PTAB

IPR2015-00978

Arista Networks, Inc. v. Cisco Systems, Inc.

Log In

1. Case Identification

  • Case #: IPR2015-00978
  • Patent #: 7,340,597
  • Filed: April 1, 2015
  • Petitioner(s): Arista, Inc.
  • Patent Owner(s): Cheriton
  • Challenged Claims: 1, 14-15, 29, 39-42, 63-64, 71-73, 84-86

2. Patent Overview

  • Title: Method and Apparatus for Securing a Communications Device Using a Logging Module
  • Brief Description: The ’597 patent discloses a system for securing a communications device through a logging module with restricted configurability. The logging module is configured to monitor the device's configuration, detect and communicate any changes, while the monitored device itself is restricted from altering the logging module's configuration.

3. Grounds for Unpatentability

Ground 1: Anticipation of Claims 1, 14-15, 29, 39-42, 63-64, and 71-73 by Sheikh

  • Prior Art Relied Upon: Sheikh (Application # 2002/0078382).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Sheikh anticipates the challenged claims by disclosing a security software system that monitors and tracks configuration changes on network devices. Sheikh’s system deploys a “small software package” called an “agent transport” (the claimed “logging module”) onto a host server (the claimed “communications device”). This agent uses various “sensors” to constantly monitor subsystems like firewalls and routers, detects configuration changes, and communicates this information to a central master transport for archival and analysis. Petitioner contended that Sheikh also discloses the key limitation of claim 15, as the agent’s configuration is secured via an encrypted file and can only be updated through an authentication process involving the master transport, thereby restricting the host device from changing the logging module's configuration. Petitioner further argued that elements such as a processor and computer-readable medium are inherently disclosed by Sheikh’s teaching of a software agent installed and executed on a host server.
    • Key Aspects: This ground asserted that Sheikh, a single reference, teaches every element of the independent claims, either expressly or inherently, including the security and reporting architecture at the core of the ’597 patent.

Ground 2: Obviousness of Claims 84-86 over Sheikh in view of Endicott

  • Prior Art Relied Upon: Sheikh (Application # 2002/0078382), Endicott (Patent 5,404,525).
  • Core Argument for this Ground:
    • Prior Art Mapping: This ground addressed claims requiring distinct "sets of instructions" for detecting and communicating changes. Petitioner asserted that Sheikh teaches the required functionality through its modular design of "sensor" and "eval" code blocks. Endicott was introduced to explicitly teach the well-known principles of object-oriented and modular programming, including organizing code into distinct "objects" or "instruction sets" for encapsulation and reusability.
    • Motivation to Combine: A person of ordinary skill in the art (POSITA) would have been motivated to apply the formal modular programming methodologies taught by Endicott to the system in Sheikh. Sheikh itself praised the benefits of its modular approach, such as enabling quick development and integration. Applying Endicott's established techniques to separate the functions of detecting and communicating changes into distinct instruction sets would be a predictable and logical design choice to improve maintainability, modification, and reusability.
    • Expectation of Success: A POSITA would have a high expectation of success, as combining known software design patterns (Endicott) with a security monitoring system (Sheikh) involves applying routine programming skills to achieve a predictable result.

Ground 3: Obviousness of Claims 29, 63-64, 73, and 86 over Sheikh in view of Iwayama

  • Prior Art Relied Upon: Sheikh (Application # 2002/0078382), Iwayama (European Patent No. 1,033,844).

  • Core Argument for this Ground:

    • Prior Art Mapping: This ground addressed the limitation of "broadcasting" change information, offered as an alternative if "broadcast" is construed narrowly as a one-to-all transmission. Petitioner argued that Sheikh discloses sending alerts to one or more administrators (multicasting) but not necessarily one-to-all broadcasting. Iwayama explicitly discloses a system that monitors for status changes and transmits a notification to a group of information terminals "in a broadcasting manner."
    • Motivation to Combine: A POSITA would be motivated to enhance Sheikh's notification system with the true broadcasting taught by Iwayama to ensure that configuration change information is disseminated efficiently and simultaneously to all relevant network devices or security monitors. This would be a known method for improving network-wide awareness and response time, a clear benefit for a security system like Sheikh's.
    • Expectation of Success: A POSITA would expect success in integrating a known broadcasting protocol (Iwayama) into a network alert system (Sheikh), as this represents the combination of known technologies to achieve their intended, predictable functions.

  • Additional Grounds: Petitioner asserted an additional obviousness challenge (Ground 2) for claims 71-73 and 84-86 over Sheikh alone, as an alternative to the inherency arguments in Ground 1. This ground argued that even if elements like a "processor" or distinct "sets of instructions" were not found to be inherent in Sheikh, it would have been obvious to a POSITA to implement Sheikh’s software-based system using a standard server with a processor and to organize the code using well-known modular programming concepts.

4. Key Claim Construction Positions

  • "Broadcast": Petitioner proposed two constructions. The primary position, based on the ’597 patent’s specification, was that "broadcast" should be construed as "a transmission to one or more devices," rather than its technical meaning of "one-to-all." This broader construction would support the anticipation argument under Ground 1.
  • "Set of Instructions": Petitioner argued this term lacks a plain and ordinary meaning in the art. Based on the specification, it should be construed broadly as "a group of steps implemented on a computer to perform a task." This construction supports the argument that Sheikh's functional code blocks meet the limitation, or alternatively, that creating such sets would be obvious.

5. Relief Requested

  • Petitioner requested institution of an inter partes review and cancellation of claims 1, 14-15, 29, 39-42, 63-64, 71-73, and 84-86 of the ’597 patent as unpatentable.