DCT

2:25-cv-00001

VPN Technology Holdings LLC v. Microsoft Corp

Log In
Key Events
Amended Complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:

  • Case Identification: 2:25-cv-00001, E.D. Tex., 11/11/2025

  • Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Texas because Microsoft maintains regular and established places of business in the district, both directly through its own facilities and employees, and indirectly through its agents, specifically Authorized Service Providers (ASPs) such as DXC Technology and TD Synnex, over which Microsoft allegedly exercises substantial control.

  • Core Dispute: Plaintiff alleges that Defendant’s Intune cloud-based endpoint management solution infringes a patent related to the automatic remote configuration of computers for Virtual Private Network (VPN) access.

  • Technical Context: The technology concerns simplifying the setup of secure network connections for remote devices, a critical function for enterprise IT management in enabling remote and hybrid workforces.

  • Key Procedural History: The complaint is a First Amended Complaint, filed to comply with the court's Docket Control Order. No other significant procedural history is mentioned.

Case Timeline

Date Event
2002-05-14 ’718 Patent Priority Date
2010-11-30 ’718 Patent Issue Date
2025-11-11 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,844,718 - System and Method for Automatically Configuring Remote Computer

The Invention Explained

  • Problem Addressed: The patent describes the process of manually configuring remote computers for VPN access as inconvenient, time-consuming, and prone to error. This often required a network administrator to physically visit the remote computer or guide a user through complex steps, leading to delays and mistakes (’718 Patent, col. 2:9-34).
  • The Patented Solution: The invention automates this process by using a "configuration generator" on an administrator's computer to create a self-contained "executable file." This executable file, when deployed to and run on a remote computer, automatically updates the remote computer's configuration settings (such as registry entries or Remote Access Service files) to establish the VPN connection, without requiring manual input from the remote user (’718 Patent, Abstract; col. 2:44-54). Figure 2 illustrates this core concept, where a software module (1020) processes network information to generate the executable.
  • Technical Importance: This approach aimed to centralize and simplify the deployment of secure network access for an increasing number of remote users, reducing the support burden on IT administrators and minimizing user-caused configuration errors (’718 Patent, col. 2:9-17).

Key Claims at a Glance

  • The complaint asserts at least independent Claim 1 (Compl. ¶40).
  • Essential elements of Claim 1 (a method claim) include:
    • Initiating, at a network administrator computer, an "installer program having an empty binary file."
    • Accessing a network database to extract "configuration data."
    • Applying the binary settings of the network to code a Remote Access Service (RAS) Application Programming Interface (API) to generate a "configuration data binary file."
    • Embedding the configuration data binary file as instructions in the RAS API.
    • Replacing the empty binary file with the configuration data binary file to generate an "executable file."
    • Deploying the executable file to the remote computer.
    • Executing the executable file on the remote computer to modify its configuration settings and establish a VPN connection.
  • The complaint does not explicitly reserve the right to assert dependent claims.

III. The Accused Instrumentality

Product Identification

The accused instrumentality is Microsoft’s "Intune" product (Compl. ¶35).

Functionality and Market Context

The complaint describes Intune as a "cloud-based endpoint management solution" that enables an administrator to remotely configure devices, including computers and laptops. Specifically, it alleges that Intune "allows an admin to configure a remote computer for a Virtual Private Network (VPN) by deploying VPN profiles via the cloud-based Intune product" (Compl. ¶35). A significant portion of the complaint is dedicated to establishing venue by alleging that Microsoft maintains regular and established places of business within the district through its control over Authorized Service Providers. For example, the complaint provides a screenshot from Microsoft's website listing "DXC Technology" as an authorized provider (Compl. ¶9, p. 3).

IV. Analysis of Infringement Allegations

The complaint references a claim chart in Exhibit B, which was not attached to the provided filing (Compl. ¶40, ¶45). The complaint alleges that Microsoft’s Intune product infringes at least Claim 1 of the ’718 Patent (Compl. ¶40). The infringement theory appears to be that the process of an administrator using the cloud-based Intune service to create and deploy a VPN profile to a remote device maps onto the steps of Claim 1. The creation of the VPN profile on Intune's servers is alleged to be equivalent to generating the claimed "executable file," and the automatic configuration of the remote device upon receiving the profile is alleged to be equivalent to the "executing" step of the claim (Compl. ¶35, ¶45).

