Trials@uspto.gov Paper 11
`571.272.7822 Entered: November 14, 2018
`
`
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`ZSCALER, INC.,
`Petitioner,
`v.
`
`SYMANTEC CORPORATION,
`Patent Owner.
`____________
`
`Case IPR2018-00920
`Patent 9,525,696 B2
`____________
`
`
`Before JEFFREY S. SMITH, BRYAN F. MOORE, and NEIL T. POWELL,
`Administrative Patent Judges.
`
`SMITH, Administrative Patent Judge.
`
`
`
`
`
`
`DECISION
`Instituting Inter Partes Review
`35 U.S.C. § 314(a)
`
`
`
`
`
`571.272.7822 Entered: November 14, 2018
`
`
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`ZSCALER, INC.,
`Petitioner,
`v.
`
`SYMANTEC CORPORATION,
`Patent Owner.
`____________
`
`Case IPR2018-00920
`Patent 9,525,696 B2
`____________
`
`
`Before JEFFREY S. SMITH, BRYAN F. MOORE, and NEIL T. POWELL,
`Administrative Patent Judges.
`
`SMITH, Administrative Patent Judge.
`
`
`
`
`
`
`DECISION
`Instituting Inter Partes Review
`35 U.S.C. § 314(a)
`
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`
`I. INTRODUCTION
`Petitioner filed a Petition for inter partes review of claims 1–19 of
`U.S. Patent 9,525,696 (Ex. 1001, the ’696 patent”). Paper 1 (“Pet.”). Patent
`Owner filed a Preliminary Response. Paper 9 (“Prelim. Resp.”). Institution
`of an inter partes review is authorized by statute when “the information
`presented in the petition . . . and any response . . . shows that there is a
`reasonable likelihood that the petitioner would prevail with respect to at least
`1 of the claims challenged in the petition.” 35 U.S.C. § 314(a).
`Upon consideration of the Petition and the Preliminary Response, we
`are persuaded Petitioner has demonstrated a reasonable likelihood that it
`would prevail in establishing the unpatentability of at least one claim of the
`’696 patent. Accordingly, we institute an inter partes review on all
`challenged claims and grounds raised in the Petition.
`A. Related Matters
`The ’696 patent, along with several other patents, is the subject of
`Symantec Corporation and Symantec Limited v. Zscaler, Inc., 17-cv-04414
`(N.D. Cal.), transferred from 17-cv-00806 (D. Del.) filed June 22, 2017.
`Pet. 2–3; Paper 5 (Patent Owner’s Mandatory Notice).
`The ’696 patent shares common parent applications with U.S. Patent
`8,402,540 (“the ’540 patent”). The ’540 patent is the subject of IPR2018-
`00930. Pet. 4; Paper 5.
`
`B. The ’696 Patent
`The ’696 patent relates generally to protecting computer systems from
`viruses, attacks from hackers, spyware, spam, and other malicious activities.
`Ex. 1001, 1:59–63. A flow processing facility inspects payloads of network
`traffic packets and provides security and protection to a computer. Abstract.
`2
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`Figure 1 of the ’696 patent is reproduced below.
`
`
`
`
`Figure 1 above shows a networked computing environment 100 for
`data flow processing, including flow processing facility 102 coupled to
`internetwork 104, a network-connected computing facility 112, a plurality of
`server computing facilities 108, and a number of departmental computing
`facilities 110, such as an engineering department, a marketing department,
`and another department. Ex. 1001, 19:57–65, 20:7–8. Flow processing
`facility 102 receives data flows from the computing facilities via
`internetwork 104 and processes the data flows. Id. at 20:29–35. A
`virtualization aspect of flow processing facility 102 enables the flow
`processing facility to provide features and functions tailored to users of data
`flows. Id. at 22:16–19. For example, virtualization can present server
`computing facility 108 with different policies and applications than it
`provides to network-connected computing facility 112. Id. at 22:21–25. A
`
`
`
`3
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`subscriber profile can relate an application to a subscriber. Id. at 37:58–59.
