Cisco Systems Inc v. SecurityProfiling LLC

1. Case Identification

• Case #: IPR2021-01242
• Patent #: 9,100,431
• Filed: July 9, 2021
• Petitioner(s): Cisco Systems, Inc.
• Challenged Claims: 1-2, 4-12, 14-20

2. Patent Overview

• Title: Management of Security of Computing and Network Devices
• Brief Description: The ’431 patent discloses a network security system where a server collects configuration data, including operating system information, from network devices. The server uses this data to identify vulnerabilities and select appropriate remediation techniques to counter network threats.

3. Grounds for Unpatentability

Ground 1: Obviousness over W-L - Claims 14, 19, and 20 are obvious over W-L.

• Prior Art Relied Upon: W-L (Patent 7,359,962)
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that W-L, which describes a unified network defense system, teaches every limitation of independent claim 14. W-L’s system includes a "signature database" that stores detection signatures containing "security rules, policies and algorithms" to mitigate vulnerabilities, which corresponds to the claimed "data structure identifying a plurality of mitigation techniques." Petitioner contended that W-L explicitly teaches identifying signatures based on a specific operating system (e.g., "malicious code intended to exploit a Microsoft IIS web server running on a Microsoft operating system"), directly mapping to the key limitation of identifying mitigation techniques based on an OS. W-L also disclosed automatically applying multiple mitigation techniques, such as "block and terminate actions," through its firewalling and intrusion detection functionalities.
  • Motivation to Combine (for §103 grounds): This ground is based on a single reference, arguing it renders the claims obvious.
  • Expectation of Success (for §103 grounds): Not applicable for a single-reference ground.

Ground 2: Obviousness over W-L in view of Hill - Claims 1-2, 4-12, and 15-18 are obvious over W-L in view of Hill.

• Prior Art Relied Upon: W-L (Patent 7,359,962) and Hill (Patent 6,088,804)
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner asserted that W-L taught most limitations of independent claim 1, which involves a user-interactive approach to mitigation, as opposed to the automated system of claim 14. W-L disclosed presenting vulnerability assessment information to a network administrator to specify actions. Hill was argued to supply the missing elements: displaying a list of mitigation techniques and receiving user input for selection. Hill described a system that presents a "mitigation list" of recommended actions on a display for a network manager to select, thereby teaching the claimed "displaying" and "receiving user input" limitations. The combination, therefore, taught a system that accesses a data structure of mitigation techniques (W-L), displays them to a user (Hill), and receives user input to apply a selected technique (Hill).
  • Motivation to Combine (for §103 grounds): A POSITA would combine the references for two primary reasons. First, to improve W-L’s system by adding a well-known user interface for administrator interaction, as taught by Hill, which was a predictable implementation detail. Second, to create a more robust, layered security architecture by combining W-L's perimeter defense with Hill's complementary internal network protection for attacks that bypass the perimeter.
  • Expectation of Success (for §103 grounds): A POSITA would have a high expectation of success because combining a backend security system (W-L) with a user interface for managing it (Hill) was a common and well-understood practice in network security.

4. Arguments Regarding Discretionary Denial

• §325(d) - Same or Substantially Same Art: Petitioner argued that denial under §325(d) was inappropriate despite W-L having been cited in an Information Disclosure Statement (IDS) during prosecution. Petitioner contended the Examiner committed a material error by failing to appreciate W-L's teachings. The Examiner allowed the claims based on the incorrect premise that the prior art failed to teach "identifying a remediation technique based on the operating system." Petitioner asserted that W-L explicitly teaches this, and since W-L was one of over 800 references in the IDS and never applied in a rejection, its evaluation was merely cursory.
• §314(a) - Fintiv Factors: Petitioner argued that the Fintiv factors weighed strongly against discretionary denial. The parallel district court litigation was in its very early stages, having been filed only three months prior to the IPR petition. Key milestones like the Markman hearing were months away, and no trial date was set. Petitioner asserted that it filed the petition expeditiously after infringement contentions were served, and that the PTAB’s Final Written Decision would likely issue well before any potential trial date, thus favoring institution to promote efficiency.

5. Relief Requested

• Petitioner requested the institution of an inter partes review and the cancellation of claims 1-2, 4-12, and 14-20 of the ’431 patent as unpatentable.