DCT

1:24-cv-00215

Edge Networking Systems LLC v. Microsoft Corp

Log In

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 1:24-cv-00215, W.D. Tex., 02/29/2024
  • Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Microsoft maintains regular and established places of business in the district, including multiple data centers and corporate sales offices, and has committed the alleged acts of infringement within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s cloud-based products, including the Forza Horizon 5 video game and the Microsoft 365 software suite, infringe patents related to a managed architecture for distributed software-defined networking.
  • Technical Context: The technology at issue relates to architectures for deploying, managing, and securing containerized applications across a distributed network of cloud platforms and edge devices, a foundational element of modern cloud computing and microservice-based applications.
  • Key Procedural History: The front pages of the patents-in-suit indicate they are subject to terminal disclaimers, a procedural tool used during patent prosecution to overcome a non-statutory double patenting rejection, which may limit the patents' enforceable term to that of an earlier-expiring patent.

Case Timeline

Date Event
2013-06-13 Earliest Priority Date for ’871, ’095, and ’823 Patents
2020-06-16 U.S. Patent No. 10,686,871 Issues
2021-01-12 U.S. Patent No. 10,893,095 Issues
2023-07-04 U.S. Patent No. 11,695,823 Issues
2024-02-29 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 10,686,871 - "Distributed Software Defined Networking"

  • Patent Identification: U.S. Patent No. 10,686,871, titled "Distributed Software Defined Networking," issued June 16, 2020.
  • The Invention Explained:
    • Problem Addressed: The patent’s background section describes the problem of existing network solutions being built on proprietary hardware and rigid software, which makes it time-consuming, resource-intensive, and difficult for network operators to add new or customized features to their infrastructure (’871 Patent, col. 1:23-33).
    • The Patented Solution: The patent proposes a “Distributed Software Defined Network” (dSDN) architecture that enables flexible programmability across a network. The system comprises a “flexible network device” (fxDevice) at the edge and a “flexible cloud platform” (fxCloud) in the backend, which securely communicate to form a distributed application. An “application management portal” (fxManager) provides full lifecycle management for these applications, which are sourced from an application marketplace (fxStore), thereby simplifying deployment and harmonizing it across different hardware vendors (’871 Patent, Abstract; Fig. 3).
    • Technical Importance: This architectural approach aimed to decouple network control from underlying hardware, a central tenet of the software-defined networking (SDN) movement that sought to reduce vendor lock-in and increase network programmability (’871 Patent, col. 7:46-52).
  • Key Claims at a Glance:
    • The complaint asserts independent claims 1 and 9 (Compl. ¶58).
    • Independent Claim 1 recites a system comprising:
      • A programmable network device hosting first network applications.
      • A programmable cloud device hosting second network applications, where the first and second applications are in secure communication to form a distributed application.
      • A sandboxing operating system powering both the network and cloud devices.
      • An application management portal for managing upgrades with substantially no interruption.
      • The portal verifies the authenticity of upgrades using unique security keys.
      • An application repository coupled to the portal for storing applications.
      • The portal manages the usage of the distributed applications.
    • Independent Claim 9 recites a similar system, specifying that the programmable cloud device has a plurality of virtual machines.
    • The complaint reserves the right to assert additional claims (Compl. ¶58).

U.S. Patent No. 10,893,095 - "Distributed Software Defined Networking"

  • Patent Identification: U.S. Patent No. 10,893,095, titled "Distributed Software Defined Networking," issued January 12, 2021.
  • The Invention Explained:
    • Problem Addressed: As a continuation of the same patent family, the ’095 Patent addresses the same problem of inflexible and proprietary network infrastructure that hinders innovation and customization by network operators (’095 Patent, col. 1:23-33).
    • The Patented Solution: The patent discloses the same dSDN architecture as the ’871 Patent, featuring a flexible network device (fxDevice), a flexible cloud platform (fxCloud), and an application management portal (fxManager) to orchestrate the deployment and management of distributed applications across the network (’095 Patent, Abstract; col. 1:35-44).
    • Technical Importance: As with the ’871 Patent, this architecture provided a framework for creating more programmable and vendor-agnostic network environments, a key objective in the evolution of cloud and network infrastructure (’095 Patent, col. 7:46-52).
  • Key Claims at a Glance:
    • The complaint asserts independent claims 1 and 15 (Compl. ¶72).
    • Independent Claim 1 recites a system comprising:
      • A programmable network device hosting first network applications.
      • A programmable cloud device hosting second network applications, in secure communication via a virtual fabric to form a distributed application.
      • A sandboxing operating system on both devices facilitating deployment.
      • An application management portal for managing upgrades with substantially no interruption.
      • The portal verifies authenticity of upgrades based on security keys.
      • An application repository coupled to the portal.
      • The portal manages usage of the distributed applications.
    • Independent Claim 15 recites a similar system, specifying that the programmable cloud device includes virtual machines and that the application management portal manages provisioning, usage, and de-provisioning.
    • The complaint reserves the right to assert additional claims (Compl. ¶72).