`Figure 30 below shows a schematic of an enterprise network. Id. at
`89:27–28.
`
`
`Figure 30 above shows network participants of network 3000 include
`user1 3004, user2 3008, and server 108, and participant types of network
`3000 include engineering 3010 and sales 3012. Id. at 89:42–45. Each of the
`network participants and participant types has a physical connection to flow
`processing 102. Id. at 89:45–48. Virtualization model 3014 of flow
`processing facility 102 uniquely identifies data flows 444 from each
`participant and routes the data flow to a virtual network 3018 associated
`with the virtual network. Id. at 90:3–9. Security policy 3020 is applied to
`data flow 444 of virtual network 3018, such as anti-virus, anti-span, anti-
`
`
`
`4
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`spyware, and anti-worm. Id. at 90:19–26.
`C. Illustrative Claim
`Claims 1 and 13 of the challenged claims of the ’969 patent are
`independent. Claim 1 is illustrative of the claimed subject matter:
`1. A flow processing facility for implementing a security
`policy, comprising:
`a plurality of application processing hardware modules, each
`configured with an application for processing data packets;
`a subscriber profile for identifying data packets associated with
`the subscriber profile in a stream of data packets; and
`a network processing module for identifying one or more of the
`plurality of application processing modules for processing the
`identified data packets based on an association of the
`application configured on each application processing module
`with the subscriber profile and for transmitting the identified
`data packets in at least one of series and parallel to the
`identified application processing modules based on the security
`policy.
`Ex. 1001, 123:48–63.
`
`
`
`
`
`
`
`D. References
`Petitioner relies on the following references. Pet. 5–6.
`Ex. 1004 Nortel WO 00/33204
`June 8, 2000
`Ex. 1005 Stone US 5,598,410
`Jan. 28, 1997
`Ex. 1006 Alles US 6,466,976 B1 Oct. 15, 2002
`(filed Dec. 3, 1998)
` US 6,633,563 B1 Oct. 14, 2003
`(filed Mar. 2, 1999)
`
`Ex. 1007 Lin
`
`
`
`
`
`5
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`
`E. Asserted Grounds of Unpatentability
`Petitioner contends that claims 1–19 of the ’696 patent are
`unpatentable based on the following grounds:
`Reference(s)
`Basis
`Nortel
`§ 103
`Nortel and Stone
`§ 103
`Alles and Lin
`§ 103
`Alles, Lin, and Stone
`§ 103
`
`
`Challenged Claims
`1, 9–13, 16–19
`2–8, 14, 15
`1, 9–13, 16–19
`2–8, 14, 15
`
`II. Analysis
`A. Claim Construction
`“[T]he words of a claim ‘are generally given their ordinary and
`customary meaning’ . . . that the term would have to a person of ordinary
`skill in the art in question at the time of the invention.” Phillips v. AWH
`Corp., 415 F.3d 1303, 1312–13 (Fed. Cir. 2005) (en banc) (citations
`omitted). “[T]he person of ordinary skill in the art is deemed to read the
`claim term not only in the context of the particular claim in which [it]
`appears, but in the context of the entire patent, including the specification.”
`Phillips, 415 F.3d at 1313. For example, a “claim construction that excludes
`[a] preferred embodiment [described in the specification] ‘is rarely, if ever,
`correct and would require highly persuasive evidentiary support.’” Adams
`Respiratory Therapeutics, Inc. v. Perrigo Co., 616 F.3d 1283, 1290 (Fed.
`Cir. 2010) (citation omitted). But “a claim construction must not import
`limitations from the specification into the claims.” Douglas Dynamics, LLC
`v. Buyers Products Co., 717 F.3d 1336, 1342 (Fed. Cir. 2013) (citation
`omitted). Therefore, “it is improper to read limitations from a preferred
`
`
`
`6
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`embodiment described in the specification–even if it is the only
`embodiment–into the claims absent a clear indication in the intrinsic record
`that the patentee intended the claims to be so limited.” Dealertrack, Inc. v.
