`571-272-7822
`
`
`Paper 8
`Entered: August 24, 2015
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`SOPHOS LTD. and SOPHOS INC.,
`Petitioner,
`
`v.
`
`FORTINET, INC.,
`Patent Owner.
`
`
`
`Case IPR2015-00911
`Patent 8,205,251 B2
`
`
`
`Before MICHAEL R. ZECHER, MATTHEW R. CLEMENTS, and
`MINN CHUNG, Administrative Patent Judges.
`
`CLEMENTS, Administrative Patent Judge.
`
`DECISION
`Denying Institution of Inter Partes Review
`37 C.F.R. § 42.108
`
`
`
`
`
`
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`I.
`
`INTRODUCTION
`
`Sophos Ltd. and Sophos Inc. (“Petitioner”) filed a Petition requesting
`
`inter partes review of claims 1, 6, 9, 12, 17, 18, 22, 26, 27, 29, 31 and 32
`
`(“the challenged claims”) of U.S. Patent No. 8,205,251 B2 (Ex. 1001, “the
`
`’251 patent”). Paper 1 (“Pet.”). Fortinet, Inc. (“Patent Owner”) filed a
`
`Preliminary Response. Paper 6 (“Prelim. Resp.”). We have jurisdiction
`
`under 35 U.S.C. § 314, which provides that an inter partes review may be
`
`authorized only if “the information presented in the petition . . . and any
`
`[preliminary] response . . . shows that there is a reasonable likelihood that
`
`the petitioner would prevail with respect to at least 1 of the claims
`
`challenged in the petition.” 35 U.S.C. § 314(a). Upon consideration of the
`
`Petition and the Preliminary Response, we determine that Petitioner has not
`
`demonstrated a reasonable likelihood of prevailing in showing the
`
`unpatentability of any of the challenged claims of the ’251 patent.
`
`Accordingly, we do not institute an inter partes review for any of the
`
`challenged claims.
`
`A. Related Proceedings
`
`The ’251 patent is involved a co-pending district court case in the U.S.
`
`District Court for District of Delaware. Pet. 1; Paper 5, 2. Petitioner also
`
`filed petitions in Cases IPR2015-00910 and IPR2015-00912 involving
`
`related U.S. Patent Nos. 7,966,654 B2 and 8,656,479 B2, respectively.
`
`Paper 5, 2.
`
`B. The ’251 Patent
`
`The ’251 patent relates generally to network security and specifically
`
`to application-level content processing of network service protocols using a
`
`2
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`firewall. Ex. 1001, 1:23–26. According to the ’251 patent, “critical network
`
`threats, like viruses and worms, are embedded in the application-level
`
`contents of packet streams.” Id. at 1:36–38. Moreover, “[m]any existing
`
`firewall systems use global configuration settings, such as global lists of
`
`[Uniform Resource Locators] to block, lists of spam addresses, options to
`
`scan for viruses, spam, and other similar parameters,” and “[t]hese settings
`
`are applied globally to all policies within the firewall.” Id. at 2:6–10. Such
`
`an approach, according to the ’251 patent, did not provide administrators
`
`with sufficient flexibility to, for example, block certain members, but not
`
`others, from accessing certain websites. Id. at 2:11–23.
`
`The ’251 patent describes a firewall system in which a configuration
`
`scheme is associated with a specific firewall policy and, when a new
`
`communication session matching the firewall policy is initiated, the proxy
`
`program to which the communication connection is redirected looks up the
`
`scheme settings from a configuration database. Id. at 4:52–66. Figure 1 of
`
`the ’251 patent is reproduced below:
`
`
`
`3
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`Figure 1 illustrates a topology of firewall-protected network 100 in
`
`accordance with an embodiment of the ’251 patent. Id. at 5:3–5. Firewall
`
`101 is disposed within the network communication channel between two
`
`user systems 104 and 105, and monitors network packet exchanges between
`
`them. Id. at 5:16–19. Network subsystem 106 may redirect packets to
`
`proxy 107, which then builds and interprets the data buffer. Id. at 5:37–40.
`
`Specifically, proxy 107 assembles the formatted packets intercepted by
`
`networking subsystem 106 in accordance with the specification of the
`
`respective communication protocol to arrive at the transmission content. Id.
`
`at 6:5–9. Configuration database 110 stores various firewall policies,
`
`configuration schemes, and other parameters used by firewall system 101.