U.S. Patent No. 11,695,823 - "Distributed Software Defined Networking"

  • Patent Identification: U.S. Patent No. 11,695,823, titled "Distributed Software Defined Networking," issued July 4, 2023 (Compl. ¶22).
  • Technology Synopsis: Continuing the same patent family, the ’823 Patent addresses the inflexibility of proprietary network infrastructure by disclosing a dSDN architecture. This system uses network devices and a cloud platform to run distributed applications managed by a central portal, with a focus on enabling unified application programming interfaces (APIs) that are independent of the underlying hardware (’823 Patent, Abstract; col. 34:49-54).
  • Asserted Claims: Independent claims 1 and 19 are asserted (Compl. ¶86).
  • Accused Features: The complaint alleges infringement by the architecture of Forza and Microsoft 365, which uses Azure Kubernetes Service (AKS) to create what is alleged to be a unified set of capabilities for programming and deploying applications independent of the specific hardware (Compl. ¶¶ 88, 91).

III. The Accused Instrumentality

Product Identification

  • Microsoft Forza Horizon 5 ("Forza") and the Microsoft 365 family of software ("365") (Compl. ¶33).

Functionality and Market Context

  • The complaint alleges that both Forza and 365 are built upon a "managed distributed application architecture" that utilizes Microsoft’s Azure Kubernetes Service (AKS) to deploy, scale, and manage containerized applications (Compl. ¶¶33, 37).
  • Forza is described as featuring "17 core microservices that run in Windows containers hosted on AKS," while 365 is described as running "highly scalable services in Windows containers hosted on AKS clusters" (Compl. ¶¶36, 48).
  • The accused architecture is alleged to consist of customer-managed "nodes" (Azure virtual machines) that provide cloud infrastructure and run a container runtime, and an Azure-managed "control plane" that automates deployment and management (Compl. ¶¶37-39). Figure 2 of the complaint provides a diagram of the Forza architecture, illustrating how an Xbox client interacts with microservices like "Leaderboards" and "Notifications" running in an AKS cluster (Compl. p. 11).
  • The architecture is also alleged to use an API gateway, which acts as a "front door for all client requests," routing them from applications to the appropriate backend microservices and aggregating the results to send back to the client application (Compl. ¶¶41, 44).

IV. Analysis of Infringement Allegations

10,686,871 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
a programmable network device hosting a plurality of first network applications The API gateway in Forza and 365, which comprises containerized applications running on nodes (virtual machines) that process data flows by accepting and forwarding requests. ¶60 col. 1:37-39
a programmable cloud device hosting a plurality of second network applications... wherein the at least one of the plurality of first network applications ... and at least one of the plurality of second network applications ... are in secure communication ... to form a distributed application The backend containers running on nodes outside the API gateway, which communicate with the API gateway applications via a "virtual fabric" to form the distributed application. ¶¶61-62 col. 1:39-42
wherein the programmable network device and programmable cloud device are each powered by a sandboxing operating system which facilitates deployment of the plurality of first and second network applications The nodes (virtual machines) for both the API gateway and backend, which each have an OS and a container runtime that run applications as "isolated containerized applications." ¶63 col. 9:18-21
an application management portal coupled to the programmable network device and programmable cloud device and capable of managing upgrades of the first and second network applications with substantially no interruption to operation The AKS control plane, which is coupled to the nodes and allegedly enables "blue-green deployments" to manage upgrades with minimal disruption. Figure 3 in the complaint depicts the AKS control plane managing nodes (Compl. p. 13). ¶64 col. 1:42-44
wherein the application management portal verifies authenticity of the upgrades ... based on unique security keys associated with the first and second network applications The AKS control plane, which is alleged to be capable of using Notary V2 to sign artifacts with private keys and validate them with public keys. ¶65 col. 11:31-34
an application repository coupled to the application management portal and capable of storing distributed applications for installation The Azure Container Registry, which stores container images and is coupled to the AKS control plane. Figure 1 of the complaint depicts the Azure Container Registry as part of the M365 architecture (Compl. p. 11). ¶66 col. 10:15-17
wherein the application management portal further manages usage of the distributed applications The AKS control plane, which manages applications by scheduling nodes, replicating pods, and handling node operations. ¶67 col. 40:1-4