`Huber, 674 F.3d 1315, 1327 (Fed. Cir. 2012) (citation omitted).
`For purposes of this decision, we determine no terms need an explicit
`construction to resolve a controversy at this preliminary stage. See Vivid
`Techs., Inc. v. Am. Sci. & Eng’g, Inc., 200 F.3d 795, 803 (Fed. Cir. 1999)
`(only those terms which are in controversy need to be construed and only to
`the extent necessary to resolve the controversy).
`B. Asserted Obviousness over Nortel and the
`Knowledge of a Person of Ordinary Skill: Claims 1, 9–13, 16–19
`1. Nortel (Ex. 1004)
`Nortel relates to a method for providing desired service policies to
`subscribers accessing the Internet. Ex. 1004, 1:4–6. An internet service
`node (ISN) enables providing the desired service policies to each subscriber.
`Ex. 1004, Abstract. The ISN contains multiple processor groups, with each
`subscriber being assigned to a processor group. Id. The assigned processor
`group may be configured with processing rules which provide the service
`policies desired by a subscriber. Id. A content addressable memory with
`masks for individual locations determines the processor group to which
`received data is to be assigned. Id.
`Figure 4 of Nortel illustrates details of an ISN and is reproduced
`below.
`
`
`
`7
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`
`
`
`
`Figure 4 above shows an ISN including access ports 410-A, 410-B, trunk
`ports 420-A, 420-B, 420-C, switch fabric 440, packet service cards 450-A,
`450-B, router/service management card 460, and configuration manager 470.
`Ex. 1004, 17:17–23.
`Configuration manager 470 provides a user interface to enable
`different service policies to be specified for different subscribers. Id. at
`18:13–15. Switch fabric 440 receives bit groups from access ports 410, and
`forwards the bit groups to packet service cards 450. Id. at 19:7–8. Different
`service policy types are implemented in different packet service cards 450.
`Id. at 19:12–13. Each subscriber may be assigned to a packet service card
`providing the desired service policy types. Id. at 13–14. By assigning the
`data processing for each subscriber to a specific packet service card, each
`packet service card may be configured only with the processing rules
`corresponding to the subscribers assigned to it. Id. at 20:14–18.
`
`
`
`8
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`
`Figure 5 of Nortel is reproduced below
`
`
`Figure 5 of Nortel above is a block diagram illustrating details of packet
`service card 450. Ex. 1004, 21:14–15. Packet service card 450 includes
`processor groups 550-A through 550-D, processor interface 530, and control
`logic 520. Ex. 1004, 21:15–16. Control logic 520 determines which of the
`processors in a processor group processes a packet. Ex. 1004, 21:19–20.
`Control logic 520 operates in conjunction with configuration manager 470 to
`instantiate, or configure, processor groups 550 with processing rules related
`to assigned subscribers, to ensure processor group 550 performs operations
`specified by the processing rules. Ex. 1004, 21:21–23, 21:30–31. Several
`subscribers may be assigned to each processor group. Ex. 1004, 22:8.
`2. Claims 1, 9–13, 16–19
`Claim 1 recites “a plurality of application processing hardware
`modules, each configured with an application for processing data packets.”
`Claim 13 recites a similar limitation. Petitioner contends this limitation is
`taught by Nortel’s teaching of an ISN including a plurality of packet service
`
`
`
`9
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`cards, combined with the knowledge of a person of ordinary skill in the art.
`Pet. 21–22 (citing Ex. 1004, Fig. 4, 3:5–7, 17:18–21, 20:19–20). According
`to Petitioner, each packet service card has a plurality of processor groups,
`and each processor group processes data using processing rules, where the
`processing rules corresponding to a subscriber are assigned to a pre-
`specified processor or group of processors. Pet. 22–23 (citing Ex. 1004, Fig.