`
`Id. at 6:13–15. The stored parameters are retrieved from configuration
`
`database 110 by proxy 107. Id. at 6:15–16.
`
`Figure 2 of the ’251 patent is reproduced below.
`
`Figure 2 illustrates an operating sequence of firewall system 101 when
`
`establishing a basic network communication session. Id. at 6:30–32.
`
`
`
`4
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`Incoming connection 201 is accepted by networking subsystem 106 after a
`
`lookup of an applicable firewall policy. Id. at 6:32–34. The policy indicates
`
`that the session should be redirected to proxy 107, as shown in step 202. Id.
`
`at 6:34–36. Proxy 107 queries the kernel (step 203) to retrieve the
`
`configuration scheme associated with the session. Id. at 6:36–39. Once
`
`retrieved (step 204), proxy 107 queries (step 205) configuration database
`
`110 to retrieve the settings for the configuration scheme matching the
`
`specified identifier. Id. at 6:39–42. Once the settings are retrieved (step
`
`206), proxy 107 continues with filtering tasks or other tasks necessary to
`
`handle the network session. Id. at 6:42–45.
`
`C. Illustrative Claim
`
`Of the challenged claims, claims 1, 17, and 26 are independent.
`
`Claim 1 is reproduced below:
`
`A computer-implemented method for processing
`1.
`
`application-level content of network service protocols, the
`method comprising:
`
`redirecting a network connection, by a networking
`subsystem implemented within a kernel of an operating system
`of a firewall device, to a proxy module of one or more proxy
`modules within the firewall device that is configured to support
`a network service protocol associated with the network
`connection;
`
`retrieving, by the proxy module, one or more content
`processing configuration schemes associated with a matching
`firewall policy for the network service protocol and the network
`connection, the one or more content processing configuration
`schemes each including a plurality of content processing
`configuration settings for each of one or more network service
`protocols; and
`
`5
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`the proxy module, application-level
`processing, by
`content of a packet stream associated with the network
`connection by
`
`the application-level content
`reassembling
`plurality of packets of the packet stream; and
`
`from a
`
`scanning the application-level content based on the
`retrieved one or more content processing configuration
`schemes.
`
`Ex. 1001, 12:37–60.
`
`D. References Relied Upon
`
`Petitioner relies upon the following references:
`
`Taylor
`
`US 6,728,885 B1 Apr. 27, 2004
`
`Sonnenberg
`
`US 7,076,650 B1
`
`July 11, 2006
`
`Astaro Security Linux V5 (Version 5.026) User Manual,
`Release 8.0, © Astaro AG (2004) (“Astaro”).
`
`Ex. 1006
`
`Ex. 1007
`
`Ex. 1008
`
`Pet. 3–4. Petitioner also relies upon the Declaration of Dr. Charles P.
`
`Pfleeger (“Pfleeger Decl.”) (Ex. 1009).
`
`E. The Asserted Grounds of Unpatentability
`
`Petitioner argues that the challenged claims are unpatentable as
`
`obvious over the following grounds (Pet. 3–4, 6–59):
`
`Basis Claims challenged
`References
`§ 103 1, 6, 12, 17, 18, 26, 27, 29, and 31
`Taylor
`§ 103 1, 12, 17, 18, 26, 27, and 29
`Sonnenberg
`§ 103 9, 22, and 32
`Taylor and Astaro
`Sonnenberg and Astaro § 103 6, 9, 22, 31, and 32
`
`II. ANALYSIS
`
`A. Claim Construction
`
`In an inter partes review, claim terms in an unexpired patent are
`
`interpreted according to their “broadest reasonable construction in light of
`
`6
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`the specification of the patent” in which they appear. 37 C.F.R. § 42.100(b);
`
`see In re Cuozzo Speed Techs., LLC., No. 2014-1301, 2015 WL 4097949,
`
`*7–8 (Fed. Cir. July 8, 2015) (“Congress implicitly approved the broadest
`
`reasonable interpretation standard in enacting the AIA,” and “the standard
`
`was properly adopted by PTO regulation.”). Applying that standard, we
`
`interpret the claim terms according to their ordinary and customary meaning
`
`in the context of the patent’s written description. In re Translogic Tech.,
`
`Inc., 504 F.3d 1249, 1257 (Fed. Cir. 2007).
`
`Petitioner contends that all terms should be given their ordinary and
`
`customary meaning as understood by a person of ordinary skill in the art and
`
`consistent with the disclosure. Pet. 6.
