Conclusion
`
`On this record, Petitioner has not established a reasonable likelihood
`
`that it would prevail in showing that claims 1, 6, 12, 17, 18, 26, 27, 29, and
`
`31 are unpatentable as obvious over Taylor.
`
`C. Claims 1, 12, 17, 18, 26, 27 and 29 –
`Obviousness over Sonnenberg
`
`Petitioner argues that the claims 1, 12, 17, 18, 26, 27 and 29 are
`
`unpatentable under 35 U.S.C. § 103(a) as obvious over Sonnenberg.
`
`Pet. 27–47.
`
`Sonnenberg (Exhibit 1007)
`
`Sonnenberg describes a method and apparatus for cooperatively and
`
`dynamically sharing a proxy’s burden of scanning communications for target
`
`content. Ex. 1007, Abstract. Figure 1B of Sonnenberg is reproduced below.
`
`
`
`12
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`Figure 1B depicts a block diagram of software modules that may be installed
`
`and configured on firewall 102 and on one or more cooperating network
`
`nodes in accordance with an embodiment of Sonnenberg. Id. at 5:24–27.
`
`Firewall 102 includes proxies relating to different types of communications
`
`(e.g., differentiated by protocol) that the firewall will handle, such as File
`
`Transfer Protocol (FTP) proxy 150, HyperText Transport Protocol (HTTP)
`
`proxy 152, and others, such as proxy 154, which may handle, e.g., Simple
`
`Mail Transport Protocol (SMTP), or may handle a particular application or
`
`communication service (e.g., America Online). Id. at 5:31–41.
`
`Firewall 102 examines received communications and, based on
`
`firewall rules 102, forwards to each installed and enabled proxy those
`
`communications that match its type and that are permitted to transit the
`
`firewall. Id. at 5:44–49. For example, all FTP requests and responses may
`
`be provided to FTP proxy 150, whereas all HTTP communication is
`
`provided to HTTP proxy 152. Id. at 5:54–57. Each proxy may include a set
`
`of rules or criteria concerning whether and how the proxy should manipulate
`
`the communication. Id. at 5:58–60.
`
`Firewall 102 includes one or more modules for scanning a
`
`communication at the instigation of a proxy or on the initiation of the
`
`firewall itself. Id. at 6:1–3. For example, FTP proxy 150 may, depending
`
`upon FTP scanning rules/criteria 150a, invoke virus scanning module 102b
`
`to scan a communication for viruses. Id. at 6:3–6; see also 14:28–48
`
`(describing FTP proxy 150, after applying its rules, scanning a received file
`
`with a scanning module). Other scanning modules, such as content scanning
`
`module 102c may be configured to scan a communication for other
`
`particular content or information (e.g., programming objects such as
`
`13
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`ActiveX controls or Java applets, unwanted or undesired information such as
`
`pornography or other explicit data). Id. at 6:6–11.
`
`Analysis
`
`In light of the arguments and evidence, Petitioner has not established a
`
`reasonable likelihood that claims 1, 12, 17, 18, 26, 27 and 29 are
`
`unpatentable as obvious over Sonnenberg.
`
`Independent claim 1 recites:
`
`the proxy module, application-level
`processing, by
`content of a packet stream associated with the network
`connection by
`
`the application-level content
`reassembling
`plurality of packets of the packet stream; and
`
`from a
`
`scanning the application-level content based on the
`retrieved one or more content processing configuration
`schemes.
`
`Ex. 1001, 12:53–60. Independent claims 17 and 26 recite commensurate
`
`limitations. Id. at 14:44–53, 15:42–16:5.
`
`For the processing step, Petitioner relies on Sonnenberg’s teaching of
`
`“a proxy … configured to scan the communications it handles for target
`
`content such as computer viruses, programming objects (e.g., ActiveX
`
`controls, Java applets), or general content such as pornography,
`
`advertisements, etc.” (Ex. 1007, 2:21–31), and “one or more proxies are also
`
`configured to scan a communication for viruses, specified programming
`
`objects (e.g., ActiveX controls), other content (e.g., pornographic data) that
`
`is desirable or undesirable, etc.” (id. at 4:19–26) and that “the FTP proxy
`
`applies its rules” (id. at 14:30). Pet. 31–32. For the reassembling and
`
`scanning steps, Petitioner relies on largely the same teachings and argues
`
`that reassembling is inherent in Sonnenberg’s disclosure of scanning for
`
`14
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`“target content” or, in the alternative, one of ordinary skill in the art would
`
`have understood that packets must necessarily be reconstructed. Id. at 33–34
`
`(citing Ex. 1009 (Pfleeger Decl.) ¶¶ 111–14).