`5, 3:5–9, 4:20–23, 9:16–19, 19:12–24, 21:14–16, 22:14–15; Ex. 1003 ¶¶ 76–
`80).
`
`Petitioner contends that a person of ordinary skill in the art “would
`have understood Nortel’s processing rules to comprise applications.” Pet.
`25. Specifically, Petitioner contends that Nortel discloses that the
`processing rules on the packet service cards implement policies relating to
`firewalls, security, anti-spoofing, virtual private networks, encryption,
`tunneling, and traffic steering, which, according to Petitioner’s declarant Dr.
`Markus Jakobsson, were well-known in the art to be performed by
`application programs. Pet 24 (citing Ex. 1004, 14:28–15:2; Ex. 1003 ¶ 83;
`Ex. 1012, 6). Petitioner contends that Nortel’s disclosure of an exemplary
`structure shown in Figure 6A, containing multiple processing rules, teaches
`that each processing rule is a software structure containing a classifier and
`an action, with the classifier specifying the data flows and conditions under
`which the associated action needs to be applied. Pet 24–25 (citing Ex. 1004,
`Fig. 6A, 15:4–6; Ex. 1003 ¶¶ 84–85).
`Patent Owner contends that the processing rules shown in Figure 6A
`of Nortel are not applications, because the processing rules contain tuples
`and parameters, not software instructions. Prelim. Resp. 29–32 (citing Ex.
`1004, Fig. 6A, 23:8–12; Ex. 2001 ¶¶ 68–73).
`10
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`
`Figure 6A of Nortel is reproduced below.
`
`
`Figure 6A above shows table 600 illustrating exemplary processing rules
`610–660 for providing desired service policies to subscribers. Ex. 1004,
`8:24–25, 23:1. A classifier for a security policy is chosen to include data
`required for identifying flows. Ex. 1004, 23:1–3. Dr. Jakobsson testifies
`that rule 610 shown in Figure 6A of Nortel illustrates that a data flow with
`the classifier specified by the source and destination addresses in the SRC
`and DST columns, and transmitted using the specified service in the SVC
`column, is processed by the corresponding action in the ACTION column,
`which is shown in Figure 6A as an encryption function. Ex. 1003 ¶¶ 84–85
`(citing Ex. 1004, Fig. 6A, 15:4–6, 23:3–6). Dr. Jakobsson testifies that
`security functions were well-known in the art to be provided by software
`applications. Ex. 1003 ¶ 83. Dr. Jakobsson further testifies that Nortel
`discloses each processor group is configured to process data in accordance
`with the processing rules. Ex. 1003 ¶¶ 80, 85.
`
`
`
`11
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`
`We rely on Nortel’s teaching of a processor group configured with
`processing rules to provide service policies such as security functions, and
`Dr. Jakobsson’s testimony that a person of ordinary skill in the art would
`have understood that security functions are provided by software
`applications, to determine Petitioner has sufficiently established that the
`combination of Nortel and the knowledge of a person of ordinary skill in the
`art teaches “a plurality of application processing hardware modules, each
`configured with an application for processing data packets” as recited in
`claim 1.
`Claim 1 recites “a subscriber profile for identifying data packets
`associated with the subscriber profile in a stream of data packets.” Claim 13
`recites a similar limitation. Petitioner contends this limitation is taught by
`Nortel’s teaching of classifiers to associate incoming data packets with a
`subscriber, combined with the knowledge of a person of ordinary skill in the
`art. Pet. 25–26 (citing Ex. 1003 ¶¶ 87–88). Petitioner, relying on testimony
`of Dr. Jakobsson, contends that the classifiers are stored in a profile using a
`content addressable memory (CAM) having a search field to store data
`identifying a subscriber, and a mask field storing a mask specifying
`individual bit positions to be examined in incoming data. Pet. 26 (citing Ex.
`1003 ¶¶ 89–91).