`
`Patent Owner “accepts the use of ordinary and customary meanings of
`
`the claim terms” (Prelim. Resp. 7), but proposes constructions for the terms
`
`“content processing configuration settings” and “by.” Prelim. Resp. 8–9.
`
`For purposes of this decision, we need not construe either term. See,
`
`e.g., Vivid Techs., Inc. v. Am. Sci. & Eng’g, Inc., 200 F.3d 795, 803 (Fed.
`
`Cir. 1999) (only those terms that are in controversy need to be construed,
`
`and only to the extent necessary to resolve the controversy).
`
`B. Claims 1, 6, 12, 17, 18, 26, 27, 29, and 31 –
`Obviousness over Taylor
`
`Petitioner argues that the claims 1, 6, 12, 17, 18, 26, 27, 29, and 31 are
`
`unpatentable under 35 U.S.C. § 103(a) as obvious over Taylor. Pet. 6–27.
`
`Taylor (Exhibit 1006)
`
`Taylor describes a firewall that includes a dynamic packet filter that
`
`communicates with a proxy. Ex. 1006, 3:40–44. Figure 2 of Taylor is
`
`reproduced below.
`
`7
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`
`
`Figure 2 is a schematic illustration of internal modules of the firewall of
`
`Taylor. Id. at 4:18–19. As shown, firewall 201 includes Dynamic Packet
`
`Filter module 207 (“DPF 207”) coupled to proxy 211. Id. at 4:27–37. DPF
`
`207 is located in the kernel space of the operating system of firewall 201.
`
`Id. at 4:51–58. Proxy 211 is located in the user space—or “application
`
`layer”—of the operating system of firewall 201. Id. at 4:58–60.
`
`When DPF 207 receives a connection establishing packet—i.e., a
`
`synchronization (SYN) packet—on a registered port, it transfers attribute
`
`information of the packet—i.e., source and destination address; the port on
`
`which the packet was received—to proxy 211. Id. at 5:56–6:20. Upon
`
`receiving the attribute information, proxy 211 determines whether to allow
`
`the connection and, if it is to be allowed, which dynamic filter rule to apply.
`
`Id. at 6:21–25. That information is then transferred to DPF 207. Id. at 6:58–
`
`60.
`
`Analysis
`
`In light of the arguments and evidence, Petitioner has not established a
`
`reasonable likelihood that claims 1, 6, 12, 17, 18, 26, 27, 29, and 31 are
`
`unpatentable as obvious over Taylor.
`
`8
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`Independent claim 1 recites:
`
`the proxy module, application-level
`processing, by
`content of a packet stream associated with the network
`connection by
`
`the application-level content
`reassembling
`plurality of packets of the packet stream; and
`
`from a
`
`scanning the application-level content based on the
`retrieved one or more content processing configuration
`schemes.
`
`Ex. 1001, 12:53–60. Independent claims 17 and 26 recite commensurate
`
`limitations. Id. at 14:44–53, 15:42–16:5.
`
`For the processing step, Petitioner relies on Taylor’s teaching of
`
`examining “at the application layer” packets passing through the firewall
`
`(Ex. 1006, 2:60–63), “applying a proxy filter at the application layer” (id. at
`
`6:40–44), and forwarding packets to “proxy 211 to be filtered at the
`
`application layer level” (id. at 11:46–48). Pet. 11–12. For the reassembling
`
`and scanning steps, Petitioner relies on largely the same teachings and
`
`argues that “it is inherent that in order to process and scan for ‘application
`
`level content,’ packets received by the proxy must necessarily be
`
`[reassembled / scanned]” or, in the alternative, one of ordinary skill in the art
`
`would have understood that packets must necessarily be
`
`[reassembled/scanned]. Id. at 12–14 (citing Ex. 1009 (Pfleeger Decl.) ¶¶
`
`83–88).
