DCT
4:25-cv-03969
PacSec3 LLC v. Fastly Inc
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: PacSec3, LLC (Texas)
- Defendant: Fastly, Inc. (Delaware)
- Plaintiff’s Counsel: Ramey LLP
- Case Identification: 4:25-cv-03969, S.D. Tex., 08/21/2025
- Venue Allegations: Plaintiff alleges venue is proper because Defendant has a regular and established place of business within the Southern District of Texas.
- Core Dispute: Plaintiff alleges that Defendant’s firewall systems infringe a patent related to a distributed defense system against data packet flooding attacks, commonly known as Denial-of-Service (DoS) attacks.
- Technical Context: The technology addresses network security by providing a method for identifying and throttling malicious traffic based on its network path, rather than relying on potentially falsified source address information.
- Key Procedural History: The patent-in-suit, U.S. Patent No. 7,523,497, underwent an ex parte reexamination proceeding that concluded in 2023. In that proceeding, the U.S. Patent and Trademark Office confirmed the patentability of asserted claim 10, while several other claims were canceled. The complaint also notes that Plaintiff is a non-practicing entity and has previously entered into settlement licenses related to its patents.
Case Timeline
| Date | Event |
|---|---|
| 2000-11-16 | ’497 Patent Priority Date |
| 2009-04-21 | ’497 Patent Issue Date |
| 2023-05-22 | ’497 Patent Reexamination Certificate Issued |
| 2025-08-21 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 7,523,497 - "PACKET FLOODING DEFENSE SYSTEM"
- Patent Identification: U.S. Patent No. 7,523,497, issued April 21, 2009. (Compl. ¶13).
The Invention Explained
- Problem Addressed: The patent addresses "packet flooding attacks," where an attacker attempts to consume a victim's entire network bandwidth by sending large volumes of useless data, thereby preventing legitimate traffic. (’497 Patent, col. 2:6-11). The background section notes that a key challenge is that attackers can "falsify the source address" of malicious packets, which confounds defenses that rely on blocking specific sources. (’497 Patent, col. 2:2-5).
- The Patented Solution: The invention proposes a distributed defense where routers and the target computer (the "victim") cooperate. The system relies on determining the actual network path that packets travel, using "attacker-independent information." (’497 Patent, col. 4:62-67). Routers along the path provide "packet marks" that allow the destination system to identify the route taken by incoming traffic. (’497 Patent, col. 8:19-23). The victim can then classify packets based on their path and instruct upstream routers to limit the rate of unwanted packets originating from a specific path, effectively throttling the attack at a point closer to its origin. (’497 Patent, col. 3:5-11; Abstract).
- Technical Importance: This path-based approach was designed to be resilient to source address spoofing, a common technique used to bypass simpler IP address-based blocking mechanisms in DoS attacks. (Compl. ¶14).
Key Claims at a Glance
- The complaint asserts independent claim 10. (Compl. ¶15).
- The essential elements of claim 10 include:
- A method for packet flooding defense performed at a router.
- Determining a path by which data packets arrive at the router "via packet marks provided by routers leading to said host computer."
- Classifying the received data packets "by path."
- Associating a "maximum acceptable transmission rate" with each class of data packet.
- Allocating a transmission rate for unwanted data packets that is "equal to or less than" the associated maximum rate.
- The complaint does not explicitly reserve the right to assert other claims.
III. The Accused Instrumentality
Product Identification
The complaint identifies the accused instrumentality as "one or more firewall systems" that Defendant has offered for sale, sold, and manufactured. (Compl. ¶15).
Functionality and Market Context
The complaint does not provide specific details about the technical operation of the accused firewall systems. It alleges in general terms that these systems are used for defense against data packet flood attacks and are available to businesses and individuals throughout the United States. (Compl. ¶14, ¶19). The complaint does not provide sufficient detail for analysis of the accused instrumentality's specific functionality.
IV. Analysis of Infringement Allegations
The complaint references a claim chart in Exhibit B which was not provided with the filed document. (Compl. ¶16, ¶21). The infringement theory is therefore based on the general allegations in the complaint, which state that Defendant’s firewall systems practice the method of claim 10. (Compl. ¶15). Without the claim chart, a detailed element-by-element analysis of the allegations is not possible.
No probative visual evidence provided in complaint.
- Identified Points of Contention: Based on the language of claim 10 and the general nature of the allegations, key disputes may center on the following technical and legal questions:
- Scope Questions: The infringement analysis will likely depend on whether Defendant's systems "determine a path" using a mechanism that falls within the scope of the claim term "packet marks provided by routers." A central question will be whether the accused technology, which may use different proprietary or standard protocols for traffic analysis, can be shown to meet this specific limitation.
- Technical Questions: What evidence does the complaint provide that the accused firewalls perform the specific step of "classifying data packets... by path" and then "allocating a transmission rate" based on that path classification? The case will require technical evidence demonstrating that the accused systems operate in this manner, rather than using other DDoS mitigation techniques such as rate-limiting by source IP, content filtering, or behavioral analysis.
V. Key Claim Terms for Construction
- The Term: "packet marks provided by routers"
- Context and Importance: This term appears to describe the core technical mechanism for obtaining the path information necessary to practice the invention. The construction of this term will be critical, as it will determine whether the claim is limited to a specific implementation of packet marking or can cover a broader range of path-tracing technologies. Practitioners may focus on this term because modern DDoS mitigation services use various complex methods to trace and analyze traffic, and the applicability of this claim language to those methods will be a central point of dispute.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent specification describes the concept in functional terms, stating the invention uses "attacker-independent information about the path a packet takes" and that this is done "via packet marks provided by routers leading up to the victim." (’497 Patent, col. 4:62-65). A plaintiff may argue that this functional description supports interpreting the term to cover any data supplied by upstream routers that allows for path determination.
- Evidence for a Narrower Interpretation: A defendant may argue that the repeated and specific use of the phrase "packet marks" implies a requirement that information is physically added to or associated with the data packets themselves for the purpose of tracing. The specification's discussion of a "cooperating neighborhood" of routers could also be used to argue that the "marks" must originate from routers that are part of a specific, pre-defined system, potentially narrowing the scope. (’497 Patent, col. 2:30-34).
VI. Other Allegations
- Indirect Infringement: The prayer for relief alleges that Defendant induces infringement "by using and instructing to use Defendant's products." (Compl. Prayer ¶a). The complaint does not, however, plead specific facts supporting the element of intent, such as citations to user manuals, marketing materials, or other instructional documents.
- Willful Infringement: The complaint makes a conditional allegation of willfulness, stating that infringement should be declared willful if discovery reveals pre-suit knowledge of the patent. (Compl. Prayer ¶e). This suggests that Plaintiff does not currently allege facts supporting pre-suit knowledge.
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of technical evidence: Can Plaintiff produce evidence that the accused Fastly systems perform the specific, sequential method steps of Claim 10? The case will depend on whether discovery shows that Defendant's technology determines traffic routes using "packet marks," classifies traffic "by path," and allocates transmission rates based on that specific path classification, as distinguished from other methods of DDoS mitigation.
- A second key issue will be one of claim scope: How will the court construe "packet marks provided by routers"? The viability of the infringement case will likely turn on whether this term is interpreted narrowly to require a specific data-marking protocol, or broadly enough to read on the methods for traffic source and path analysis used in modern content delivery and network security platforms.
- Finally, a significant question involves the procedural history: What impact will the confirmation of claim 10 during ex parte reexamination have on the litigation? While this proceeding strengthens the patent’s presumption of validity, the case will test whether the infringement theory can map the confirmed claim language onto the accused technology.