`Patent Owner contends that Nortel does not teach the claimed
`subscriber profile, because, according to Patent Owner, the classifiers in
`each processing rule are not implemented through CAMs. Prelim. Resp. 20–
`24 (citing Ex. 1004, 17:28–18:4, 26:4–7, 26:10–11, 27:12–22, 31:10–13; Ex.
`2001 ¶¶ 76–77). Patent Owner contends that the classifiers are part of the
`processing rules applied by the packet service cards, which are separate from
`12
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`CAMs. Pet. 24–26 (citing Ex. 1004, 20:7–8, 23:2–5; Ex. 2001 ¶¶ 54–58,
`76–78).
`Dr. Jakobsson testifies that Nortel teaches a processing rule includes
`classifiers that identify subscribers. Ex. 1003 ¶ 87 (citing Ex. 1004, 3:23–
`27, 9:9–11, 9:31–10:2, 10:8–10, 11:14–15). Dr. Jakobsson testifies that
`Nortel teaches a classifier includes data to identify subscribers, such as
`source and destination IP addresses. Ex. 1003 ¶ 88 (citing Ex. 1004, 11:20–
`23, 12:22–25, 15:3–7, 16:12–17, 16:21–23, 16:26–30, 19:15–17, 23:30–31).
`Dr. Jakobsson testifies that the data to identify subscribers can be stored in
`CAM, and used to determine whether data in a received IP packet matches
`the stored identifying data. Id. ¶ 89 (citing Ex. 27:12–25, 28:31–32).
`Nortel teaches that the “classifier specifies all the data flows,” and that
`in an “IP environment, each data flow may be uniquely identified by . . .
`source/destination IP addresses . . . .” Ex. 1004, 15:3–7. Nortel teaches that
`“bit groups may be assembled . . . to determine whether subscriber data
`(received in the form of bit groups) matches a classifier.” Ex. 1004, 16:22–
`23. Nortel teaches that “the bit positions of each CAM location specified by
`the corresponding mask are compared with the input bits, and the output
`value . . . for a matched location is provided on output bus 799.” Ex. 1004,
`27:18 –21. As an example, Nortel teaches using the CAM in examining bit
`positions of a received IP packet to determine whether the destination IP
`address of the received packet matches an IP address assigned to a specific
`subscriber. Ex. 1004, 28:5–11.
`We credit Dr. Jakobsson’s testimony and supporting evidence and
`determine that Petitioner has established sufficiently that the combination of
`Nortel and the knowledge of a person of ordinary skill in the art teaches “a
`13
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`subscriber profile for identifying data packets associated with the subscriber
`profile in a stream of data packets.”
`Claim 1 recites
`“a network processing module for identifying one or more of
`the plurality of application processing modules for processing
`the identified data packets based on an association of the
`application configured on each application processing module
`with the subscriber profile and for transmitting the identified
`data packets in at least one of series and parallel to the
`identified application processing modules based on the security
`policy.”
`Claim 13 recites a similar limitation. Petitioner contends this limitation is
`taught by Nortel’s teaching of a switch fabric including a CAM, where the
`CAM identifies the subscriber of originating data packets as discussed
`above, and identifies processors for providing the subscriber’s desired
`service policies to the data packets, and the switch fabric forwards the data
`packets to the identified processors. Pet. 27–28 (citing Ex. 1003 ¶¶ 94–95,
`97–102).
`Patent Owner contends that Nortel does not disclose identifying
`application processing modules based on an association of applications
`configured on each application processing module with the subscriber
`profile as claimed. Prelim. Resp. 37–38. In particular, Patent Owner,
`relying on testimony of its declarant Dr. Chatterjee, contends that Nortel
`does not disclose “‘an association of the application configured on each
`application processing module with the subscriber profile as claimed,”
`because the CAM of Nortel only has a search field, a mask field, and an
`output field. Prelim. Resp. 39–40 (citing Ex. 2001 ¶ 91).