`
`Patent Owner argues that Taylor’s teaching that individual packets are
`
`“examined at the application layer” is not a teaching that “application level
`
`content of a packet stream” is examined. Prelim. Resp. 19 (emphasis
`
`original). Patent Owner further argues that “the content filtering in Taylor is
`
`not performed by proxy 211, but rather is described as being performed in
`
`9
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`the kernel (i.e., by DPF 207) at the direction of proxy 211.” Id. at 20 (citing,
`
`inter alia, Ex. 1006, 6:58–60 (“Once proxy 211 determines whether to allow
`
`the connection and which of the rules to apply to the connection, that
`
`information is transferred to DPF 207.”). Patent Owner acknowledges that
`
`Taylor teaches a transparency function in which “specific packets are
`
`processed at the application layer by proxy 211,” but argues that “there is no
`
`reconstruction of application-level content from a plurality of packets as
`
`required by independent claim 1.” Id. at 20–21; see also id. at 21–24
`
`(Arguing the following: (1) no reassembling “by the proxy module” because
`
`filter rules are applied by DPF 207, not by proxy 211; and (2) no
`
`reassembling of “application-level content from a plurality of packets”
`
`because the transparency function is performed on a packet-by-packet basis),
`
`24–26 (Arguing the following: (1) no scanning “by the proxy module”
`
`because filter rules are applied by DPF 207, not by proxy 211; and (2) no
`
`scanning of “application-level content” because the transparency function is
`
`performed on a packet-by-packet basis).
`
`We are persuaded by Patent Owner’s arguments. As Patent Owner
`
`correctly points out, Taylor describes DPF 207, not proxy 211, as applying
`
`the disclosed filtering rules. Ex. 1006, 6:58–60 (“Once proxy 211
`
`determines whether to allow a new connection and which one of the rules to
`
`apply to the connection, that information is transferred to DPF 207.”), 3:63–
`
`65 (“Subsequent packets received with the same attribute information are
`
`then automatically forwarded without consulting the proxy”). Because those
`
`rules are applied by DPF 207, not proxy 211, we are not persuaded that such
`
`filtering constitutes “processing, by the proxy module,” as recited in
`
`independent claim 1, and similarly recited in independent claims 17 and 26.
`
`10
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`
`With respect to Taylor’s processing of connection control packets and
`
`packets received on ports for which transparency is on, we agree with Patent
`
`Owner that, even assuming that proxy 211 processes those packets as
`
`described, such processing is performed only on a packet-by-packet basis
`
`and, therefore, does not teach “reassembling the application-level content
`
`from a plurality of packets of the packet stream,” as recited in independent
`
`claim 1, and similarly recited in independent claims 17 and 26.
`
`We are not persuaded by Petitioner’s argument that reassembling and
`
`scanning is inherent in Taylor. Petitioner argues that such steps are inherent
`
`“in order to process and scan for ‘application level content” (Pet. 12, 14), but
`
`the phrase “application level content,” is not used by Taylor. Petitioner
`
`appears to be quoting claim language. Although Taylor uses the term
`
`“application layer” with respect to proxy 211, the term is used to describe
`
`where proxy 211 is executing (Ex. 1006, 4:58–60 (“Proxy 211 is located in
`
`the user space, i.e., the application layer, of firewall 201.”)), not to describe
`
`what type of content proxy 211 is filtering. Taylor’s description of
`
`“applying a proxy filter at the application layer to all packets received”
`
`(6:40–44) and of forwarding a packet “to proxy 211 to be filtered at the
`
`application layer” (11:46–48) is consistent with the use of “application
`
`layer” to refer to user-space, as opposed to kernel space, within the operating
`
`system of firewall 201. Because Taylor does not describe processing
`
`“application-level content,” we are not persuaded by Petitioner’s argument
`
`that reassembling and scanning are inherent in Taylor.
`
`We, therefore, are not persuaded that Taylor renders obvious
`
`independent claims 1, 17, and 26. For the same reasons discussed above, we
`
`11
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`are not persuaded that Taylor renders obvious the claims that depend from
`
`these independent claims.
`
`Conclusion
`
`On this record, Petitioner has not established a reasonable likelihood
`
`that it would prevail in showing that claims 1, 6, 12, 17, 18, 26, 27, 29, and
`
`31 are unpatentable as obvious over Taylor.
`
`C. Claims 1, 12, 17, 18, 26, 27 and 29 –
`Obviousness over Sonnenberg
`
`Petitioner argues that the claims 1, 12, 17, 18, 26, 27 and 29 are
`
`unpatentable under 35 U.S.C. § 103(a) as obvious over Sonnenberg.
`
`Pet. 27–47.
`
`Sonnenberg (Exhibit 1007)
`
`Sonnenberg describes a method and apparatus for cooperatively and
`
`dynamically sharing a proxy’s burden of scanning communications for target
`
`content. Ex. 1007, Abstract. Figure 1B of Sonnenberg is reproduced below.
