Forescout Technologies Inc v. Fortinet Inc

1. Case Identification

• Case #: IPR2021-00914
• Patent #: 8,458,314
• Filed: May 14, 2021
• Petitioner(s): Forescout Technologies, Inc.
• Patent Owner(s): Fortinet, Inc.
• Challenged Claims: 1-13, 15-18, and 20

2. Patent Overview

• Title: System and Method for Offloading IT Network Tasks
• Brief Description: The ’314 patent describes a network control system that allows a primary network administrator to delegate specific network management tasks to other users, termed "sponsors." The system uses "templates" (representing IT tasks) and "profiles" (defining a sponsor's scope of control) to manage access and privileges for network endpoints.

3. Grounds for Unpatentability

Ground 1: Obviousness over Patrick - Claims 1, 4-6, 8, 15, 16, 18, and 20 are obvious over Patrick.

• Prior Art Relied Upon: Patrick (Application # 2005/0081063).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Patrick, which discloses a "Delegated Administration for a Distributed Security System," teaches every element of the independent claims. Patrick describes delegating a "role or privilege" from a primary administrator (the "delegator") to another user (the "delegate"), which is analogous to the ’314 patent's administrator-to-sponsor delegation. Patrick's use of "policies" to define user rights, resources, and constraints corresponds to the patent's "templates," and its use of "roles" to define user capabilities corresponds to the patent's "profiles." Petitioner contended that Patrick explicitly discloses creating these policies and roles, associating them with specific users, and delegating administrative privileges, thereby mapping to the core steps of claims 1, 15, and 20.
  • Motivation to Combine (for §103 grounds): This ground relies on a single reference, which Petitioner asserted renders the claims obvious without combination.
  • Expectation of Success (for §103 grounds): Not applicable as this ground uses a single reference.

Ground 2: Obviousness over Patrick in View of Roese - Claims 2, 3, 7, 10, 11, 13, and 17 are obvious over Patrick in view of Roese.

• Prior Art Relied Upon: Patrick (Application # 2005/0081063) and Roese (Application # 2003/0217122).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner asserted that Patrick provides the foundational framework for delegated network administration, as described in Ground 1. Roese, which teaches location-based access control, was argued to supply the more granular device-management features recited in the dependent claims. Specifically, Roese discloses identifying endpoints by detecting parameters such as IP range, port, physical location, and MAC address (claim 2), defining profiles with various time-based and device-based permissions (claims 3 and 10), and limiting network access by segment, resource, or connection method (claim 7).
  • Motivation to Combine (for §103 grounds): A POSITA would combine Patrick and Roese to improve network security. Petitioner argued that Patrick expressly suggests its system allows for "simple integration with third-party security products." Roese, with its focus on device-level and location-based security, represents exactly the type of third-party system a POSITA would integrate into Patrick's flexible policy and delegation framework to add more sophisticated, device-specific access controls.
  • Expectation of Success (for §103 grounds): A POSITA would have an expectation of success because combining Roese's device parameter detection with Patrick's policy engine is a straightforward application of known technologies to enhance network security.

Ground 3: Obviousness over Patrick in View of Gilde - Claims 8, 9, and 12 are obvious over Patrick in view of Gilde.

• Prior Art Relied Upon: Patrick (Application # 2005/0081063) and Gilde (Patent 8,520,512).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner maintained that Patrick provides the core delegated administration system. Gilde, which discloses a network appliance for customizable quarantining, was argued to supply the specific teachings related to guest user management. Gilde explicitly teaches providing "guest access" (claim 8) through methods like a captive web portal. Gilde further discloses creating guest templates that define a time period for access, assign a limited role, enforce compliance via a "scan policy" (e.g., for antivirus), and use a specific authentication method (claim 9).
  • Motivation to Combine (for §103 grounds): A POSITA would combine Patrick and Gilde to add robust guest management capabilities to a delegated administration system. As with Roese, Petitioner pointed to Patrick’s disclosure of integrating with third-party security products. Gilde provides a well-defined solution for guest access—a common requirement in enterprise networks. A POSITA would be motivated to use Patrick’s delegation framework to allow specific "sponsors" (e.g., department heads) to manage guest users according to the specific rules and policies disclosed in Gilde.
  • Expectation of Success (for §103 grounds): The combination would be predictable, as it involves using Patrick’s known policy engine to control the known guest access features taught by Gilde.

4. Key Claim Construction Positions

• Petitioner argued for constructions of key terms that are broader than those proposed by the Patent Owner in related district court litigation.
• "profile(s)": Petitioner proposed "data that defines the scope and limitations of a sponsor's control," whereas Patent Owner proposed a more specific "machine-readable sets/set of specifications..."
• "template(s)": Petitioner proposed "data that defines the scope and limitations of an IT task," whereas Patent Owner proposed a more detailed "machine-readable sets/set of rules and/or patterns..."
• Petitioner asserted that the prior art renders the claims obvious under either party's proposed constructions.

5. Arguments Regarding Discretionary Denial

• Petitioner argued against discretionary denial under Fintiv, contending that institution is proper because the parallel district court litigation was in a very early stage.
• Key factors cited by Petitioner included: no trial date had been set, claim construction had not yet occurred, discovery was minimal, and a stay pending the outcome of the IPR was likely to be granted by the court. Petitioner also noted that the IPR raises prior art that was not considered during prosecution, reducing the risk of duplicative efforts.

6. Relief Requested

• Petitioner requests institution of an inter partes review and cancellation of claims 1-13, 15-18, and 20 of the ’314 patent as unpatentable under 35 U.S.C. §103.