`
`
`
`
`14
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`
`Dr. Jakobsson testifies that the identification in Nortel is based on an
`association of the application configured on each application-processing
`module with the subscriber profile, because each processor identified by the
`output field of the CAM is “capable of providing the desired service policies
`related to the CAM entry.” Ex. 1003 ¶ 95 (citing Ex. 1004, 5:16–29). We
`credit Dr. Jakobsson’s testimony and supporting evidence and determine that
`Petitioner has established sufficiently that the combination of Nortel and the
`knowledge of a person of ordinary skill in the art teaches this limitation.
`Claim 13 recites “a security policy for determining a portion of the
`identified data packets to be processed by each of the applications.”
`Petitioner, relying on testimony of Dr. Jakobsson, contends Nortel teaches
`this limitation in teaching “a security policy (processing rule) for
`determining a portion (those matching the classifier) of the identified data
`packets (data packets identified by classifiers) to be processed by each of the
`applications (processor groups that apply the specified actions).” Pet. 32
`(citing Ex. 1003 ¶¶ 123–126). We credit Dr. Jakobsson’s testimony and
`supporting evidence and determine that Petitioner has established
`sufficiently that the combination of Nortel and the knowledge of a person of
`ordinary skill in the art teaches this limitation.
`Petitioner contends that it would have been obvious to implement
`Nortel’s processing rules as software applications, because a person of
`ordinary skill would have understood the term “application” to include any
`software or instructions, other than the operating system, used to perform
`specific functions on a computer, such as Nortel’s processing rules for
`performing desired security functions to specified data flows. Pet. 35–36
`(citing Ex. 1012, 4; Ex. 1013, 4; Ex. 1014, 4; Ex. 1003 ¶¶ 149–154). Dr.
`15
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`Jakobsson testifies that a person of ordinary skill in the art would have
`understood each processing rule in Figure 6A of Nortel comprises software
`instructions to perform specific functions, such as the corresponding
`associated action in the ACTION column for each rule, on data that matches
`the identified source, destination, and service classifiers. Ex. 1003 ¶ 154.
`Dr. Jakobsson testifies that a person of ordinary skill in the art would have
`had a reasonable expectation of success, because using generic computer
`processors with well-known security applications would successfully
`provide the security functionalities of Nortel. Ex. 1003 ¶¶ 154–155.
`We credit Dr. Jakobsson’s testimony and determine the Petition and
`supporting evidence articulates a reason with a rational underpinning that a
`person of ordinary skill in the art would have understood Nortel’s processing
`rules comprise software instructions to perform specific functions, and that a
`person of ordinary skill would have considered the software instructions to
`be applications. We determine that the Petition and supporting evidence
`adequately establishes a reasonable likelihood that the combination of Nortel
`and the knowledge of a person of ordinary skill in the art would have
`rendered claims 1 and 13 obvious.
`Claim 9 recites “wherein transmitting the identified packets in series
`to the applications includes transmitting the identified data packets to be
`processed by a first application before being processed by a second
`application.” Claim 11 recites a similar limitation. Petitioner contends this
`limitation is taught by Nortel’s teaching of forwarding data processed by one
`of the service cards to another packet service card, combined with the
`knowledge of a person of ordinary skill in the art. Pet. 28 (citing Ex. 1004,
`21:1–7; Ex. 1003 ¶¶ 106–107). Petitioner also contends this limitation is
`16
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`taught by Nortel’s teaching of applying processing rules in an order to
`ensure predictable and desired service policies, where different processing
`rules are implemented by different applications. Pet. 29–30 (citing Ex.
`1004, 9:16–19, 17:6–8, 20:7–8, 22:22–25; Ex. 1003 ¶ 108).
`We determine that the Petition and supporting evidence adequately
`establishes a reasonable likelihood that the combination of Nortel and the
`knowledge of a person of ordinary skill in the art would have rendered
`claims 9 and 11 obvious.