`
`
`
`12
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`Figure 1B depicts a block diagram of software modules that may be installed
`
`and configured on firewall 102 and on one or more cooperating network
`
`nodes in accordance with an embodiment of Sonnenberg. Id. at 5:24–27.
`
`Firewall 102 includes proxies relating to different types of communications
`
`(e.g., differentiated by protocol) that the firewall will handle, such as File
`
`Transfer Protocol (FTP) proxy 150, HyperText Transport Protocol (HTTP)
`
`proxy 152, and others, such as proxy 154, which may handle, e.g., Simple
`
`Mail Transport Protocol (SMTP), or may handle a particular application or
`
`communication service (e.g., America Online). Id. at 5:31–41.
`
`Firewall 102 examines received communications and, based on
`
`firewall rules 102, forwards to each installed and enabled proxy those
`
`communications that match its type and that are permitted to transit the
`
`firewall. Id. at 5:44–49. For example, all FTP requests and responses may
`
`be provided to FTP proxy 150, whereas all HTTP communication is
`
`provided to HTTP proxy 152. Id. at 5:54–57. Each proxy may include a set
`
`of rules or criteria concerning whether and how the proxy should manipulate
`
`the communication. Id. at 5:58–60.
`
`Firewall 102 includes one or more modules for scanning a
`
`communication at the instigation of a proxy or on the initiation of the
`
`firewall itself. Id. at 6:1–3. For example, FTP proxy 150 may, depending
`
`upon FTP scanning rules/criteria 150a, invoke virus scanning module 102b
`
`to scan a communication for viruses. Id. at 6:3–6; see also 14:28–48
`
`(describing FTP proxy 150, after applying its rules, scanning a received file
`
`with a scanning module). Other scanning modules, such as content scanning
`
`module 102c may be configured to scan a communication for other
`
`particular content or information (e.g., programming objects such as
`
`13
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`ActiveX controls or Java applets, unwanted or undesired information such as
`
`pornography or other explicit data). Id. at 6:6–11.
`
`Analysis
`
`In light of the arguments and evidence, Petitioner has not established a
`
`reasonable likelihood that claims 1, 12, 17, 18, 26, 27 and 29 are
`
`unpatentable as obvious over Sonnenberg.
`
`Independent claim 1 recites:
`
`the proxy module, application-level
`processing, by
`content of a packet stream associated with the network
`connection by
`
`the application-level content
`reassembling
`plurality of packets of the packet stream; and
`
`from a
`
`scanning the application-level content based on the
`retrieved one or more content processing configuration
`schemes.
`
`Ex. 1001, 12:53–60. Independent claims 17 and 26 recite commensurate
`
`limitations. Id. at 14:44–53, 15:42–16:5.
`
`For the processing step, Petitioner relies on Sonnenberg’s teaching of
`
`“a proxy … configured to scan the communications it handles for target
`
`content such as computer viruses, programming objects (e.g., ActiveX
`
`controls, Java applets), or general content such as pornography,
`
`advertisements, etc.” (Ex. 1007, 2:21–31), and “one or more proxies are also
`
`configured to scan a communication for viruses, specified programming
`
`objects (e.g., ActiveX controls), other content (e.g., pornographic data) that
`
`is desirable or undesirable, etc.” (id. at 4:19–26) and that “the FTP proxy
`
`applies its rules” (id. at 14:30). Pet. 31–32. For the reassembling and
`
`scanning steps, Petitioner relies on largely the same teachings and argues
`
`that reassembling is inherent in Sonnenberg’s disclosure of scanning for
`
`14
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`“target content” or, in the alternative, one of ordinary skill in the art would
`
`have understood that packets must necessarily be reconstructed. Id. at 33–34
`
`(citing Ex. 1009 (Pfleeger Decl.) ¶¶ 111–14).
`
`Patent Owner argues that Sonnenberg’s processing is not “by the
`
`proxy module,” as recited, because “scanning modules external to proxies
`
`150, 152, and 154 perform the actual processing of communications,” and
`
`that “Sonnenberg’s proxies simply cause or trigger the processing performed
`
`by these external scanning modules.” Prelim. Resp. 33–34 (citing Ex 1007,
`
`12:38–42 (“The proxy thus invokes a scanning module on the firewall to
`
`scan communications that it is responsible for.”). Patent Owner further
`
`argues that, because it is the scanning modules—not the proxies—that do the
`
`processing, it is not inherent in Sonnenberg that such reassembling and
`
`scanning is “by the proxy module” as required by the claim. Id. at 34–36.