Identified Points of Contention

  • Scope Questions: A central question may be whether Intune's "VPN profiles" fall within the scope of the term "executable file" as described in the patent. The defense may argue that a configuration profile or policy file is technically distinct from an executable program generated from an "installer program" as claimed.
  • Technical Questions: The infringement analysis may turn on whether the Intune system performs the specific steps recited in Claim 1, such as starting with an "installer program having an empty binary file" and "replacing" it with a "configuration data binary file." It raises the question of what evidence the complaint provides that Intune's modern, cloud-based architecture for generating configuration policies mirrors this specific claimed process.

V. Key Claim Terms for Construction

  • The Term: "executable file"

    • Context and Importance: This term is critical because the infringement allegation hinges on equating Microsoft Intune's "VPN profiles" with the claimed "executable file." The definition will determine whether Intune's method of deploying configuration settings can be seen as practicing the invention.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The patent specification describes the output functionally as a file that, "when executed, manipulates registry entries of the remote computer" (’718 Patent, col. 2:60-64). This functional description could support an argument that any file causing such automatic configuration, regardless of its precise format, is an "executable file."
      • Evidence for a Narrower Interpretation: Claim 1 recites a specific process for creating the file, stating it is generated by "replacing the empty binary file of the installer program with the configuration data binary file" (’718 Patent, col. 21:25-28). This language may support a narrower construction limited to a file created through this particular installer-based mechanism.

  • The Term: "installer program having an empty binary file"

    • Context and Importance: This is a specific antecedent step in Claim 1 for generating the "executable file." Plaintiff must demonstrate that the accused Intune system performs an equivalent step. Practitioners may focus on this term because it appears to describe a specific, potentially dated, implementation detail that may not be present in modern cloud-based management systems.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The specification's focus is on the overall goal of automating configuration. Language describing the invention as a "system and method for automatically configuring a remote computer" could be used to argue that this specific step should be interpreted functionally as any template-based generation process (’718 Patent, Title).
      • Evidence for a Narrower Interpretation: The claim language is highly specific. The patent also states that in a preferred embodiment, "the Microsoft installer program is used as the executable file" and that "the installer is the first program built" with "configuration data is initially empty" (’718 Patent, col. 9:26-33). This detailed description of a specific embodiment may be used to argue for a narrow construction tied to this implementation.

VI. Other Allegations

  • Indirect Infringement: The complaint alleges inducement, stating that Microsoft distributes "product literature and website materials inducing end users and others to use its products in the customary and intended manner that infringes the ’718 Patent" (Compl. ¶43). It is also alleged that Microsoft induces its subsidiaries, partners, and customers to infringe (Compl. ¶44).
  • Willful Infringement: The basis for willfulness is alleged post-suit knowledge. The complaint asserts that Microsoft has knowledge of its infringement "at least as of the service of the present complaint" and continues to infringe despite this knowledge (Compl. ¶38, ¶43).

VII. Analyst’s Conclusion: Key Questions for the Case

  1. A core issue will be one of technical equivalence: Does the architecture of Microsoft's modern, cloud-based Intune service, which generates and deploys configuration "profiles," practice the specific method steps recited in Claim 1 of the ’718 Patent, particularly the use of an "installer program having an empty binary file"?
  2. A central question of claim construction will be determinative: Can the term "executable file," as defined and used within the context of the 2002-priority-date patent, be construed to encompass the "VPN profiles" and management policies utilized by the accused Intune product?
  3. An evidentiary question will concern divided infringement: The complaint anticipates that some steps may be performed by a customer (Compl. ¶46). The case may therefore examine whether Microsoft "directs or controls" its customers' actions in a manner sufficient to attribute their performance of claim steps to Microsoft for the purposes of direct infringement.