`Claim 10 recites “the second application is selected from a list
`consisting of an anti-virus application, a URL filter, a content filter, a
`firewall, an intrusion prevention service, and a database protection
`application.” Claim 12 recites a similar limitation. Petitioner contends this
`limitation is taught by Nortel’s teaching of rules for firewall parameters, and
`that a person of ordinary skill in the art would have understood that the
`processing rules are applications. Pet. 30 (citing Ex. 1004, 14:28–15:1; 1003
`¶¶ 111–112).
`We determine that the Petition and supporting evidence adequately
`establishes a reasonable likelihood that the combination of Nortel and the
`knowledge of a person of ordinary skill in the art would have rendered
`claims 10 and 12 obvious.
`Claim 16 recites “wherein the plurality of applications includes a
`monitoring application and a network data processing application, wherein
`the monitoring application includes an intrusion detection application and
`wherein the network data processing application includes at least one of a
`URL filter, a content filter, a firewall, and an intrusion prevention
`application.” Petitioner contends Nortel combined with the knowledge of a
`17
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`person of ordinary skill teaches this limitation for the reasons discussed for
`claim 10. Pet. 33. Petitioner also contends Nortel teaches this limitation in
`teaching a virtual private network with encryption and tunneling, which is
`intrusion prevention. Id. (citing Ex. 1004, 14:31–32, Ex. 1003 ¶¶ 128–134).
`We determine that the Petition and supporting evidence adequately
`establishes a reasonable likelihood that the combination of Nortel and the
`knowledge of a person of ordinary skill in the art would have rendered claim
`16 obvious.
`Claim 17 recites “wherein the plurality of applications includes a
`plurality of monitoring applications for monitoring data flows at a plurality
`of protocol layers, wherein the plurality of monitoring applications includes
`at least one intrusion detection application for detecting intrusions at a
`portion of the plurality of protocol layers.” Petitioner contends Nortel
`teaches this limitation in teaching processing rules for monitoring
`application layer protocols such as SMTP and TELNET, and transport layer
`protocols such as TCP and UDP. Pet. 33–34 (citing Ex. 1004, 23:1–29; Ex.
`1014, 8–10; Ex. 1015, 4–5; Ex. 1003 ¶¶ 137–141). Petitioner also contends
`that Nortel teaches this limitation in teaching service policies and processing
`rules that perform intrusion detection, such as rules relating to firewall
`parameters. Pet. 34 (citing Ex. 1004, 14:28–15:1; Ex. 1003 ¶ 142). We
`determine that the Petition and supporting evidence adequately establishes a
`reasonable likelihood that the combination of Nortel and the knowledge of a
`person of ordinary skill in the art would have rendered claim 17 obvious.
`Claim 18 recites “transmitting the identified data packets to be
`processed by a first application before being processed by a second
`application that is selected from a list consisting of an anti-virus application,
`18
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`a URL filter, a content filter, a firewall, an intrusion prevention service, and
`a database protection application.” Claim 19 recites a similar limitation.
`Petitioner contends that “transmitting the identified packets to be processed
`by a first application before being processed by a second application” is
`taught by Nortel and the knowledge of a person of ordinary skill for the
`reasons discussed for claim 9. Pet. 34. Petitioner contends an “application
`that is selected from a list consisting of an anti-virus application, a URL
`filter, a content filter, a firewall, an intrusion prevention service, and a
`database protection application” is taught by Nortel and the knowledge of a
`person of ordinary skill for the reasons discussed for claim 10. Pet. 35. We
`determine that the Petition and supporting evidence adequately establishes a
`reasonable likelihood that the combination of Nortel and the knowledge of a
`person of ordinary skill in the art would have rendered claims 18 and 19
`obvious.
`C. Asserted Obviousness over Nortel and Stone: Claims 2–8, 14, and 15
`1. Stone (Ex. 1005)
`Stone discloses a method and apparatus for accelerated packet
`processing. Ex. 1005, Title. A protocol data unit processor transfers
`protocol data units, or data packets, within a communications network. Ex.