10,893,095 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
a programmable network device hosting a plurality of first network applications The API gateway in Forza and 365, comprising containerized applications on virtual machine nodes that process data flows. ¶74 col. 1:37-39
a programmable cloud device having plurality of virtual machines wherein at least one of the virtual machines host a least one of a plurality of second network applications ... wherein at least one of the plurality of first network applications... and at least one of the plurality of second network applications ... are in secure communication ... to form a distributed application The backend containers running on nodes (virtual machines) outside the API gateway, which securely communicate with the API gateway applications via a "virtual fabric." ¶¶75-76 col. 1:39-42
wherein the programmable network device and programmable cloud device are each powered by a sandboxing operating system which facilitates deployment The nodes for both the API gateway and backend, which each run an OS and a container runtime to deploy isolated containerized applications. ¶77 col. 9:18-21
an application management portal coupled to the programmable network device and programmable cloud device and capable of managing upgrades... with substantially no interruption to operation... by virtue of the Guest OS and container runtime... providing a sandboxing operating system facilitating deployment isolated and coexisting containers The AKS control plane, coupled to the network and cloud devices, which allegedly enables blue-green deployments by deploying isolated and coexisting containers managed by the guest OS and container runtime on the nodes. ¶78 col. 1:42-44
wherein the application management portal verifies authenticity of upgrades to the network applications... based on unique security keys The AKS control plane, which is alleged to be capable of using Notary V2 to verify signatures on artifacts based on public and private keys. ¶79 col. 11:31-34
an application repository that is coupled to the... application management portal and that is capable of storing distributed applications The Azure Container Registry, which is coupled to the AKS control plane and stores container images (distributed applications) for installation. ¶80 col. 10:15-17
wherein the application management portal manages provisioning, usage and de-provisioning of the distributed applications The AKS control plane, which manages the application lifecycle by scheduling nodes, replicating pods, and handling node operations. ¶81 col. 40:1-4

Identified Points of Contention

  • Scope Questions: A central question may be whether Microsoft's general-purpose cloud computing services (AKS, Azure Container Registry) can be construed to meet the specific claim terms of the patents, which describe a more integrated, purpose-built architecture (e.g., "fxDevice," "fxCloud," "fxManager"). The defense may argue that mapping these general services onto the specific patent terminology represents an impermissible broadening of the claims beyond what was invented and disclosed.
  • Technical Questions: The complaint alleges that the "sandboxing operating system" is met by a node's OS and container runtime. A potential point of contention is whether this combination performs the specific functions attributed to the "fxOS" in the patent specification, which includes features like FastPath processing for data packets and a programmable firewall (’871 Patent, col. 11:8-42).

V. Key Claim Terms for Construction

The Term: "programmable network device"

  • Context and Importance: This term is critical as it defines the "edge" component of the claimed architecture. The complaint maps this term to an "API gateway" composed of software containers running on virtual machines in a cloud data center. The case may turn on whether a software construct within a cloud environment can be considered a "network device" as contemplated by the patent.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The claims themselves use the general term "programmable network device," and the specification states the dSDN architecture is not limited to wireless networks and could be applied to data centers (’871 Patent, col. 8:1-5). This may support an interpretation that covers any programmable element that processes data flows.
    • Evidence for a Narrower Interpretation: The specification's primary embodiment describes the "fxDevice" as networking equipment like a cellular base station or WiFi access point, which are distinct hardware elements at the network edge (’871 Patent, col. 7:50-52; col. 10:60-61). The detailed description of the "fxOS" operating system for the device focuses on features relevant to such edge hardware, like wireless management and baseband SoC drivers (’871 Patent, Fig. 4; col. 12:36-39).

The Term: "application management portal"

  • Context and Importance: The complaint equates this term with the Azure Kubernetes Service (AKS) control plane. The functionality of the AKS control plane—which is largely automated and API-driven—will be compared against the functionality of the "fxManager" described in the patent.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The claims require the portal to be "capable of managing upgrades" and "usage." The complaint alleges the AKS control plane performs these functions through automated processes like blue-green deployments and pod scheduling (Compl. ¶¶64, 67). This may align with a broad functional definition of the term.
    • Evidence for a Narrower Interpretation: The specification describes the "fxManager" as a "user-friendly portal" for a human network administrator, presenting features like a "geographical map illustrating locations of fxDevices" and an application review tool (’871 Patent, col. 10:51-54; col. 16:31-33). This suggests a more interactive, user-facing system than the automated AKS control plane.

VI. Other Allegations

  • Indirect Infringement: The complaint does not provide sufficient detail for analysis of indirect infringement. While it makes a passing reference to "indirectly" infringing, it offers no specific factual allegations to support the knowledge and intent required for induced infringement or the sale of a specific non-staple component for contributory infringement (Compl. ¶33).
  • Willful Infringement: The complaint seeks enhanced damages in its prayer for relief (Compl. p. 35, ¶c). However, the complaint does not allege that Microsoft had knowledge of the patents-in-suit prior to the filing of the lawsuit. This suggests any claim for willful infringement may be based on alleged post-filing conduct.

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of definitional scope: can the elements of the patents' specific, integrated "Distributed Software Defined Network" architecture be construed to cover Microsoft's general-purpose, horizontally-scalable cloud services? For example, does the largely automated AKS control plane meet the limitations of the claimed "application management portal", which the specification describes as a "user-friendly portal" for a human administrator?
  • A key technical question will be one of operational correspondence: does the accused "sandboxing operating system"—alleged to be a standard guest OS on a virtual machine running a container runtime—perform the specific, multi-part networking functions of the patented "sandboxing operating system" ("fxOS"), which is described in the specification as including specialized features like FastPath processing and deep packet inspection?