`
`Patent Owner argues that Sonnenberg’s processing is not “by the
`
`proxy module,” as recited, because “scanning modules external to proxies
`
`150, 152, and 154 perform the actual processing of communications,” and
`
`that “Sonnenberg’s proxies simply cause or trigger the processing performed
`
`by these external scanning modules.” Prelim. Resp. 33–34 (citing Ex 1007,
`
`12:38–42 (“The proxy thus invokes a scanning module on the firewall to
`
`scan communications that it is responsible for.”). Patent Owner further
`
`argues that, because it is the scanning modules—not the proxies—that do the
`
`processing, it is not inherent in Sonnenberg that such reassembling and
`
`scanning is “by the proxy module” as required by the claim. Id. at 34–36.
`
`Patent Owner also argues that Sonnenberg does not teach “scanning . . .
`
`based on the retrieved one or more content processing configuration
`
`schemes” because the scanning by Sonnenberg’s scanning modules is not
`
`“based on” the “proxy rules” that Petitioner identifies as the “configuration
`
`schemes.” Id. at 42–44.
`
`We are persuaded by Patent Owner’s arguments. Sonnenberg teaches
`
`that the disclosed proxies merely invoke scanning by one or more scanning
`
`modules. See, e.g., Ex. 1007, 6:4–6 (“For example, FTP proxy 150 may,
`
`depending upon its rules/criteria 150a, invoke virus scanning module 102b to
`
`scan a communication for viruses.”), 12:40–43 (“The proxy thus invokes a
`
`scanning module on the firewall to scan communications that it is responsible
`
`for (and then forwards them to the node) and passes the others directly to the
`
`node for scanning.”). Petitioner does not direct us to, nor can we find, a
`
`15
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`disclosure in Sonnenberg that teaches or suggests that a proxy does any
`
`scanning. Accordingly, we are not persuaded that the scanning taught in
`
`Sonnenberg is performed “by the proxy module” as recited in independent
`
`claim 1, and similarly recited in independent claims 17 and 26.
`
`Moreover, as Patent Owner correctly points out, Sonnenberg does not
`
`contemplate that the scanning performed by the scanning modules is “based
`
`on” the proxy rules identified by Petitioner as the configuration schemes (Pet.
`
`30–31). Rather, Sonnenberg’s proxy rules merely govern when a
`
`communication is to be scanned on a destination node rather than the firewall.
`
`Ex. 1007, 2:9–20, 11:53–55, 12:24–37. Accordingly, we are not persuaded that
`
`the scanning taught in Sonnenberg is “based on the retrieved one or more
`
`content processing configuration schemes,” as recited in independent claim 1,
`
`and similarly recited in independent claims 17 and 26.
`
`We, therefore, are not persuaded that Sonnenberg renders obvious
`
`independent claims 1, 17, and 26. For the same reasons discussed above,
`
`we are not persuaded that Sonnenberg renders obvious the claims that
`
`depend from these independent claims.
`
`Conclusion
`
`On this record, we are not persuaded that Petitioner has established a
`
`reasonable likelihood that it would prevail in showing that claims 1, 12, 17,
`
`18, 26, 27 and 29 are unpatentable as obvious over Sonnenberg.
`
`D. Other Obviousness Grounds
`
`Petitioner argues that several dependent claims would have been
`
`obvious over either the combination of Taylor and Astaro or the combination
`
`of Sonnenberg and Astaro. Pet. 47–59. Petitioner does not contend that
`
`Astaro teaches any of the independent claim limitations determined above to
`
`16
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`be missing in Taylor and Sonnenberg. Accordingly, Petitioner has not
`
`established a reasonable likelihood that it would prevail in establishing the
`
`unpatentability of these dependent claims for the same reasons discussed
`
`above with respect to the independent claims from which they depend.
`
`III. CONCLUSION
`
`For the foregoing reasons, Petitioner has not shown a reasonable
`
`likelihood that it would prevail in establishing the unpatentability of any of
`
`challenged claims of the ’251 patent on any alleged ground of
`
`unpatentability.
`
`Accordingly, it is
`
`IV. ORDER
`
`ORDERED that the Petition is denied as to all challenged claims of
`
`the ’251 patent; and
`
`FURTHER ORDERED that no inter partes review is instituted.
`
`17
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`For PETITIONER:
`
`Gianni Minutoli
`Ryan W. Cobb
`Harpreet Singh
`DLA PIPER LLP
`Fortinet-IPRs@dlapiper.com
`
`
`
`For PATENT OWNER:
`
`Jason Liu
`Robert Kang
`QUINN EMANUEL URQUHART & SULLIVAN
`jasonliu@quinnemanuel.com
`robertkang@quinnemanuel.com
`
`Michael A. DeSanctis
`HAMILTON, DESANCTIS & CHA LLP
`mdesanctis@hdciplaw.com
`
`
`18
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