`
`Patent Owner also argues that Sonnenberg does not teach “scanning . . .
`
`based on the retrieved one or more content processing configuration
`
`schemes” because the scanning by Sonnenberg’s scanning modules is not
`
`“based on” the “proxy rules” that Petitioner identifies as the “configuration
`
`schemes.” Id. at 42–44.
`
`We are persuaded by Patent Owner’s arguments. Sonnenberg teaches
`
`that the disclosed proxies merely invoke scanning by one or more scanning
`
`modules. See, e.g., Ex. 1007, 6:4–6 (“For example, FTP proxy 150 may,
`
`depending upon its rules/criteria 150a, invoke virus scanning module 102b to
`
`scan a communication for viruses.”), 12:40–43 (“The proxy thus invokes a
`
`scanning module on the firewall to scan communications that it is responsible
`
`for (and then forwards them to the node) and passes the others directly to the
`
`node for scanning.”). Petitioner does not direct us to, nor can we find, a
`
`15
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`disclosure in Sonnenberg that teaches or suggests that a proxy does any
`
`scanning. Accordingly, we are not persuaded that the scanning taught in
`
`Sonnenberg is performed “by the proxy module” as recited in independent
`
`claim 1, and similarly recited in independent claims 17 and 26.
`
`Moreover, as Patent Owner correctly points out, Sonnenberg does not
`
`contemplate that the scanning performed by the scanning modules is “based
`
`on” the proxy rules identified by Petitioner as the configuration schemes (Pet.
`
`30–31). Rather, Sonnenberg’s proxy rules merely govern when a
`
`communication is to be scanned on a destination node rather than the firewall.
`
`Ex. 1007, 2:9–20, 11:53–55, 12:24–37. Accordingly, we are not persuaded that
`
`the scanning taught in Sonnenberg is “based on the retrieved one or more
`
`content processing configuration schemes,” as recited in independent claim 1,
`
`and similarly recited in independent claims 17 and 26.
`
`We, therefore, are not persuaded that Sonnenberg renders obvious
`
`independent claims 1, 17, and 26. For the same reasons discussed above,
`
`we are not persuaded that Sonnenberg renders obvious the claims that
`
`depend from these independent claims.
`
`Conclusion
`
`On this record, we are not persuaded that Petitioner has established a
`
`reasonable likelihood that it would prevail in showing that claims 1, 12, 17,
`
`18, 26, 27 and 29 are unpatentable as obvious over Sonnenberg.
`
`D. Other Obviousness Grounds
`
`Petitioner argues that several dependent claims would have been
`
`obvious over either the combination of Taylor and Astaro or the combination
`
`of Sonnenberg and Astaro. Pet. 47–59. Petitioner does not contend that
`
`Astaro teaches any of the independent claim limitations determined above to
`
`16
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`be missing in Taylor and Sonnenberg. Accordingly, Petitioner has not
`
`established a reasonable likelihood that it would prevail in establishing the
`
`unpatentability of these dependent claims for the same reasons discussed
`
`above with respect to the independent claims from which they depend.
`
`III. CONCLUSION
`
`For the foregoing reasons, Petitioner has not shown a reasonable
`
`likelihood that it would prevail in establishing the unpatentability of any of
`
`challenged claims of the ’251 patent on any alleged ground of
`
`unpatentability.
`
`Accordingly, it is
`
`IV. ORDER
`
`ORDERED that the Petition is denied as to all challenged claims of
`
`the ’251 patent; and
`
`FURTHER ORDERED that no inter partes review is instituted.
`
`17
`
`
`
`IPR2015-00911
`Patent 8,205,251 B2
`
`For PETITIONER:
`
`Gianni Minutoli
`Ryan W. Cobb
`Harpreet Singh
`DLA PIPER LLP
`Fortinet-IPRs@dlapiper.com
`
`
`
`For PATENT OWNER:
`
`Jason Liu
`Robert Kang
`QUINN EMANUEL URQUHART & SULLIVAN
`jasonliu@quinnemanuel.com
`robertkang@quinnemanuel.com
`
`Michael A. DeSanctis
`HAMILTON, DESANCTIS & CHA LLP
`mdesanctis@hdciplaw.com
`
`
`18