`1005, Abstract, 1:31–35. The processor includes a preprocessor to establish
`subsequent processing requirements of a particular data packet. Ex. 1005,
`Abstract. Multiple preprocessors connected in either parallel or series may
`be used to increase the throughput of data packets. Ex. 1005, 11:59–61. In a
`parallel configuration, first and second preprocessors establish subsequent
`processing requirements of a particular received data packet. Ex. 1005,
`12:58–65.
`
`
`
`19
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`
`2. Claims 2–8, 14, and 15
`Claim 2 recites “transmitting the identified data packets in parallel to
`the applications includes parallel transmitting of the identified data packets
`to each of the identified application processor modules.” Claim 14 recites a
`similar limitation. Petitioner, relying on testimony of Dr. Jakobsson,
`contends this limitation is taught by the switch fabric of Nortel’s internet
`service node transmitting data packets in parallel to the packet service cards
`by applying Stone’s teaching of parallel transmission. Pet. 37–38 (citing Ex.
`1004, 21:1–5, 22:31–32, 23:1–29; Figs. 4 and 6A; Ex. 1005, 12:58–13:18,
`Fig. 4; Ex. 1003 ¶¶ 160–162). Petitioner, relying on testimony of Dr.
`Jakobsson, contends a person of ordinary skill in the art would have applied
`Stone’s parallel data transfer to the switch fabric of Nortel for the benefit of
`increasing the speed of transmitting a subscriber’s data packets to the
`appropriate service cards. Pet. 43–46 (citing Ex. 1005, 11:59–61; Ex. 1003
`¶¶ 192–199). Dr. Jakobsson testifies that a person of ordinary skill in the art
`would have been motivated to transfer data packets in parallel between
`Nortel’s switch fabric and packet service cards in order to increase the
`operating speed and efficiency of the system. Ex. 1003 ¶¶ 190–192 (citing
`Ex. 1012, 8; Ex. 1005 11:59–61).
`We credit Dr. Jakobsson’s testimony and determine the Petition and
`supporting evidence articulates a reason with a rational underpinning that a
`person of ordinary skill in the art would have applied Stone’s teaching of
`transferring data packets in parallel, to transfer data packets in parallel
`between Nortel’s switch fabric and packet service cards, for the benefit of
`increasing speed as taught by Stone. We determine that the Petition and
`supporting evidence adequately establishes a reasonable likelihood that the
`20
`
`
`
`
`
`IPR2018-00920
`Patent 9,525,696 B2
`
`combination of Nortel and Stone would have rendered claims 2 and 14
`obvious.
`Claim 3 recites “parallel transmitting of the identified data packets to
`a plurality of applications configured on one of the identified application
`processing modules.” Claim 15 recites a similar limitation. Petitioner,
`relying on testimony of Dr. Jakobsson, contends it would have been obvious
`to a person of ordinary skill in the art to apply Stone’s parallel data
`transmission to Nortel’s ISN, such that the processor interface in a single
`packet service card transmits data packets in parallel to each of the processor
`groups in cases where a single subscriber’s data packets must be processed
`according to multiple processing rules. Pet. 39–40 (citing Ex. 1003 ¶¶ 166–
`169). We determine that the Petition and supporting evidence adequately
`establishes a reasonable likelihood that the combination of Nortel and Stone
`would have rendered claims 3 and 15 obvious.
`Claim 4 recites “the plurality of applications includes a monitoring
`application and a network data processing application.” Petitioner contends
`Nortel teaches monitoring applications for the reasons discussed in claim 17.
`Pet. 40. Petitioner contends Nortel teaches network data processing
`applications in teaching policies and processing rules relating to priority in
`usage of buffer and bandwidth, traffic steering, and rules for accepting or
`dropping certain types of network traffic. Pet. 40–41 (citing Ex. 1004,
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
